www.westinstore.com Open in urlscan Pro
2600:9000:2510:e00:1c:42e6:6b80:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://freeheavenlybed.com/
Effective URL:
https://www.westinstore.com/
Submission: On October 03 via api (October 3rd 2023, 4:36:17 pm UTC) from US — Scanned from US

Summary HTTP 207 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 54 IPs in 4 countries across 54 domains to perform 207 HTTP transactions. The main IP is 2600:9000:2510:e00:1c:42e6:6b80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.westinstore.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on February 1st 2023. Valid for: a year.

This is the only time www.westinstore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.45.82.169 96.45.82.169	16552 (TIGGEE) (TIGGEE)
50	2600:9000:251... 2600:9000:2510:e00:1c:42e6:6b80:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
1	34.196.184.138 34.196.184.138	14618 (AMAZON-AES) (AMAZON-AES)
20	2600:1400:900... 2600:1400:9000:19e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2 20	54.190.231.22 54.190.231.22	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
7	104.126.112.117 104.126.112.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.81.33.81 35.81.33.81	16509 (AMAZON-02) (AMAZON-02)
1 1	3.218.191.219 3.218.191.219	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.140.36.112 63.140.36.112	16509 (AMAZON-02) (AMAZON-02)
5 11	68.67.160.186 68.67.160.186	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
5 7	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8 8	142.250.65.198 142.250.65.198	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:440... 2606:4700:4400::6812:2412	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21d... 2600:9000:21dd:3800:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2	18.173.140.104 18.173.140.104	16509 (AMAZON-02) (AMAZON-02)
1 2	216.34.207.41 216.34.207.41	25751 (VALUECLICK) (VALUECLICK)
1	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
10	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:1400:900... 2600:1400:9000::687e:74c0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
2	18.173.132.247 18.173.132.247	16509 (AMAZON-02) (AMAZON-02)
2	3.222.111.229 3.222.111.229	14618 (AMAZON-AES) (AMAZON-AES)
10 11	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:79::84 2a04:4e42:79::84	54113 (FASTLY) (FASTLY)
1 1	184.29.161.102 184.29.161.102	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
4 4	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
2	18.213.153.175 18.213.153.175	14618 (AMAZON-AES) (AMAZON-AES)
1	34.199.166.235 34.199.166.235	14618 (AMAZON-AES) (AMAZON-AES)
5 6	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:ae80:147... 2606:ae80:1471:19::1140	25751 (VALUECLICK) (VALUECLICK)
2	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	2606:ae80:145... 2606:ae80:1451:13::2360	25751 (VALUECLICK) (VALUECLICK)
1	2600:1f18:612... 2600:1f18:612b:4232:2423:bda:ecda:97c4	14618 (AMAZON-AES) (AMAZON-AES)
1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1	2600:9000:211... 2600:9000:211c:da00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	174.129.211.22 174.129.211.22	14618 (AMAZON-AES) (AMAZON-AES)
1	100.24.189.89 100.24.189.89	14618 (AMAZON-AES) (AMAZON-AES)
4 6	35.190.52.204 35.190.52.204	15169 (GOOGLE) (GOOGLE)
5	104.77.220.247 104.77.220.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
2 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f16:b8a... 2600:1f16:b8a:8e02:f974:5106:aab1:ba10	16509 (AMAZON-02) (AMAZON-02)
7 7	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	152.136.187.208 152.136.187.208	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
207	54

1 96.45.82.169 (United States) 1 redirects

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com

freeheavenlybed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2600:9000:2510:e00:1c:42e6:6b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.westinstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.184.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-184-138.compute-1.amazonaws.com

514006899.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:1400:9000:19e::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 54.190.231.22 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-190-231-22.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.126.112.117 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-117.deploy.static.akamaitechnologies.com

cache.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.33.81 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-33-81.us-west-2.compute.amazonaws.com

marriottinternationa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.191.219 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-191-219.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.36.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-112.data.adobedc.net

smetrics.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 68.67.160.186 (New York, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.65.162 (Old Bridge, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.65.198 (Old Bridge, United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2412 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:3800:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.140.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-140-104.jfk52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.34.207.41 (United States) 1 redirects

ASN25751 (VALUECLICK, US)
PTR: ric01-nessy-float1.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:9000::687e:74c0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.132.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-247.jfk52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.222.111.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-111-229.compute-1.amazonaws.com

pxl.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.223.40.198 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:79::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.29.161.102 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-161-102.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200e (United States) 2 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.43 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.153.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-153-175.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.166.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-166-235.compute-1.amazonaws.com

us-east.ads.audio.thisisdax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.225.218.10 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1471:19::1140 (United States)

ASN25751 (VALUECLICK, US)

match.sync.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:ae80:1451:13::2360 (United States) 1 redirects

ASN25751 (VALUECLICK, US)

yahoo-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login-ds.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adobe-sync.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:2423:bda:ecda:97c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211c:da00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.129.211.22 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-211-22.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.189.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-189-89.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.52.204 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.77.220.247 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-247.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:b8a:8e02:f974:5106:aab1:ba10 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.194.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.136.187.208 (China) 1 redirects

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

cm.ipinyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	westinstore.com www.westinstore.com	1 MB
21	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319 marriottinternationa.demdex.net — Cisco Umbrella Rank: 62882	23 KB
20	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 626	151 KB
19	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 ad.doubleclick.net — Cisco Umbrella Rank: 180	8 KB
13	adsrvr.org 10 redirects js.adsrvr.org — Cisco Umbrella Rank: 2460 match.adsrvr.org — Cisco Umbrella Rank: 637 insight.adsrvr.org — Cisco Umbrella Rank: 964	8 KB
11	sojern.com static.sojern.com — Cisco Umbrella Rank: 18435 beacon.sojern.com — Cisco Umbrella Rank: 7399 pixel.sojern.com — Cisco Umbrella Rank: 9851	13 KB
11	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 secure.adnxs.com — Cisco Umbrella Rank: 806	8 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	798 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 11 analytics.google.com — Cisco Umbrella Rank: 270 adservice.google.com — Cisco Umbrella Rank: 182 fcmatch.google.com — Cisco Umbrella Rank: 5760	2 KB
8	everesttech.net 8 redirects cm.everesttech.net — Cisco Umbrella Rank: 1990 sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	1 KB
8	marriott.com cache.marriott.com — Cisco Umbrella Rank: 17542 smetrics.marriott.com — Cisco Umbrella Rank: 21656	324 KB
7	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 509 cms.analytics.yahoo.com — Cisco Umbrella Rank: 2484 sp.analytics.yahoo.com — Cisco Umbrella Rank: 1943	2 KB
6	yieldoptimizer.com 4 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 6745	5 KB
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 955	3 KB
6	dotomi.com 2 redirects login.dotomi.com — Cisco Umbrella Rank: 3349 match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3595 yahoo-match.dotomi.com — Cisco Umbrella Rank: 13768 login-ds.dotomi.com — Cisco Umbrella Rank: 6864 adobe-sync.dotomi.com — Cisco Umbrella Rank: 138548	5 KB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1031	4 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830 www.linkedin.com — Cisco Umbrella Rank: 951 px4.ads.linkedin.com — Cisco Umbrella Rank: 7048	5 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 954	2 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 691 c.bing.com — Cisco Umbrella Rank: 481	14 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	422 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	43 KB
3	krxd.net 2 redirects usermatch.krxd.net — Cisco Umbrella Rank: 2755 beacon.krxd.net — Cisco Umbrella Rank: 1035	403 B
3	tvpixel.com c.tvpixel.com — Cisco Umbrella Rank: 13278 p.tvpixel.com — Cisco Umbrella Rank: 3246	32 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	125 KB
2	ipinyou.com 1 redirects cm.ipinyou.com — Cisco Umbrella Rank: 109428	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 863	490 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 802	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 640	758 B
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1469 s.tribalfusion.com — Cisco Umbrella Rank: 3247	936 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 1265 image2.pubmatic.com — Cisco Umbrella Rank: 1547	769 B
2	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 5832	665 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1150	20 KB
2	jivox.com pxl.jivox.com — Cisco Umbrella Rank: 7896	454 B
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1100	34 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 814	7 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1593	9 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 719	832 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 649	753 B
1	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 2427	248 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 2038	614 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 2079	356 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 957	859 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 2071	175 B
1	thisisdax.com us-east.ads.audio.thisisdax.com — Cisco Umbrella Rank: 8560	365 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 1411	552 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178	17 KB
1	media6degrees.com 1 redirects idpix.media6degrees.com — Cisco Umbrella Rank: 3365	550 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 958	315 B
1	igodigital.com 514006899.collect.igodigital.com	2 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 720	31 KB
1	freeheavenlybed.com 1 redirects freeheavenlybed.com	181 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	rundsp.com Failed match.rundsp.com Failed
207	54

	Domain	Requested by
50	www.westinstore.com	www.westinstore.com
20	dpm.demdex.net	2 redirects assets.adobedtm.com www.westinstore.com js.adsrvr.org
20	assets.adobedtm.com	www.westinstore.com assets.adobedtm.com
11	www.googletagmanager.com	www.westinstore.com www.googletagmanager.com assets.adobedtm.com
10	match.adsrvr.org	9 redirects js.adsrvr.org
8	pixel.sojern.com	static.sojern.com
8	ad.doubleclick.net	8 redirects
7	sync-tm.everesttech.net	7 redirects
7	cm.g.doubleclick.net	5 redirects login.dotomi.com
7	ib.adnxs.com	5 redirects js.adsrvr.org
7	cache.marriott.com	www.westinstore.com cache.marriott.com
6	tag.yieldoptimizer.com	4 redirects
6	tr.snapchat.com	1 redirects sc-static.net
5	ct.pinterest.com	s.pinimg.com
4	ups.analytics.yahoo.com	3 redirects login.dotomi.com
4	c1.adform.net	4 redirects
4	secure.adnxs.com	static.sojern.com
4	adservice.google.com
4	www.facebook.com	www.westinstore.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	assets.adobedtm.com bat.bing.com
3	www.google.com	www.westinstore.com
3	connect.facebook.net	www.westinstore.com connect.facebook.net
2	cm.ipinyou.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.tapad.com	2 redirects
2	gum.criteo.com	2 redirects
2	usermatch.krxd.net	2 redirects
2	cms.analytics.yahoo.com	2 redirects
2	p.tvpixel.com	c.tvpixel.com
2	fcmatch.youtube.com	static.sojern.com
2	fcmatch.google.com	2 redirects
2	s.pinimg.com	www.westinstore.com s.pinimg.com
2	pxl.jivox.com
2	sc-static.net	www.westinstore.com tr.snapchat.com
2	s.yimg.com	www.westinstore.com s.yimg.com
2	snap.licdn.com	www.westinstore.com snap.licdn.com
2	beacon.sojern.com	www.westinstore.com static.sojern.com
2	login.dotomi.com	1 redirects www.westinstore.com
2	js.adsrvr.org	www.westinstore.com match.adsrvr.org
2	idsync.rlcdn.com	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	www.googletagmanager.com www.googleadservices.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	ag.innovid.com	1 redirects
1	odr.mookie1.com	1 redirects
1	sp.analytics.yahoo.com
1	beacon.krxd.net	js.adsrvr.org
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	adobe-sync.dotomi.com	1 redirects
1	login-ds.dotomi.com	login.dotomi.com
1	bh.contextweb.com	login.dotomi.com
1	partners.tremorhub.com	login.dotomi.com
1	yahoo-match.dotomi.com	login.dotomi.com
1	simage2.pubmatic.com	login.dotomi.com
1	match.sync.ad.cpe.dotomi.com	login.dotomi.com
1	us-east.ads.audio.thisisdax.com	login.dotomi.com
1	insight.adsrvr.org	1 redirects
1	servedby.flashtalking.com	1 redirects
1	c.bing.com	1 redirects
1	static.sojern.com	www.westinstore.com
1	www.googleadservices.com	www.westinstore.com
1	c.tvpixel.com	www.westinstore.com
1	idpix.media6degrees.com	1 redirects
1	geolocation.onetrust.com	cache.marriott.com
1	smetrics.marriott.com	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	marriottinternationa.demdex.net	assets.adobedtm.com
1	analytics.google.com	www.googletagmanager.com
1	514006899.collect.igodigital.com	www.westinstore.com
1	ajax.googleapis.com	www.westinstore.com
1	freeheavenlybed.com	1 redirects
0	sync.search.spotxchange.com Failed
0	match.rundsp.com Failed
207	81

This site contains links to these domains. Also see Links.

Domain
www.ritzcarltonshops.com
www.curatedbyjw.com
www.shopmarriott.com
www.shoplemeridien.com
www.sheratonstore.com
canada.westinstore.com
europe.westinstore.com
www.westinstore.cn
lc.chat
www.marriott.com
www.shopedition.com
www.luxurycollectionstore.com
www.stregisboutique.com
www.whotelsthestore.com
www.collectrenaissance.com
www.gaylordhotelsstore.com
www.shopcourtyard.com
www.shopfourpoints.com
www.fairfieldstore.com
www.boutiques.marriottbonvoy.com
www.westin.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.westinstore.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-01` - `2024-03-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.collect.igodigital.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-13`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-13` - `2023-10-11`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.marriott.com Entrust Certification Authority - L1K	`2023-08-07` - `2023-11-10`	3 months	crt.sh
smetrics.marriott.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2024-04-25`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.tvpixel.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-13`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-11-15`	2 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.jivox.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-06-16`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
us-east.ads.audio.thisisdax.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-23` - `2024-05-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.westinstore.com/
Frame ID: 170F0C664FEC1359029127B2B67CF72D
Requests: 150 HTTP requests in this frame

Frame: https://marriottinternationa.demdex.net/dest5.html?d_nsid=0
Frame ID: B2C19ED636868184863ABE5A38446B0C
Requests: 27 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Frame ID: FD0569B12F57C63421EDFCA54CAE6D9D
Requests: 10 HTTP requests in this frame

Frame: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Frame ID: 67F7BB84B81595E522C5F5613A28EE49
Requests: 9 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0
Frame ID: 6C22DDF58C5388E1E06F46FDA15C24F2
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=5df3b8e6-f819-4248-b622-298be94efe1a&u_sclid=ed047288-e14e-44ef-96a9-04f4905aedd9
Frame ID: B36276FFA0D72E3BE72C96ED94CAB2DB
Requests: 2 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426
Frame ID: 3FF27E30C623C05A1F0581D5C2ABFD78
Requests: 1 HTTP requests in this frame

Frame: https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215
Frame ID: 72ABA66CA03AC1AF3C1861787F95CB68
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/setuid?entity=82&code=0eda1bed-7326-48e1-b3f8-6caccb3e3215&gdpr=0&gdpr_consent=
Frame ID: C0D880062D78E852186F12D0530C2DB3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1696111285211&pnid=140&pcid=8a30ef68-6ef9-4092-8248-2aeb28aced89
Frame ID: 3BF2256234F4757BD34BF50C6D5F849B
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 1E4F8FF04702EA4CA7CBB1DDC33B19E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Westin Hotel StoreBack ButtonFilter Button

Page URL History Show full URLs

https://freeheavenlybed.com/ HTTP 301
https://www.westinstore.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

207
Requests

77 %
HTTPS

42 %
IPv6

54
Domains

81
Subdomains

54
IPs

4
Countries

2864 kB
Transfer

6477 kB
Size

96
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ritzcarltonshops.com/?utm_source=HAH&utm_medium=site-HB&utm_content=RTZ&utm_term=HB&utm_campaign=PanBrand-Header-Links
Title: The Ritz-Carlton Shops

Search URL Search Domain Scan URL

URL: https://www.curatedbyjw.com/?utm_source=HAH&utm_medium=site-HB&utm_content=JW&utm_term=HB&utm_campaign=PanBrand-Header-Links
Title: Curated by JW

Search URL Search Domain Scan URL

URL: https://www.shopmarriott.com/?utm_source=HAH&utm_medium=site-HB&utm_content=MAR&utm_term=HB&utm_campaign=PanBrand-Header-Links
Title: Shop Marriott

Search URL Search Domain Scan URL

URL: https://www.shoplemeridien.com/?utm_source=HAH&utm_medium=site-HB&utm_content=LEMamp;utm_term=HB&utm_campaign=PanBrand-Header-Links
Title: Shop Le Meridien

Search URL Search Domain Scan URL

URL: https://www.sheratonstore.com//?utm_source=HAH&utm_medium=site-HB&utm_content=SH&utm_term=HB&utm_campaign=PanBrand-Header-Links
Title: Sheraton Store

Search URL Search Domain Scan URL

URL: https://canada.westinstore.com/index.aspx?referrer=us
Title: Canada

Search URL Search Domain Scan URL

URL: https://europe.westinstore.com/en/?___store=hbeu_en
Title: English

Search URL Search Domain Scan URL

URL: https://europe.westinstore.com/fr/?___store=hbeu_fr
Title: Français

Search URL Search Domain Scan URL

URL: https://europe.westinstore.com/de/?___store=hbeu_de
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://europe.westinstore.com/es/?___store=hbeu_es
Title: Español

Search URL Search Domain Scan URL

URL: https://www.westinstore.cn/en/
Title: English

Search URL Search Domain Scan URL

URL: https://www.westinstore.cn/zh-CN/
Title: 中国

Search URL Search Domain Scan URL

URL: https://lc.chat/now/1974321/10
Title: Chat Live

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/your-privacy-rights.mi
Title: Your Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/terms-of-use.mi
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.marriott.com/loyalty/terms/default.mi#redeem
Title: Loyalty Terms

Search URL Search Domain Scan URL

URL: https://www.shopedition.com/?utm_source=HAH&utm_medium=site-HB&utm_content=EDT&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Shop EDITION

Search URL Search Domain Scan URL

URL: https://www.ritzcarltonshops.com/?utm_source=HAH&utm_medium=site-HB&utm_content=RTZ&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: The Ritz-Carlton Shops

Search URL Search Domain Scan URL

URL: https://www.luxurycollectionstore.com/?utm_source=HAH&utm_medium=site-HB&utm_content=LUX&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Luxury Collection Store

Search URL Search Domain Scan URL

URL: https://www.stregisboutique.com/?utm_source=HAH&utm_medium=site-HB&utm_content=STR&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: St. Regis Boutique

Search URL Search Domain Scan URL

URL: https://www.whotelsthestore.com/?utm_source=HAH&utm_medium=site-HB&utm_content=WHO&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: W Hotels The Store

Search URL Search Domain Scan URL

URL: https://www.curatedbyjw.com/?utm_source=HAH&utm_medium=site-HB&utm_content=JW&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Curated by JW

Search URL Search Domain Scan URL

URL: https://www.shopmarriott.com/?utm_source=HAH&utm_medium=site-HB&utm_content=MAR&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Shop Marriott

Search URL Search Domain Scan URL

URL: https://www.sheratonstore.com//?utm_source=HAH&utm_medium=site-HB&utm_content=SH&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Sheraton Store

Search URL Search Domain Scan URL

URL: https://www.shoplemeridien.com/?utm_source=HAH&utm_medium=site-HB&utm_content=LEM&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Shop Le Méridien

Search URL Search Domain Scan URL

URL: https://www.collectrenaissance.com/?utm_source=HAH&utm_medium=site-HB&utm_content=RHR&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Collect Renaissance

Search URL Search Domain Scan URL

URL: https://www.gaylordhotelsstore.com/?utm_source=HAH&utm_medium=site-HB&utm_content=GLD&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Gaylord Hotels Store

Search URL Search Domain Scan URL

URL: https://www.shopcourtyard.com/?utm_source=HAH&utm_medium=site-HB&utm_content=CYM&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Shop Courtyard

Search URL Search Domain Scan URL

URL: https://www.shopfourpoints.com/?utm_source=HAH&utm_medium=site-HB&utm_content=FP&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Shop Four Points

Search URL Search Domain Scan URL

URL: https://www.fairfieldstore.com/?utm_source=HAH&utm_medium=site-HB&utm_content=FFI&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Fairfield Store

Search URL Search Domain Scan URL

URL: https://www.boutiques.marriottbonvoy.com/?utm_source=HAH&utm_medium=site-HB&utm_content=MBB&utm_term=HB&utm_campaign=PanBrand-Footer-Links
Title: Marriott Bonvoy Boutiques

Search URL Search Domain Scan URL

URL: http://www.westin.com/

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/privacy.mi
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://freeheavenlybed.com/ HTTP 301
https://www.westinstore.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://cm.everesttech.net/cm/dd?d_uuid=83393839253693602362863306772897227483 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRxC_QAAAED_iAN_

Request Chain 87

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5021429799070947935

Request Chain 89

https://idsync.rlcdn.com/365868.gif?partner_uid=83393839253693602362863306772897227483 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODMzOTM4MzkyNTM2OTM2MDIzNjI4NjMzMDY3NzI4OTcyMjc0ODMQABoNCPqF8agGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=10ca782973e633f8d3b0bb15c9862ceef52cff0ce34b51a136ad14717e24ab92b0da87c991749652

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODMzOTM4MzkyNTM2OTM2MDIzNjI4NjMzMDY3NzI4OTcyMjc0ODM= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4oaLZhrPvSbRDaRsRQbPI&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 107

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=COXfkein2oEDFcIwwQoduKIAgw;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=COXfkein2oEDFcIwwQoduKIAgw;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F

Request Chain 108

https://ad.doubleclick.net/activity;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=1053258656.1696350968;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Boutiques;u90=Westin%20Hotels%20%26%20Resorts;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CI3mkein2oEDFaIBwQod-EwHnQ;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=1053258656.1696350968;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Boutiques;u90=Westin%20Hotels%20%26%20Resorts;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CI3mkein2oEDFaIBwQod-EwHnQ;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=*;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Boutiques;u90=Westin%20Hotels%20%26%20Resorts;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F

Request Chain 109

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CNTqkein2oEDFSKJywEdidYG_w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CNTqkein2oEDFSKJywEdidYG_w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F

Request Chain 111

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=83393839253693602362863306772897227483 HTTP 302
https://dpm.demdex.net/ibs:dpid=992&dpuuid=5v3wpu2o2000

Request Chain 123

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.westinstore.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.westinstore.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215

Request Chain 127

https://c.bing.com/c.gif?uid=83393839253693602362863306772897227483&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=311705CB2EFE62DB322C16542F6E63D8

Request Chain 130

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=575426A6AD3434&gdpr=0&gdpr_consent=

Request Chain 132

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CIjjmuin2oEDFdCfywEdb0UCQg;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CIjjmuin2oEDFdCfywEdb0UCQg;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=673976618 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=673976618&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoq1pDcKJa_n9EhLRvgMv_Bu71QesgpNyNy868OpetT6thngICOjokjdn7fD3LaSLZAxp7zScX8l9lz3ueYDcS375mDNf5jyFhDa3FCsfqU6YQz4gXo HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq1pDcKJa_n9EhLRvgMv_Bu71QesgpNyNy868OpetT6thngICOjokjdn7fD3LaSLZAxp7zScX8l9lz3ueYDcS375mDNf5jyFhDa3FCsfqU6YQz4gXo

Request Chain 137

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr HTTP 302
https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

Request Chain 138

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=e1992ecc-3046-4059-9b4e-745548b3ad8b&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

Request Chain 139

https://c1.adform.net/serving/cookie/match?cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=4257002804057531860&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d

Request Chain 141

https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorkjs0ushuVAxBX4yZv0kZ6dmmb08M1EyB14FR20MxTLBn7SzXUyfVhwA3C7xMW5lhbLHDrlWKxCucviR9yz5x4GlXSVLTMhYv4aOoEKatLL1yXk0o HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorkjs0ushuVAxBX4yZv0kZ6dmmb08M1EyB14FR20MxTLBn7SzXUyfVhwA3C7xMW5lhbLHDrlWKxCucviR9yz5x4GlXSVLTMhYv4aOoEKatLL1yXk0o

Request Chain 146

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr HTTP 302
https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

Request Chain 147

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=0eda1bed-7326-48e1-b3f8-6caccb3e3215&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

Request Chain 148

https://c1.adform.net/serving/cookie/match?cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=5802205606864877847&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=824794939 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=824794939&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1

Request Chain 156

https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=&verify=true

Request Chain 157

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=e1992ecc-3046-4059-9b4e-745548b3ad8b

Request Chain 159

https://login.dotomi.com/match/bounce/current?networkId=41440&version=1&nuid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRElGOEdjdUxXeUFGYXdDTmJBUUVMX3dF&expiration=1696437370&nuid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=

Request Chain 160

https://cms.analytics.yahoo.com/cms?partner_id=PCLOUD&_hosted_id=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58678/cms?partner_id=PCLOUD&_hosted_id=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent= HTTP 302
https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-yDSiSldE2oCMxc0sENZwJKu6mEyc9iZFZP0F~A

Request Chain 164

https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=83393839253693602362863306772897227483&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=19360&dpuuid=83393839253693602362863306772897227483&expiration=1696437371&nuid=83393839253693602362863306772897227483&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=

Request Chain 166

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1696350970915%26url%3Dhttps%253A%252F%252Fwww.westinstore.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQISE7LjOPRpkQAAAYr2ZacEvwGGx-KSHZD9KW9bUEy2gjV3Cvq2g6KCRmGJdAVnoz08lg

Request Chain 171

https://a.tribalfusion.com/i.match?p=b13&u=83393839253693602362863306772897227483&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=83393839253693602362863306772897227483&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 172

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426

Request Chain 173

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5be847d9-6051-4b3c-ba84-22eb96664426&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215

Request Chain 174

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5021429799070947935&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426 HTTP 302
https://ib.adnxs.com/setuid?entity=82&code=0eda1bed-7326-48e1-b3f8-6caccb3e3215&gdpr=0&gdpr_consent=

Request Chain 178

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=588225597&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm

Request Chain 182

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=15408414&t=i&p=2233 HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2030583685179

Request Chain 184

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mhcy=&mhcr=&mhcd=&mhst=&mhnm= HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=436748017&t=s&p=1057&mhcy=&mhcr=&mhcd=&mhst=&mhnm=

Request Chain 185

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kNmFD0JXRoZiSQG6PRSDNWCzq9JXuw2A&gdpr=0&gdpr_consent=

Request Chain 187

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=83393839253693602362863306772897227483&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=83393839253693602362863306772897227483&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-itMhx_BE2pF6k94c1RmFBERbUkBYXjQRheM-~A

Request Chain 188

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1696350971451&u_scsid=04d0e68d-3085-457b-b1d0-4e0651e2e1b1&u_sclid=5f9337fa-bf85-4e11-b7b1-368f8989a5fd HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696111285211%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696111285211%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1696111285211&pnid=140&pcid=8a30ef68-6ef9-4092-8248-2aeb28aced89

Request Chain 189

https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=83393839253693602362863306772897227483&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10594436656399763652

Request Chain 194

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9832b05c-842b-4bd5-9e10-ce7f7a29daa8

Request Chain 196

https://usermatch.krxd.net/um/v2?partner=adobe&id=83393839253693602362863306772897227483 HTTP 302
https://dpm.demdex.net/ibs:dpid=66757?id=83393839253693602362863306772897227483&dpuuid=P1UvOtIm

Request Chain 197

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJ4Q19RQUFBRURfaUFOXw==

Request Chain 198

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRxC_QAAAED_iAN_&expires=90

Request Chain 199

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRxC_QAAAED_iAN_ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRxC_QAAAED_iAN_&C=1

Request Chain 200

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZRxC_QAAAED_iAN_

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZRxC_QAAAED_iAN_ HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZRxC_QAAAED_iAN_

Request Chain 202

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRxC_QAAAED_iAN_

Request Chain 203

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRxC_QAAAED_iAN_&img=1

Request Chain 204

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRxC_QAAAED_iAN_&t=2592000&o=0

Request Chain 205

https://cm.ipinyou.com/xcmr/aam/r.gif HTTP 302
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=NA40_D9nyfI&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D HTTP 302
https://cm.ipinyou.com/xcms/aam/s.gif?tid=83393839253693602362863306772897227483

207 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.westinstore.com/
Redirect Chain

https://freeheavenlybed.com/
https://www.westinstore.com/

121 KB
19 KB

590ms
308ms

Document
text/html

2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

937a406198e4940c95d59ccbc8a26bda68fe9a29836b02a95224b8076d113f4e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 16:36:07 GMT
server
vary: Accept-Encoding
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-id: L9YzGKya6v8F9J_4OZqKIrIs8cQ4Qi0v1uIcnhQMyKidyMIBqpISqg==
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: close
Content-Length: 0
Date: Tue, 03 Oct 2023 16:36:06 GMT
Location: https://www.westinstore.com/
Server: DNSME HTTP Redirection

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 559ms
133ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-366134444

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50c4b9037e38e297e6a3a9570270e5d6812b19fd8664ddde0476f62584557db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73511
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:07 GMT

GET
H2 200 HB-styles.min.css
www.westinstore.com/dist/css/ 162 KB
34 KB 174ms
171ms Stylesheet
text/css 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0f049a10e87fe8b6eca9e9c4e034a63a56301e1b45386d9930d77187203ef01

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:15:41 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 595226
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:31 GMT
server
etag: W/"845bf99c9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
x-amz-cf-id: qruaxiE_pYTYzC4Dte0CJ7K10d0KNiaH-OfyUTQSmZWrrSOGbdqlww==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 521ms
96ms Script
text/javascript 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 16:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Oct 2024 16:02:42 GMT

GET
H2 200 common.min.js Show response
www.westinstore.com/dist/js/ 49 KB
13 KB 277ms
275ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/common.min.js?v=68a949ec

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

761aa93e19f8db81b90276c0c8645392bb7466d7afc2bf5c42cbf89abcb8f654

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 06:38:53 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 122234
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:32 GMT
server
etag: W/"f3da269d9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Ux6E2b3PbqAU3Q-PIg17JHATj2PvuExYA7bYtBlq2Pz6bOgpHECaBA==

GET
H2 200 lazyload.min.js Show response
www.westinstore.com/dist/js/ 5 KB
3 KB 184ms
164ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/lazyload.min.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8fa875d12c4ef71eb04d8573f2177489045a0152b29470105738f937700ab719

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 06:26:20 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 122987
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:32 GMT
server
etag: W/"2319389d9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: DfCvdZ8ZNoAZ3d9lpw8A_QDOuugRg6vhwkGjTCCIC4UZ_j1fuK7hRA==

GET
H2 200 fancybox-flexslider.js Show response
www.westinstore.com/dist/js/ 23 KB
9 KB 290ms
288ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/fancybox-flexslider.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b243c488d74271bee975d9cfbad3c2effdb4d6e620ca30e7c911408251ad0790

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:04:32 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 552695
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:32 GMT
server
etag: W/"6b182f9d9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: g2AlDGbd99dymkwyAFAquLgXuhCnGBxWVEwx1T3YzO4Ry-9SgAXMUw==

GET
H2 200 aws-sdk-2.710.0.min.js Show response
www.westinstore.com/dist/js/ 260 KB
73 KB 311ms
309ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/aws-sdk-2.710.0.min.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

55125619d629b1cbb69d77d94a56b9ca459d658ac089085bd37ea23e135a9470

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 23:37:27 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 493120
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:32 GMT
server
etag: W/"a194199d9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 48OKR1_eyuyclxZ2AigSNSBZ8gtAkc8rS6oJ92npvN2V57gcV3RI7g==

GET
H2 200 collect.js Show response
514006899.collect.igodigital.com/ 8 KB
2 KB 312ms
91ms Script
application/javascript 34.196.184.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://514006899.collect.igodigital.com/collect.js
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.184.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-184-138.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: gzip
last-modified: Sat, 30 Sep 2023 11:47:50 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 launch-EN3963523be4674e5591a9c4d516697352.min.js Show response
assets.adobedtm.com/ 458 KB
116 KB 311ms
98ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 04ddbe4a575f6691a79b76e1cfc742f223027895fc948e03ea68f208b5ffaf7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:53 GMT
server: AkamaiNetStorage
etag: "8fb9f022264b43e0a7eaad386cf6d89c:1695905273.52522"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 118174
expires: Tue, 03 Oct 2023 17:36:08 GMT

GET
H2 200 HB-picturefill.min.js Show response
www.westinstore.com/dist/js/ 12 KB
5 KB 407ms
406ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/HB-picturefill.min.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

754617cc2ec9d7af5f5dd2a5bf7f0b7e1b234cef7585a0b922ea6f8d36f47562

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 23:48:18 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 492469
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:31 GMT
server
etag: W/"2c23e9d9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: PhcNEbPs7DMB0KgLPpCP_QCja3PG-oSTCFEep5HIDsdobkUOlojSxg==

GET
H2 200 HB-main-logo.jpg
www.westinstore.com/images/misc/ 3 KB
3 KB 323ms
304ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/misc/HB-main-logo.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a9a8449ddc3206cccf422950e69332206cb82b1f9fd04c3539ffec0d6e91c662

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558550
x-cache: Hit from cloudfront
content-length: 2948
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "86252cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: XfXv1onVPZEd_Qp47nf5C_yeukA48htzjiDkYM1-cC5xNYOECxYiSQ==

GET
H2 200 MB-Logo-Black.svg
www.westinstore.com/images/banners/ 3 KB
2 KB 321ms
303ms Image
image/svg+xml 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/MB-Logo-Black.svg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

55bfc33f06723d1d61fc9badecb2651b231d04a8256e831f44e3b70e403f6b3b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 11:23:59 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 537128
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: W/"2a5399bfb5cd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
x-amz-cf-id: QFV6Qavz2U_U1XFH6A4kNJKgwDUeENmqHlni6RTzhGTwgyASt07TYg==

GET
H2 200 priceView.min.js Show response
www.westinstore.com/dist/js/ 7 KB
3 KB 116ms
115ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/priceView.min.js?v=49d67cbd

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b122668aecf6b807958f34382c6ca2bd0e43c9c4c59dbcc74b0315c84f6090ea

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 558550
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:32 GMT
server
etag: W/"9e835e9d9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: ko84caJfuXzkYZu6s9zJo5hFiZwQuEYjRsymdLaa_aTpUg6KQoWk8w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 247 KB
85 KB 158ms
141ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXGQS9H

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b71b771ccfb9a9e2e992b98bf541630263d5324f94b9261731601224454b468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87387
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H2 200 westin-heavenly-bed.jpg
www.westinstore.com/images/banners/ 152 KB
153 KB 245ms
228ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/westin-heavenly-bed.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

878b57236146067b4ca9d7aa4dc562a7c759ef9b7cac3abded22ae48306ffc1d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:51:18 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 549889
x-cache: Hit from cloudfront
content-length: 155707
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "3398a6bfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: qZafjmrBT4ZyoNnApDskzd2Cy1SCsAocCQrC7DfwZ2iNG5-qZC3yTA==

GET
H2 200 white-tea-body-lotion.jpg
www.westinstore.com/images/points/ 39 KB
39 KB 185ms
169ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-body-lotion.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d8241ea6568f4f798f96bbff9be959534bc0f058924b40f2b4ee90aef13df0cf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
date: Tue, 03 Oct 2023 07:45:49 GMT
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 46237
x-cache: Hit from cloudfront
content-length: 39933
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "288939cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: wQxBpi1WtMvroDcnbEcCsKOHJmLT3Ee3YAZ4_krP9uCGhh5_trhcOQ==

GET
H2 200 down-alternative-pillow.jpg
www.westinstore.com/images/points/ 30 KB
30 KB 322ms
306ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/down-alternative-pillow.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ea2e0663443259e8f6bcd4791f232d4b8f000df607cbdcfae5022c7ada89d357

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:42:15 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 543233
x-cache: Hit from cloudfront
content-length: 30524
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "57f534cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: dIKhUqagZz_V3Hp6_1I7tiAm4K-xYwKJoMCyA3akg0lAMyzc51b4lw==

GET
H2 200 white-tea-candle.jpg
www.westinstore.com/images/points/ 29 KB
30 KB 330ms
314ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-candle.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7db69aaa7c3a169e4589669c1dc31cf51a328097abe4ff37cffd63027c0a46d5

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:10:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 555933
x-cache: Hit from cloudfront
content-length: 30196
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "c1e83acfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: SkQYuCPtInqQhnE7_mS7Vf4FolGO3UzsEwZRcmludQV7KBuXwK2Qsw==

GET
H2 200 sleep-well-lavender-balm.jpg
www.westinstore.com/images/points/ 39 KB
40 KB 340ms
325ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/sleep-well-lavender-balm.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

28751f082a89cbf613dd65a6f3d4d3a130ea2a621f7bf84e60d1089514acf931

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:42:15 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 543233
x-cache: Hit from cloudfront
content-length: 40339
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "2f1837cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: J6m6dUOoLp2g3c790MMFXbflalUAArs17y02FYW1KtPulf6qrCWPCA==

GET
H2 200 white-tea-hand-soap.jpg
www.westinstore.com/images/points/ 38 KB
38 KB 350ms
335ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-hand-soap.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

034f221493fdbe5c9bc66a4c21b6b2690dae8b7be7acdcdd312ee04d67157891

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:42:43 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 482005
x-cache: Hit from cloudfront
content-length: 38542
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "3b213ccfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: tuQuQTYhtcu6W3ZWfa8iHO6pCuuta-voa_tQKrBAsTTP8cmyFucwVQ==

GET
H2 200 feather-and-down-pillow.jpg
www.westinstore.com/images/points/ 22 KB
23 KB 371ms
356ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/feather-and-down-pillow.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e5ad5cff46dcc2e813eba026fff2268bcab6a740a0f7c466dcc58caa4c5d2b37

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558551
x-cache: Hit from cloudfront
content-length: 22855
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "c3636cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: Jtw-RtQdM8Qnxv8sBPAgPhXU_rH4ZM3HXyMnGv_oaS2nvCB49BW4-A==

GET
H2 200 white-tea-reed-diffuser.jpg
www.westinstore.com/images/points/ 42 KB
43 KB 360ms
346ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-reed-diffuser.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

564fd76dfaa679712bdf2ab47cd3146a052cb85b2daa12ad71e08d7b23bf845f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:42:43 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 482005
x-cache: Hit from cloudfront
content-length: 43414
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "be593dcfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: CttsKO7ygf4sFiiB24EZbDzXtlpz0AW2x4ASAbfVBuUI05xpt4-f_g==

GET
H2 200 spa-robe.jpg
www.westinstore.com/images/points/ 28 KB
29 KB 379ms
365ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/spa-robe.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

065a8d41bd0860b56c50e5e03594b50c6b31cb023236cf6b2e700fd20781628d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:42:15 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 543233
x-cache: Hit from cloudfront
content-length: 29086
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "ae5038cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: lBA1cU0SpJpW3xGwQZWZzyMLWOHM32h58CQInbVGs_3joX7KI01grQ==

GET
H2 200 white-tea-room-diffuser.jpg
www.westinstore.com/images/banners/ 10 KB
10 KB 408ms
395ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/white-tea-room-diffuser.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6abcad2d84ac87a648b36a0ea980d43faa246abe46df0d6fd7adc48739c45ef2

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:01:19 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 484489
x-cache: Hit from cloudfront
content-length: 9802
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "18b8bcbfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: G0OeKOM1xW6HzgvrjFRqsCobxEH5Aw74Wd2SbSAhpwPbAEnOnZN1cA==

GET
H2 200 white-tea-reed-diffuser.jpg
www.westinstore.com/images/banners/ 9 KB
9 KB 383ms
370ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/white-tea-reed-diffuser.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fd9fc38417ef7b71580396d408252e08c3ea64a88231caa67f384a0d85b31fc3

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:08:46 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 520042
x-cache: Hit from cloudfront
content-length: 8887
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "98a6bbbfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 8aza0mErlbnRNQ3gtW3wgF6SSDE3MnH2nim7mtN9A8r9NAR767XU2Q==

GET
H2 200 white-tea-lotion.jpg
www.westinstore.com/images/banners/ 8 KB
9 KB 384ms
371ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/white-tea-lotion.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d9c2b0ad1f04007644469c3d2363d498373925b9a3a6c490fbb06f4ec50c604c

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558551
x-cache: Hit from cloudfront
content-length: 8694
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "b15cb9bfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: X2ro2xsUTHXlo0arAHvkG6qG4rVVxt-ABO8Wt9nL5Fo2j23OlRc-yA==

GET
H2 200 white-tea-candle.jpg
www.westinstore.com/images/banners/ 17 KB
18 KB 391ms
378ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/white-tea-candle.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9143d8ef78bb93d3503d0e927345d57a65ca85bd57d0f8de7cd296b2c2fce3fe

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:08:46 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 520042
x-cache: Hit from cloudfront
content-length: 17761
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "bb12b7bfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 1OrJc2P8Cw0VM5RI396GY_62aFJ1QXOc6z1-6pqwdO2X9I9t28BCoA==

GET
H2 200 white-tea-bodywash.jpg
www.westinstore.com/images/banners/ 7 KB
8 KB 409ms
397ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/white-tea-bodywash.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b0952e1544bfe70637180690c307246eba2fc8e457d8ac707bd3de10c6fd270d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:08:46 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 520042
x-cache: Hit from cloudfront
content-length: 7451
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "5f1b6bfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: YGBZ49qwie4pU5eazrIUZU8R5bykL9WOEE-zRSejP8NqLK9napRwIg==

GET
H2 200 white-tea-room-spray.jpg
www.westinstore.com/images/banners/ 9 KB
9 KB 394ms
382ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/white-tea-room-spray.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b6688e2070c89a4aa945950f568f93bbcb68613067245ee5139ad48e51c71a06

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558551
x-cache: Hit from cloudfront
content-length: 9102
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "f31bfbfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: pTF1qXqooT2O-D5Gmg67rxGJ-ddrhH49ZjPIyGj-ahm-cmXGjpDegQ==

GET
H2 200 white-tea-shampoo-conditioner.jpg
www.westinstore.com/images/banners/ 15 KB
15 KB 395ms
384ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/banners/white-tea-shampoo-conditioner.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

acc539d92c252fa744c66814038c8d3c1482e0092092e46024404c5927262d3b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:08:46 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 520042
x-cache: Hit from cloudfront
content-length: 15111
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:28 GMT
server
etag: "f024c1bfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: PHA2kwGL8JVKFpbc8GVBALFjejW_9Yq2JURZwsAV8gqCdnccZ0aGxA==

GET
H2 200 fill.gif
www.westinstore.com/images/misc/ 1 KB
2 KB 396ms
385ms Image
image/gif 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/misc/fill.gif

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3ea15f32a4853ce4f19ba7a060810fee8e2eaa1a373af09933cc16739c796035

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558551
x-cache: Hit from cloudfront
content-length: 1097
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "e09716cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: OYyzVJVCXspvsyBsYGP7GGh4Vh6pJ7dxH4B-H7Y4aDLuAWYEx_hG1A==

GET
H2 200 swiper.min.js Show response
www.westinstore.com/dist/js/ 135 KB
35 KB 134ms
113ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/swiper.min.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f2b1cf53ad659354a5db298a78b00048d1138c22263bf033532b3dab4259be8f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:42:42 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 482005
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Mar 2023 14:09:20 GMT
server
etag: W/"e048fce37e61d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: Oh-2cvtHzuToiOJMqTUDqJgzWKlvNOQ28MUBeO__JfKaDwYYGiMUGw==

GET
H2 200 HB-footer-logo.svg
www.westinstore.com/images/misc/ 8 KB
3 KB 395ms
384ms Image
image/svg+xml 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/misc/HB-footer-logo.svg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dd8dac20e092dd5ea9a989fdf4581ca717750b3984e1bba3e1be17e79bf8e75e

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 11:23:59 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 537129
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: W/"50ecf7bfb5cd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
x-amz-cf-id: Z0Ycjdx7khk6F0uv4GUPB7__7JQrfPUV3VSqRNY-dJAPaKsbk8q2ZQ==

GET
H2 200 vendor.js Show response
www.westinstore.com/dist/js/ 256 KB
70 KB 161ms
139ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/vendor.js?v=202310031146

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f897e47f14a988214044366dedc178f2b76e8134c368c0d69d8e1773b79c837f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:46:40 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 2967
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Oct 2023 15:46:36 GMT
server
etag: W/"459c9dca10f6d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: EVMNmcqQ3ebsRO0SV078aw6D3Bs0guU-dmLtq5IemQkmX7Ul-Yb5Ng==

GET
H2 200 gsap.min.js Show response
www.westinstore.com/dist/js/ 72 KB
28 KB 211ms
189ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/gsap.min.js?v=202310031146

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ab8c0d8db2086d665fbe9fd404c0dadf0c82227c58ccec1a7100b5455e15aaf9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:46:40 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 2967
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Oct 2023 15:46:35 GMT
server
etag: W/"8afd52ca10f6d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: tJkEkbe4NPbJK0zqljEWHyLZzMHBI2f9irLlgSqqHigE2LPDeYJ6tA==

GET
H2 200 design.min.js Show response
www.westinstore.com/dist/js/ 9 KB
3 KB 240ms
220ms Script
application/javascript 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/dist/js/design.min.js?v=eb8017b8

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7af2f85ba5ddbd3cee00d6603f238f5df9ac31361efdf421ebdc38ea8e028431

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:47:37 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 553710
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Sep 2023 17:19:32 GMT
server
etag: W/"32b2c9d9df0d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: xXyaESR-xPTrN0cOtUFDDcoYZzqbczmNiAb9aFiEGv5PRcuRY7xskg==

GET
H2 200 Graphik%20Starwood%20Web-Regular.woff2
www.westinstore.com/fonts/ 31 KB
31 KB 391ms
388ms Font
application/font-woff2 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/fonts/Graphik%20Starwood%20Web-Regular.woff2

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

96122b9e8cf4e7c5e537c4e1e667027d5e7ec9593a7e6b974b883f72d4d70cf0

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26
Origin: https://www.westinstore.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
date: Mon, 02 Oct 2023 14:11:41 GMT
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 543788
x-cache: Hit from cloudfront
content-length: 31740
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:27 GMT
server
etag: "cef7ffafb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: Z17QzqZia1S3W1CLC4-k3N0hTHJqzVTgQXIPpAWP12X72Ayt-7cDSA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/366134444/ 2 KB
2 KB 364ms
166ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/366134444/?random=1696350968009&cv=11&fst=1696350968009&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.westinstore.com%2F&hn=www.googleadservices.com&frm=0&tiba=Westin%20Hotel%20Store&auid=1053258656.1696350968&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abdf9d14b96d496821dd573995b40e19f3dc95c1cc339ce0c7d4d297d426d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HB-main-logo.svg
www.westinstore.com/images/misc/ 4 KB
3 KB 279ms
277ms Image
image/svg+xml 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/misc/HB-main-logo.svg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aef882e79e84cca28ec0c33ca648484fb354f285da375fffbed11716b06228a0

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:33:00 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 543788
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: W/"f3363cfb5cd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
x-amz-cf-id: FDk5yYadWxXC1k6t8CXRBJtMnYxapROmKxezWu0869AArBh0qe_JXg==

GET
H2 200 freigtexprobook-webfont.woff2
www.westinstore.com/fonts/ 28 KB
28 KB 281ms
278ms Font
application/font-woff2 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/fonts/freigtexprobook-webfont.woff2

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6c858a27f88b430e737e3c572e73642e303add402f7777b59584110ac22e634d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26
Origin: https://www.westinstore.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:59:16 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 553012
x-cache: Hit from cloudfront
content-length: 28544
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:27 GMT
server
etag: "793b21bfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: glcv8UUKwARTq_WTzCHlJNZ4HSu12cOc9XD7B6XXpz-3q8Yt1chKXQ==

GET
H2 200 HB-icons.woff2
www.westinstore.com/fonts/ 2 KB
2 KB 285ms
281ms Font
application/font-woff2 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westinstore.com/fonts/HB-icons.woff2?tamhjm

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8275ab81eeadc2b99491f909929f0cf715924617842bc7426ec85de0328577b7

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26
Origin: https://www.westinstore.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 11:23:59 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 537129
x-cache: Hit from cloudfront
content-length: 1596
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:27 GMT
server
etag: "c8e11bfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: lBzHcvpz-N8K-X3MuYSDN3M5qMnXBz5R_cUcq9ltbLjkMXnQURFpbA==

GET
H2 200 white-tea-body-lotion.jpg
www.westinstore.com/images/points/ 39 KB
39 KB 263ms
227ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-body-lotion.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d8241ea6568f4f798f96bbff9be959534bc0f058924b40f2b4ee90aef13df0cf

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
date: Tue, 03 Oct 2023 07:45:49 GMT
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 46238
x-cache: Hit from cloudfront
content-length: 39933
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "288939cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: dncQY8XZ4MtyiXhLVc2NNs_f8TZwgHMMd9tUvfmrP3WamTanG5QuDA==

GET
H2 200 down-alternative-pillow.jpg
www.westinstore.com/images/points/ 30 KB
30 KB 271ms
235ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/down-alternative-pillow.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ea2e0663443259e8f6bcd4791f232d4b8f000df607cbdcfae5022c7ada89d357

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:42:15 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 543233
x-cache: Hit from cloudfront
content-length: 30524
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "57f534cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: wIvC2vN5CGnYfzjN2XXZ86lwwjS5kYbz-SCoFPeMn9BJ7siQxx9KaA==

GET
H2 200 white-tea-candle.jpg
www.westinstore.com/images/points/ 29 KB
30 KB 276ms
241ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-candle.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7db69aaa7c3a169e4589669c1dc31cf51a328097abe4ff37cffd63027c0a46d5

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 06:10:35 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 555933
x-cache: Hit from cloudfront
content-length: 30196
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "c1e83acfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: wO6I8VEj9N75wLGrsADQmVsijQtEMa7e_66zQErBTaKEM8E23VOAPg==

GET
H2 200 sleep-well-lavender-balm.jpg
www.westinstore.com/images/points/ 39 KB
40 KB 289ms
253ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/sleep-well-lavender-balm.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

28751f082a89cbf613dd65a6f3d4d3a130ea2a621f7bf84e60d1089514acf931

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:42:15 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 543233
x-cache: Hit from cloudfront
content-length: 40339
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "2f1837cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: lGoE0wB_moRdQ_Jx2oI0-7xqzFdkxnZGOQ7vkaydqR8GUFuB7hTRTg==

GET
H2 200 white-tea-hand-soap.jpg
www.westinstore.com/images/points/ 38 KB
38 KB 292ms
257ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-hand-soap.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

034f221493fdbe5c9bc66a4c21b6b2690dae8b7be7acdcdd312ee04d67157891

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:42:43 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 482005
x-cache: Hit from cloudfront
content-length: 38542
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "3b213ccfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: gltfGn2_MKuDOpO-TaC12j5KgSz_LH0MaS04Ji9QjuBDGXGKWvzBXw==

GET
H2 200 feather-and-down-pillow.jpg
www.westinstore.com/images/points/ 22 KB
23 KB 282ms
247ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/feather-and-down-pillow.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e5ad5cff46dcc2e813eba026fff2268bcab6a740a0f7c466dcc58caa4c5d2b37

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558551
x-cache: Hit from cloudfront
content-length: 22855
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "c3636cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: HrnJP_1B1ZoOSrQOf1I3Odx5y8fE-IONo6RP8f84bV0i7ZxOPf-G6g==

GET
H2 200 white-tea-reed-diffuser.jpg
www.westinstore.com/images/points/ 42 KB
43 KB 301ms
267ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/white-tea-reed-diffuser.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

564fd76dfaa679712bdf2ab47cd3146a052cb85b2daa12ad71e08d7b23bf845f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 02:42:43 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 482005
x-cache: Hit from cloudfront
content-length: 43414
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "be593dcfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 3aV4o3cNMSRo6gZVq6CBiAbFu4Px2paclyH7T3emSt60qHt4uD6DFw==

GET
H2 200 spa-robe.jpg
www.westinstore.com/images/points/ 28 KB
29 KB 297ms
262ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/points/spa-robe.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

065a8d41bd0860b56c50e5e03594b50c6b31cb023236cf6b2e700fd20781628d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:42:15 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 543233
x-cache: Hit from cloudfront
content-length: 29086
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "ae5038cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: dU0duB9KBi7mdL1n-lX1D73cHamly5cPpW2xLYlGTnOQfGGYollbzQ==

GET
H2 200 fill.gif
www.westinstore.com/images/misc/ 1 KB
2 KB 300ms
271ms Image
image/gif 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/misc/fill.gif

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3ea15f32a4853ce4f19ba7a060810fee8e2eaa1a373af09933cc16739c796035

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558551
x-cache: Hit from cloudfront
content-length: 1097
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "e09716cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: kK3cDg18ehsXn-LUmOs87cy9dEZbvGhZTCla7YcBd6vbnEbHgEm8TQ==

GET
H2 200 loading.svg
www.westinstore.com/images/misc/ 3 KB
929 B 289ms
266ms Image
image/svg+xml 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/misc/loading.svg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

73487721adbe8773c19ff723cfe635f9f777a892197981ce6ce1c678f14c5a26

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Sep 2023 06:29:16 GMT
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 554812
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: W/"b7e19cfb5cd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
x-amz-cf-id: 3gHj44o_l1jtSAnEllr1HKmJDLA0RiKgYlYwYTNTjRIeE2xVK9O-Mw==

GET
H2 200 HB-icons2.svg
www.westinstore.com/images/misc/ 6 KB
3 KB 289ms
267ms Image
image/svg+xml 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/misc/HB-icons2.svg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

522b965494eb0d686229a315fa437aa0914f96aac22da38d6a9a7431a99da507

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/dist/css/HB-styles.min.css?v=1835fa26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 01:51:51 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: JFK50-P5
age: 485057
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: W/"b9290cfb5cd91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
x-amz-cf-id: PzF0lCtVhk6qPy7xrkClQxVkvKh9RS9PaZGFMcByRbz4z5ZiRsfUsw==

GET
H2 200 Westin-Feather-Down-Pillow.jpg
www.westinstore.com/images/mobile/ 13 KB
14 KB 262ms
259ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/mobile/Westin-Feather-Down-Pillow.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d380c7d6cc1152eb2afcaae20ee7b78484b81f64d1c608486401c0d77ba0af0b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:23:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 540731
x-cache: Hit from cloudfront
content-length: 13360
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "2fda25cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 5AkiIXiSMTkSXIbZfu1EGAhxS7ruIU2cBD_dj4jidVk2Xonso_c4Jg==

GET
H2 200 Westin-Down-Alternative.jpg
www.westinstore.com/images/mobile/ 14 KB
14 KB 262ms
260ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/mobile/Westin-Down-Alternative.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

71bc3b889b6e2ea1b45826f4ecb9e17214599bd2565918d4648b1ed42dc3c074

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
date: Fri, 29 Sep 2023 16:56:43 GMT
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 344365
x-cache: Hit from cloudfront
content-length: 14223
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "55de23cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: QNFfEiY6bkSBMY1EgOUQp-vToFL1FLtjI5-vx4uttGyBesuLLyqQ7g==

GET
H2 200 Westin-Down-Pillow.jpg
www.westinstore.com/images/mobile/ 13 KB
14 KB 264ms
262ms Image
image/jpeg 2600:9000:2510:e00:1c:42e6:6b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westinstore.com/images/mobile/Westin-Down-Pillow.jpg

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2510:e00:1c:42e6:6b80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12a6a9761b8e449410af511753ac58f55e6bdf619b4c3c06bf649b6331bc9157

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 05:26:57 GMT
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
via: 1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 558551
x-cache: Hit from cloudfront
content-length: 13722
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2023 20:15:29 GMT
server
etag: "bbc824cfb5cd91:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: ZlEuOCPo244NdtLyjj693yflorJmPy_OYeCvhAvUDjhvTZE73kl73A==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
96 KB 170ms
169ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B8YT5MHGF2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXGQS9H

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51b1e876eeb96f80cc3be50a1450b661e722852ab786d464332dde7fa4d90c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 476ms
94ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXGQS9H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 15:19:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4624
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 03 Oct 2023 17:19:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 493ms
112ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Oct 2023 16:36:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53277
x-xss-protection: 0
pragma: public
x-fb-debug: ahECAiD5f6Z9qhIr4uCcgXI2xmWRfdWlkABr0gvd3BIl4WrIKbWSu7v28zPTy9/BuwfzGeHXq4+ieSu3bNq4og==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 6 KB
3 KB 569ms
144ms XHR
application/json 54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1696350968711

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

a1b0077c53cd0821dc5d32cc62ad0150299483683fadacd29c44e4ed4b311755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.westinstore.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v047-02f215d9c.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: tfo9dsFKQUg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.westinstore.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1774
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 34 KB
13 KB 104ms
104ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: AkamaiNetStorage
etag: "72404253c27255247028f0ba11022cf8:1559603012"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12916
expires: Tue, 03 Oct 2023 17:36:08 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/366134444/ 42 B
455 B 609ms
115ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/366134444/?random=1696350968009&cv=11&fst=1696348800000&bg=ffffff&guid=ON&async=1&gtm=45be39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.westinstore.com%2F&frm=0&tiba=Westin%20Hotel%20Store&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=86067917&rmt_tld=0&ipr=y

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC998a74cdbfb34e4eb70533b7acc285a2-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 573 B
592 B 101ms
95ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC998a74cdbfb34e4eb70533b7acc285a2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8ed558cf86c3a044fbf838d330de798de42c7128621b9c2b95d80dbefe6be0eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 333
expires: Tue, 03 Oct 2023 17:36:08 GMT

GET
H2 200 RCbbd572812c1d4d6381764b660217f8cb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 2 KB
1 KB 105ms
100ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RCbbd572812c1d4d6381764b660217f8cb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: da170abb4adae0d24db442bca04d39fbb8976ae3f11f7eff0fc4f57f0e875ddc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 874
expires: Tue, 03 Oct 2023 17:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 126ms
124ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-1359549&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8de3cff3dec93c9a12e9b437c5e2766ce21872796eb22fc7c57777ec38a7b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67291
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 16:12:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 147 KB
56 KB 147ms
143ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

453bcb82842a196ad284ceeb8b0654bba8bd341fc048492b21ceb2043f6ac58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57683
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 16:12:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
76 KB 158ms
156ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a54157564353d14c9b67a3dfbea7bfae2f60694e73272f9c044f07d24355cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77346
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 180ms
179ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9035495&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6092573f099c4a9db3728ab57fcf7be5e76f54e4cf89dd6d0f2cfa207c4a3927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67288
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 16:12:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 237ms
236ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4faca1b69c7113f7a1dfe1eedc26a554a926543976e11954b33ceeba73f65a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64873
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 16:12:33 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 224ms
223ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LXTBF5X2V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88051bbb4e4ad7ff1cd669c404a99bcc48f5fbe136097e893b8406232c2dc88f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 210ms
210ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-366134444

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0cef2a6c41e1465fec6e2d28c3e87746dc203f4e6c2b48568b83f2244e6aba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72039
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
70 KB 251ms
251ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adc3b0d9080e23f699b945e50b8420a261d0a434ea0b2599da079f71f1d4b600

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72034
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 03 Oct 2023 16:36:09 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
257 B 424ms
78ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-B8YT5MHGF2&gtm=45je39r0&_p=576805996&_gaz=1&cid=237618869.1696350969&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696350968&sct=1&seg=0&dl=https%3A%2F%2Fwww.westinstore.com%2F&dt=Westin%20Hotel%20Store&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B8YT5MHGF2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westinstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 443ms
97ms Ping
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B8YT5MHGF2&cid=237618869.1696350969&gtm=45je39r0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B8YT5MHGF2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westinstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 95ms
94ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 15:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Oct 2023 16:52:05 GMT

GET
H2 200 otSDKStub.js Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/ 20 KB
7 KB 419ms
136ms Script
application/x-javascript 104.126.112.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?6425506620554597
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.117 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:09 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:38:47 GMT
server: AkamaiNetStorage
etag: "67b989d4e95276950bf7da56f7c0598d:1654544327.296254"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1563935
accept-ranges: bytes
content-length: 6886
expires: Sat, 21 Oct 2023 19:01:44 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 25 KB
9 KB 97ms
96ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:09 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: AkamaiNetStorage
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8640
expires: Tue, 03 Oct 2023 17:36:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 109ms
109ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=576805996&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westinstore.com%2F&ul=en-us&de=UTF-8&dt=Westin%20Hotel%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEAjAAAAACAAI~&jid=896515926&gjid=1225784736&cid=237618869.1696350969&tid=UA-32601214-3&_gid=509957824.1696350969&_r=1&_slc=1&gtm=45He39r0n81WXGQS9H&z=158750090

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westinstore.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westinstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 779307379506181 Show response
connect.facebook.net/signals/config/ 145 KB
37 KB 113ms
110ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/779307379506181?v=2.9.131&r=stable&domain=www.westinstore.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c3ba94146560c35176b157a88669c6f26aaa68935ad09855f879ffa1c0dd042

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Oct 2023 16:36:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37876
x-xss-protection: 0
pragma: public
x-fb-debug: MygXHOAs5TE5co5nNwgCYLeIaI2Ugt2YD/rszLGh4CMcr8JwMLyUL2Ug470ZL25viAihFXeNXyElUeWPrmw6uw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
marriottinternationa.demdex.net/ Frame B2C1 7 KB
3 KB 580ms
142ms Document
text/html 35.81.33.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marriottinternationa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.81.33.81 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-81-33-81.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.westinstore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-2-v047-0b3cc2498.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aPbrtIUySC0=
content-encoding: gzip
date: Tue, 3 Oct 2023 16:36:09 GMT
last-modified: Mon, 2 Oct 2023 10:25:00 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZRxC_QAAAED_iAN_
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=83393839253693602362863306772897227483
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRxC_QAAAED_iAN_

42 B
942 B

149ms
149ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRxC_QAAAED_iAN_

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-04e08ccb9.edge-usw2.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nMcf1KH+R5g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZRxC_QAAAED_iAN_
Date: Tue, 03 Oct 2023 16:36:09 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 94ms
93ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 03 Oct 2023 15:19:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4625
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 03 Oct 2023 17:19:04 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 97ms
96ms XHR
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-32601214-3&cid=237618869.1696350969&jid=896515926&gjid=1225784736&_gid=509957824.1696350969&_u=aCDAAEAiAAAAACAAI~&z=142948842

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westinstore.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 03 Oct 2023 16:36:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.westinstore.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/ 4 KB
5 KB 414ms
112ms XHR
application/json 104.126.112.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?6425506620554597
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.117 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7316c1dfbc9f061b2280befce5285d9576624d84376031f96583df11d82ea916

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:09 GMT
last-modified: Mon, 06 Jun 2022 19:54:53 GMT
server: AkamaiNetStorage
etag: "2f1c841426300bd3781a1752ab891f7c:1654545293.924385"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=134857
accept-ranges: bytes
content-length: 4006
expires: Thu, 05 Oct 2023 06:03:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 346ms
112ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=779307379506181&ev=PageView&dl=https%3A%2F%2Fwww.westinstore.com%2F&rl=&if=false&ts=1696350969648&sw=1600&sh=1200&v=2.9.131&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1696350969644.2070150112&cs_est=true&ler=empty&it=1696350969178&coo=false&exp=a1&rqm=GET

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Oct 2023 16:36:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 346ms
113ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=779307379506181&ev=Microdata&dl=https%3A%2F%2Fwww.westinstore.com%2F&rl=&if=false&ts=1696350969653&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Westin%20Hotel%20Store%22%2C%22meta%3Adescription%22%3A%22Enjoy%20the%20Westin%20Heavenly%20Bed%20at%20home%20for%20a%20restful%20sleep%20every%20night.%20%20Restore%20your%20body%20and%20your%20mind%20with%20the%20ultimate%20mattress%20for%20comfort%20and%20support.%22%2C%22meta%3Akeywords%22%3A%22Westin%20Hotel%20Bed%2C%20Westin%20Heavenly%20Bed%2C%20Westin%20Bed%2C%20Westin%20Pillow%2C%20Heavenly%20Pillow%2C%20Westin%20Bedding%2C%20Westin%20White%20Tea%2C%20White%20Tea%2C%20Westin%20Bath%2C%20Westin%20Spa%2C%20Bedding%2C%20Bed%2C%20Mattress%2C%20Pillows%2C%20Bath%2C%20Spa%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.westinstore.com%2Fimages%2Fproducts%2Flrg%2Fwestin-white-tea-scent_lrg.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.westinstore.com%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.westinstore.com%2Fsearch.aspx%3F%26posting%3DTRUE%26actionType%3DCUSTOMSEARCH%26customSearchParams%3DKEYWORDS%257C%7Bsearch_term_string%7D%26from%3DSE%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.131&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1696350969644.2070150112&ler=empty&it=1696350969178&coo=false&es=automatic&tm=3&exp=a3&rqm=GET

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Oct 2023 16:36:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 112ms
110ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-32601214-3&cid=237618869.1696350969&jid=896515926&_u=aCDAAEAiAAAAACAAI~&z=1882692355

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s96505539893395 Show response
smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/ 5 KB
6 KB 448ms
156ms Script
application/x-javascript 63.140.36.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/s96505539893395?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F9%2F2023%206%3A36%3A9%202%20600&d.&nsid=0&jsonv=1&.d&mid=83490906098775493172871641270926781618&aamlh=9&ce=UTF-8&pageName=www.westinstore.com%2F&g=https%3A%2F%2Fwww.westinstore.com%2F&cc=USD&v0=Unpaid%20Referrals%3A%20Typed%2FBookmarked&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=Marriott%20Bonvoy%20Boutiques&c8=D%3Dv15&c26=Launch&v41=Marriott%20Bonvoy%20Boutiques&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=www.westinstore.com%2F&v237=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-112.data.adobedc.net

Software

jag /

Resource Hash

c1e6a9fc44c6f605e77a0ccfec4ee151d99459f1fa47035c66b65b568a329f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-aam-tid: W2J7j9bCSpI=
date: Tue, 03 Oct 2023 16:36:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5588
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v047-0c84a1861.edge-usw2.demdex.com 9 ms
pragma: no-cache
last-modified: Wed, 04 Oct 2023 16:36:10 GMT
server: jag
etag: 3642885970879709184-4617719116589534164
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 02 Oct 2023 16:36:10 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=5021429799070947935
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5021429799070947935

42 B
942 B

144ms
143ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=5021429799070947935

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-04e08ccb9.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 04bxOfETQLo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
an-x-request-uuid: 52737b04-2bfd-4163-aff2-610635307b90
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=5021429799070947935
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
315 B 226ms
88ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?6425506620554597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.westinstore.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 81069a3bde4367bd-MIA
access-control-allow-headers: Content-Type

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=10ca782973e633f8d3b0bb15c9862ceef52cff0ce34b51a136ad14717e24ab92b0da87c991749652
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=83393839253693602362863306772897227483
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODMzOTM4MzkyNTM2OTM2MDIzNjI4NjMzMDY3NzI4OTcyMjc0ODMQABoNCPqF8agGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=10ca782973e633f8d3b0bb15c9862ceef52cff0ce34b51a136ad14717e24ab92b0da87c991749652

42 B
942 B

411ms
144ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=10ca782973e633f8d3b0bb15c9862ceef52cff0ce34b51a136ad14717e24ab92b0da87c991749652

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v047-0813cfda9.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OzKiDaPrSCk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=10ca782973e633f8d3b0bb15c9862ceef52cff0ce34b51a136ad14717e24ab92b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEA4oaLZhrPvSbRDaRsRQbPI&google_cver=1
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODMzOTM4MzkyNTM2OTM2MDIzNjI4NjMzMDY3NzI4OTcyMjc0ODM=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4oaLZhrPvSbRDaRsRQbPI&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

272ms
144ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4oaLZhrPvSbRDaRsRQbPI&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-024015539.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YrWcOImuSVE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEA4oaLZhrPvSbRDaRsRQbPI&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RCab7ed3322be74aa0aec2b321a13ac9ff-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 2 KB
866 B 96ms
95ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RCab7ed3322be74aa0aec2b321a13ac9ff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1ed7090a3766f597168d7920e4987a8b49080581785f6b0c4c1e773c2aee1cd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 607
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 422 B
528 B 98ms
98ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 61f3aaad8175f868109ff0023aa50deaba5d994d61940cac15ba7ac980189d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 270
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC664def41542f41d38555f5f70d441ec4-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 560 B
597 B 98ms
97ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC664def41542f41d38555f5f70d441ec4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0f52936827da447a19aaa0a653d7688050cc9e8a861d23834f34f53afe70223f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 338
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC9cb1ec8ecf2a461187113443b47b5896-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 1 KB
975 B 96ms
96ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0506f3db7e5c239d83ccf3017ba9b3e9c5c46386dbf8bf69758aa0053024719e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 716
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 2 KB
1 KB 95ms
95ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0f0789242934f0a02e83c9bfc6b9aa421918f27d73a41e02b3c55cdfe8db31d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 904
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 244ms
90ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 03 Oct 2023 16:36:10 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 308D0D12513C4D5F950B50BDC40FECD9 Ref B: MIAEDGE1520 Ref C: 2023-10-03T16:36:10Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 2 KB
986 B 99ms
96ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 149d02df8ceb9537beb3b45b0391f5d398976a2487fce99b78d40154bd279127

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 727
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 648 B
668 B 115ms
114ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6adcfe3a682eb4ea7e652e6b0af5b8663c8c91b26b04da86690e266cd90a03b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 410
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC0ea3fe9ed7ee474c88e559b25459beff-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 862 B
743 B 118ms
117ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC0ea3fe9ed7ee474c88e559b25459beff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7c471add5c59aa852e2bf3b1a3d8e754f7a5eb6e09e7bff8cbbbff20892e691f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 484
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RCc37891c0d65e4f2581d609fc16498257-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 548 B
556 B 110ms
109ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RCc37891c0d65e4f2581d609fc16498257-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0703ac1045338ac277afc33cd6ac4bc8c1c59a43e43b0ef05518fc39defb80e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 297
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 776 B
755 B 108ms
107ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9ffddcc9b61f2d8babbb180b867204f5b72aafaceb39bd68f9d8bc10ccd08deb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 496
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC1b12bbad598c4c1380765438bb0467a9-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 718 B
713 B 105ms
104ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC1b12bbad598c4c1380765438bb0467a9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 71ff5dfc82040edc74e72185e472f8645a51295586f2e9d1a43e1cd073ae4a62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 454
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RCb6c3578477864b5583591694fb0c7548-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 4 KB
1 KB 104ms
103ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RCb6c3578477864b5583591694fb0c7548-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4086654c22ecd1ff194204f2aed8803c257869272696ddd0e11680632e6a8fc2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1130
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC69b12fc347724763b4d1d6b2bbb7bc67-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 1 KB
875 B 99ms
98ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC69b12fc347724763b4d1d6b2bbb7bc67-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 81d3624342a46faebb6ffc8c3901223325d087e7a24923f60c842ac2499b335c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 616
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC3aad3278f3c24a92b0dde74d61172cca-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 2 KB
1 KB 128ms
128ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC3aad3278f3c24a92b0dde74d61172cca-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4dcd1d233a303979fd4c798f25607a9edf46a0b843f833183c016cfaca020cd3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 825
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2 200 RC7397178f0a1540d798c3f1a3d2c85c1b-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/ 1 KB
902 B 124ms
124ms Script
application/x-javascript 2600:1400:9000:19e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/5c58edbea080/RC7397178f0a1540d798c3f1a3d2c85c1b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:19e::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 10a5bf80d926f2da8f87254d73a9ae73d28e9c82a24148ccc6227a3419969834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Thu, 28 Sep 2023 12:47:54 GMT
server: AkamaiNetStorage
etag: "d03277630b294ca96c6097f88178c312:1695905274.406542"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.westinstore.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 643
expires: Tue, 03 Oct 2023 17:36:10 GMT

GET
H2

200

dc_pre=COXfkein2oEDFcIwwQoduKIAgw;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver...
https://ad.doubleclick.net/activity;dc_pre=COXfkein2oEDFcIwwQoduKIAgw;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;...
https://adservice.google.com/ddm/fls/z/dc_pre=COXfkein2oEDFcIwwQoduKIAgw;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...

42 B
401 B

325ms
116ms

Image
image/gif

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COXfkein2oEDFcIwwQoduKIAgw;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F

Protocol

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=COXfkein2oEDFcIwwQoduKIAgw;src=1359549;type=marri003;cat=m1m_m0;ord=6420937754469;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dc_pre=CI3mkein2oEDFaIBwQod-EwHnQ;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=*;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Boutiques;u90=Westin%20Hotels%20%26%20Resor...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=1053258656.1696350968;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Boutiques;u90=Westin%...
https://ad.doubleclick.net/activity;dc_pre=CI3mkein2oEDFaIBwQod-EwHnQ;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=1053258656.1696350968;u14=WI;u16=;u23=;u77=;u8=;u81=Marriot...
https://adservice.google.com/ddm/fls/z/dc_pre=CI3mkein2oEDFaIBwQod-EwHnQ;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=*;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Bout...

42 B
107 B

328ms
119ms

Image
image/gif

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CI3mkein2oEDFaIBwQod-EwHnQ;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=*;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Boutiques;u90=Westin%20Hotels%20%26%20Resorts;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F

Protocol

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CI3mkein2oEDFaIBwQod-EwHnQ;src=9035495;type=bouti0;cat=bouti000;ord=1257026128883;npa=1;auiddc=*;u14=WI;u16=;u23=;u77=;u8=;u81=Marriott%20Bonvoy%20Boutiques;u90=Westin%20Hotels%20%26%20Resorts;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dc_pre=CNTqkein2oEDFSKJywEdidYG_w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
https://ad.doubleclick.net/activity;dc_pre=CNTqkein2oEDFSKJywEdidYG_w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=1053258656.1696350968;u7=%2F;gtm=45fe39r0;uaa=;uab=;u...
https://adservice.google.com/ddm/fls/z/dc_pre=CNTqkein2oEDFSKJywEdidYG_w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=...

42 B
107 B

327ms
117ms

Image
image/gif

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNTqkein2oEDFSKJywEdidYG_w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F

Protocol

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CNTqkein2oEDFSKJywEdidYG_w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4088418216503;npa=1;auiddc=*;u7=%2F;gtm=45fe39r0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.westinstore.com%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/ 319 KB
76 KB 135ms
135ms Script
application/x-javascript 104.126.112.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?6425506620554597
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.117 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:39:17 GMT
server: AkamaiNetStorage
etag: "aa2e3ff705d27b77a2480d446a15e46b:1654544357.83096"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1284063
accept-ranges: bytes
expires: Wed, 18 Oct 2023 13:17:13 GMT

GET
H/1.1

200
OK

ibs:dpid=992&dpuuid=5v3wpu2o2000
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=83393839253693602362863306772897227483
https://dpm.demdex.net/ibs:dpid=992&dpuuid=5v3wpu2o2000

42 B
942 B

142ms
142ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=992&dpuuid=5v3wpu2o2000

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-0096a6990.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: AGWTKTz6TXo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://dpm.demdex.net/ibs:dpid=992&dpuuid=5v3wpu2o2000
cache-control: no-cache
cf-ray: 81069a3e3f798deb-MIA
content-length: 0

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 354ms
126ms Script
application/javascript 2600:9000:21dd:3800:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:3800:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:43:04 GMT
x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
via: 1.1 8e7c396366d89944c10dfabcfcb15b3c.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
etag: W/"08e770c8a17bf087d50cec01af0892c2"
age: 13987
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Dnp0b_Qb1430FAMVGdQNoxr8uBf4sP0hxIi4VsvViCNtcHYaEN6d4Q==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 304ms
110ms Script
text/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

993eba760ffd1fced5db5d31c08134a1955c3509c303c2dbeffec301c01b9409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16744
x-xss-protection: 0
server: cafe
etag: 7629912866586075724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 16:36:10 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 324ms
107ms Script
application/x-javascript 18.173.140.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.140.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-140-104.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 03:35:44 GMT
Content-Encoding: gzip
Via: 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK52-P2
Age: 46827
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 20UWFso5Eh0Z0kYS1BhtJRjGCuTcDCKgcnTf-Kr3CarF4zx_nMizlg==

GET
H2 200 UCMController Show response
login.dotomi.com/ucm/ Frame FD05 10 KB
4 KB 436ms
140ms Document
text/html 216.34.207.41
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.34.207.41 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS: ric01-nessy-float1.dotomi.com
Software: nginx /
Resource Hash: 07a8f14e8438b13c5a14d5385af76b029dd1d63a0c062664e6e110d55fab283f

Request headers

Referer: https://www.westinstore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private, max-age=0, no-store
content-encoding: gzip
content-length: 3235
content-type: text/html
date: Tue, 03 Oct 2023 16:36:10 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 mhotels.html Show response
static.sojern.com/marriott/ Frame 67F7 9 KB
10 KB 213ms
63ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2cac89100642acb92e8c705a639a012b32de7eb32db954a31890da8a091610c3

Request headers

Referer: https://www.westinstore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 9706
content-type: text/html
date: Tue, 03 Oct 2023 16:00:20 GMT
etag: "61166aab6d850b40153da0ce87a22993"
expires: Tue, 03 Oct 2023 17:00:20 GMT
last-modified: Fri, 03 Feb 2023 17:26:13 GMT
server: UploadServer
x-goog-generation: 1675445173923779
x-goog-hash: crc32c=9DJkug== md5=YRZqq22FC0AVPaDOh6Ipkw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9706
x-guploader-uploadid: ADPycdteAfIqcMTid8YFmcNt2FS4hobKih1QQraIMXWgSQ9JMgimSr9adzp4SCAiI7UO4vXvjJ-MT6w-cj8dU5-h2T88B_9X19pL

GET
H2 200 140436 Show response
beacon.sojern.com/pixel/p/ 5 KB
1 KB 228ms
78ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fwww.westinstore.com%2F&cid=
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 53e13cd03ab4a8400f55879f83bbd7096657dbc69cc9939510567ed9c5f4f8d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 891

GET
H3 200 812009699503532 Show response
connect.facebook.net/signals/config/ 133 KB
34 KB 119ms
112ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/812009699503532?v=2.9.131&r=stable&domain=www.westinstore.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3beb2c5a31a69ee56087fe91855891ef6de31c5d3450827d799f14c6624f4294

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 03 Oct 2023 16:36:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35059
x-xss-protection: 0
pragma: public
x-fb-debug: NgbFo1h39tMEB5MSAXdp48W1NZEfVuZwcKt4Bd23G++kYQL7at7Wp4cB9Jz2vXI17m1hDfSMYKE2s27YZMV0Ww==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 334ms
96ms Script
application/x-javascript 2600:1400:9000::687e:74c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74c0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=43743
accept-ranges: bytes
content-length: 3822

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 303ms
93ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.westinstore.com
URL: https://www.westinstore.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:00 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 53PF8MPQBBQG250D
age: 11
x-amz-server-side-encryption: AES256
x-amz-id-2: o7kHAedsP/wzNgmB3Y9pZf23rUcoCa0j5YQowTdcbVrAIpW8vtRl8EehUN7nY2txFfqk0/htK6dya0+3OU2Iig==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 scevent.min.js Show response
sc-static.net/ 38 KB
17 KB 377ms
154ms Script
application/javascript 18.173.132.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-247.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e9b2070bb7592b4e287af672ba3de51262305f924943e07684a40687fe0cdfa6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
via: 1.1 6da26d1d98186e04c83824717d4976ec.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16827
x-amz-cf-id: 3W-C9J6Yee7wyi2ty5Hzi8dnPbQS3hdb09vhuOGMG-W-g7jbCrQnDQ==

GET
H2 200 pxrc.php
pxl.jivox.com/tags/re/ 43 B
454 B 304ms
111ms Image
image/gif 3.222.111.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=N/A&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=www.westinstore.com/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.111.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-111-229.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
server: Jetty(9.4.39.v20210325)
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
access-control-allow-origin: *
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.westinstore.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.westinstore.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215

42 B
942 B

144ms
144ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v047-0f8e8533e.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: frPGMf+UQ9k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215
date: Tue, 03 Oct 2023 16:36:10 GMT
server: Kestrel
content-length: 189

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 3 KB
2 KB 288ms
91ms Script
application/javascript 2a04:4e42:79::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.westinstore.com
URL: https://www.westinstore.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:79::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: br
x-cdn: fastly
etag: "d27ea869d7ce22e300e4a4a927526193"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1473

GET
H2 204 5140893.js Show response
bat.bing.com/p/action/ 0
116 B 91ms
90ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5140893.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 03 Oct 2023 16:36:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 996EF9D4DC7B499D91E30A6DA6974791 Ref B: MIAEDGE1520 Ref C: 2023-10-03T16:36:10Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
358 B 182ms
181ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5140893&tm=al001&Ver=2&mid=51be3495-d3d3-4c96-98dd-c3458099df91&sid=f5a73380620a11eeba7f5f15bb8d8712&vid=f5a85b00620a11ee8eeaa7549c5aac3e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Westin%20Hotel%20Store&kw=Westin%20Hotel%20Bed,%20Westin%20Heavenly%20Bed,%20Westin%20Bed,%20Westin%20Pillow,%20Heavenly%20Pillow,%20Westin%20Bedding,%20Westin%20White%20Tea,%20White%20Tea,%20Westin%20Bath,%20Westin%20Spa,%20Bedding,%20Bed,%20Mattress,%20Pillows,%20Bath,%20Spa&p=https%3A%2F%2Fwww.westinstore.com%2F&r=&lt=4189&pt=1696350966158,,,,,492,496,550,550,777,661,777,1085,1202,1092,2252,2268,2269,4044,4044,4189&pn=0,0&evt=pageLoad&sv=1&rn=804606

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Oct 2023 16:36:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C1630B8F86740EABE1BA05A05314E0D Ref B: MIAEDGE1520 Ref C: 2023-10-03T16:36:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=311705CB2EFE62DB322C16542F6E63D8
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://c.bing.com/c.gif?uid=83393839253693602362863306772897227483&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=311705CB2EFE62DB322C16542F6E63D8

42 B
942 B

142ms
142ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=311705CB2EFE62DB322C16542F6E63D8

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-0fcb7ca64.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ij0NjQxIRHo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4FE70A1535524DCE8174B7F87B2EE55A Ref B: MIAEDGE1520 Ref C: 2023-10-03T16:36:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=311705CB2EFE62DB322C16542F6E63D8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 213 Show response
beacon.sojern.com/pixel/cp/ Frame 67F7 4 KB
910 B 81ms
78ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/213?f_v=cp_v3_js&p_v=4&cid=MGP_201904%7Cundefined%7Chttps%3A%2F%2Fwww.westinstore.com%2F&p=undefined&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&pt=TRACKING&
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 8163556863397a8446d7fb165bbf309f7c14598f5f3eb159828ac2965e21859b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 754

GET
H2 200 en.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/54b25d98-3111-4bb0-813b-8594b0ad9115/ 165 KB
166 KB 118ms
117ms Fetch
application/json 104.126.112.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/54b25d98-3111-4bb0-813b-8594b0ad9115/en.json
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.117 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7a5ac7699a044df2a6cb702caf1616b7fafe5dee0dcfb9448c21b46a6373034

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
last-modified: Thu, 10 Nov 2022 20:04:49 GMT
server: AkamaiNetStorage
etag: "b58b15cb2700bf67606f461bde78e511:1668110689.500815"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=133127
accept-ranges: bytes
content-length: 168616
expires: Thu, 05 Oct 2023 05:34:57 GMT

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=575426A6AD3434&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=575426A6AD3434&gdpr=0&gdpr_consent=

42 B
942 B

143ms
143ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=575426A6AD3434&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-0d6959b35.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EG4GutN0Ti4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 16:36:10 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app50.ash11
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=575426A6AD3434&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Tue, 03 Oct 2023 16:36:10 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 113ms
112ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=812009699503532&ev=PageView&dl=https%3A%2F%2Fwww.westinstore.com%2F&rl=&if=false&ts=1696350970691&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.1.1696350969644.2070150112&ler=empty&it=1696350969178&coo=false&exp=a3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 03 Oct 2023 16:36:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

src=4810757;dc_pre=CIjjmuin2oEDFdCfywEdb0UCQg;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=...
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CIjjmuin2oEDFdCfywEdb0UCQg;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_...
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CIjjmuin2oEDFdCfywEdb0UCQg;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_f...

42 B
107 B

176ms
118ms

Image
image/gif

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CIjjmuin2oEDFdCfywEdb0UCQg;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Protocol

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CIjjmuin2oEDFdCfywEdb0UCQg;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.westinstore.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px
secure.adnxs.com/ 0
757 B 109ms
99ms Image
application/javascript 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1565798&t=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
an-x-request-uuid: e3ceac92-9f48-4ceb-879a-3d28c10724f4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 seg
secure.adnxs.com/ 0
808 B 105ms
103ms Image
application/javascript 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=29464183&t=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
an-x-request-uuid: adfc42e3-c85e-46ea-af38-53c6844194e0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5sk...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=673976618&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1

42 B
282 B

86ms
77ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=673976618&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=673976618&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDoq1pDcKJa_n9EhLRvgMv_Bu71QesgpNyNy868OpetT6thngICOjokjdn7fD3LaSLZAxp7zScX8l9lz3ueYDcS375mDNf5jyFhDa3FCsfqU6YQz4gXo
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq1pDcKJa_n9EhLRvgMv_Bu71QesgpNyNy868OpetT6thngICOjokjdn7fD3LaSLZAxp7zScX8l9lz3ueYDcS375mDNf5jyFhDa3FCsfqU6YQz4gXo

170 B
233 B

410ms
196ms

Image
image/png

2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq1pDcKJa_n9EhLRvgMv_Bu71QesgpNyNy868OpetT6thngICOjokjdn7fD3LaSLZAxp7zScX8l9lz3ueYDcS375mDNf5jyFhDa3FCsfqU6YQz4gXo

Protocol

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq1pDcKJa_n9EhLRvgMv_Bu71QesgpNyNy868OpetT6thngICOjokjdn7fD3LaSLZAxp7zScX8l9lz3ueYDcS375mDNf5jyFhDa3FCsfqU6YQz4gXo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

42 B
264 B

88ms
78ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
an-x-request-uuid: a89c53c9-a9f6-473f-943a-991cc1eee637
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=e1992ecc-3046-4059-9b4e-745548b3ad8b&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

42 B
58 B

81ms
78ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=e1992ecc-3046-4059-9b4e-745548b3ad8b&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

location: https://pixel.sojern.com/idsync/ttd?id=e1992ecc-3046-4059-9b4e-745548b3ad8b&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
date: Tue, 03 Oct 2023 16:36:10 GMT
server: Kestrel
content-length: 327

GET
H3

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296
https://pixel.sojern.com/idsync/adf?adfid=4257002804057531860&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d

0
13 B

77ms
76ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=4257002804057531860&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=4257002804057531860&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/366134444/ 2 KB
1 KB 119ms
117ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/366134444/?random=1696350970714&cv=9&fst=1696350970714&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.westinstore.com%2F&tiba=Westin%20Hotel%20Store&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89978a964ff095a65c50e3a932d2ca0f07b7a2c41843d3279b61b27abb937b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 6C22
Redirect Chain

https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0

849 B
883 B

91ms
90ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 49e8c6ccae8ff943924893e41ef6018a0bddfa7ad4e0fff0754717cb84203294

Request headers

Referer: https://www.westinstore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 03 Oct 2023 16:36:10 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 273
date: Tue, 03 Oct 2023 16:36:10 GMT
location: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0
server: Kestrel

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 283ms
89ms Preflight 18.213.153.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.153.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-153-175.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.westinstore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.westinstore.com
access-control-max-age: 600
content-length: 0
date: Tue, 03 Oct 2023 16:36:11 GMT
server: nginx

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
331 B 265ms
88ms XHR
text/plain 18.213.153.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: c.tvpixel.com
URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.153.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-153-175.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.westinstore.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.westinstore.com
date: Tue, 03 Oct 2023 16:36:11 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET match.gif
match.rundsp.com/ Frame B2C1 0
0

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 67F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDorkjs0ushuVAxBX4yZv0kZ6dmmb08M1EyB14FR20MxTLBn7SzXUyfVhwA3C7xMW5lhbLHDrlWKxCucviR9yz5x4GlXSVLTMhYv4aOoEKatLL1yXk0o
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorkjs0ushuVAxBX4yZv0kZ6dmmb08M1EyB14FR20MxTLBn7SzXUyfVhwA3C7xMW5lhbLHDrlWKxCucviR9yz5x4GlXSVLTMhYv4aOoEKatLL1yXk0o

170 B
432 B

239ms
112ms

Image
image/png

2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorkjs0ushuVAxBX4yZv0kZ6dmmb08M1EyB14FR20MxTLBn7SzXUyfVhwA3C7xMW5lhbLHDrlWKxCucviR9yz5x4GlXSVLTMhYv4aOoEKatLL1yXk0o

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=

Protocol

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorkjs0ushuVAxBX4yZv0kZ6dmmb08M1EyB14FR20MxTLBn7SzXUyfVhwA3C7xMW5lhbLHDrlWKxCucviR9yz5x4GlXSVLTMhYv4aOoEKatLL1yXk0o
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

apn
pixel.sojern.com/idsync/ Frame 67F7
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

42 B
58 B

79ms
77ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
an-x-request-uuid: 85ec1cb5-2030-4e8e-8a87-745521228d8d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=5021429799070947935&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

ttd
pixel.sojern.com/idsync/ Frame 67F7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=0eda1bed-7326-48e1-b3f8-6caccb3e3215&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr

42 B
58 B

82ms
78ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=0eda1bed-7326-48e1-b3f8-6caccb3e3215&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 03 Oct 2023 16:36:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

location: https://pixel.sojern.com/idsync/ttd?id=0eda1bed-7326-48e1-b3f8-6caccb3e3215&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr
date: Tue, 03 Oct 2023 16:36:10 GMT
server: Kestrel
content-length: 327

GET
H3

202

adf
pixel.sojern.com/idsync/ Frame 67F7
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d&party=1296
https://pixel.sojern.com/idsync/adf?adfid=5802205606864877847&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d

0
13 B

78ms
77ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=5802205606864877847&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=5802205606864877847&cid=41de06b8-9232-08d3-5770-a0e20f30bf2d
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 px
secure.adnxs.com/ Frame 67F7 0
757 B 113ms
98ms Image
application/javascript 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1228256&t=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
an-x-request-uuid: 37946351-b484-4403-baa2-e8c0dd99a579
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 seg
secure.adnxs.com/ Frame 67F7 0
808 B 125ms
111ms Image
application/javascript 68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=21126164&t=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
an-x-request-uuid: 4f316e2a-c1c8-448c-a297-d4718fe38f76
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

AdX
pixel.sojern.com/idSync/ Frame 67F7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=Qd4GuJIyCNNXcKDiDzC_LQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5sk...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=824794939&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1

42 B
58 B

77ms
77ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=824794939&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=xDUhKrQ8VcxL-MwPalarU944nAXsYyNZLb-gE_xJhg7Z1rxv5skjNtI9Skn_TFrr&sjrn_ula=824794939&google_gid=CAESEGxRh8O0h4I91xsJrkepE-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 106ms
95ms Script
application/x-javascript 2600:1400:9000::687e:74c0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74c0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=8847
accept-ranges: bytes
content-length: 4862

GET
H2 200 405909.json Show response
s.yimg.com/wi/config/ 44 B
686 B 282ms
102ms XHR
application/json 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405909.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

fad2b41a387ad2bff0c05ed1475f79529e13a17163eb6e36f8953822d96ded88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:12 GMT
x-amz-version-id: Lrw5WLHyhPaUyK_hv9o8Gue7kIPQ_ljO
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: PT8G4WQ0HZJR3V91
age: 0
x-amz-server-side-encryption: AES256
content-length: 44
x-amz-id-2: kNh5DLME4F6lLLOrNeiGzACHo1HkZ+9TdzzTN1LwlZQxlnK4GdKeGEBYd0C65a61K4Yevl/UxQOMJg9zk7+EwQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Mon, 02 Sep 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sat, 29 Jul 2023 15:55:55 GMT
server: ATS
etag: "bef1253818c00b6e13b42804c46f2014"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H3 200 /
www.google.com/pagead/1p-user-list/366134444/ 42 B
64 B 113ms
112ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/366134444/?random=1696350970714&cv=9&fst=1696348800000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.westinstore.com%2F&tiba=Westin%20Hotel%20Store&async=1&fmt=3&is_vtc=1&random=3972212542&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
us-east.ads.audio.thisisdax.com/ Frame FD05 43 B
365 B 285ms
90ms Image
image/gif 34.199.166.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-east.ads.audio.thisisdax.com/sync?tp_id=785&dsp_dax_listenerid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr=false&gdpr_consent=&us_privacy=US_PRIVACY
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.199.166.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-166-235.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 16:36:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55853/ Frame FD05
Redirect Chain

https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=&verify=true

0
120 B

95ms
94ms

Image
text/plain

3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=&verify=true

Requested by

Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=

Protocol

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55853/sync?_origin=1&uid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=&verify=true
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame FD05
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent=
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=e1992ecc-3046-4059-9b4e-745548b3ad8b

43 B
269 B

322ms
105ms

Image
image/gif

2606:ae80:1471:19::1140
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=e1992ecc-3046-4059-9b4e-745548b3ad8b
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1471:19::1140 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: 0

Redirect headers

location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=e1992ecc-3046-4059-9b4e-745548b3ad8b
date: Tue, 03 Oct 2023 16:36:10 GMT
server: Kestrel
content-length: 247

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame FD05 42 B
529 B 389ms
124ms Image
image/gif 162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xNTc2ODAw&piggybackCookie=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 03 Oct 2023 16:36:11 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD05
Redirect Chain

https://login.dotomi.com/match/bounce/current?networkId=41440&version=1&nuid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRElGOEdjdUxXeUFGYXdDTmJBUUVMX3dF&expiration=1696437370&nuid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=

170 B
188 B

109ms
109ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRElGOEdjdUxXeUFGYXdDTmJBUUVMX3dF&expiration=1696437370&nuid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=

Requested by

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRElGOEdjdUxXeUFGYXdDTmJBUUVMX3dF&expiration=1696437370&nuid=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

current
yahoo-match.dotomi.com/match/pixel/ Frame FD05
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=PCLOUD&_hosted_id=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58678/cms?partner_id=PCLOUD&_hosted_id=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=
https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-yDSiSldE2oCMxc0sENZwJKu6mEyc9iZFZP0F~A

43 B
225 B

144ms
139ms

Image
image/gif

2606:ae80:1451:13::2360
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-yDSiSldE2oCMxc0sENZwJKu6mEyc9iZFZP0F~A
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1451:13::2360 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: image/gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 43
expires: 0

Redirect headers

location: https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-yDSiSldE2oCMxc0sENZwJKu6mEyc9iZFZP0F~A
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
partners.tremorhub.com/ Frame FD05 43 B
175 B 281ms
87ms Image
image/gif 2600:1f18:612b:4232:2423:bda:ecda:97c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDT=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:2423:bda:ecda:97c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 03 Oct 2023 16:36:11 GMT
server: nginx
content-type: image/gif

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame FD05 49 B
859 B 298ms
95ms Image
image/gif 198.148.27.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEDIF8GcuLWyAFawCNbAQEL_wE&gdpr_consent=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-b6f574bf6-gl9f6
expires: -1

GET
H2 200 DMCSuccessLogger
login-ds.dotomi.com/ucm/ Frame FD05 43 B
141 B 427ms
208ms Image
image/gif 2606:ae80:1451:13::2360
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login-ds.dotomi.com/ucm/DMCSuccessLogger?dtmid=153507248409401289&sessionid=1696350970760&comId=2814&dtm_command_op_date=1696350970760&uniqueid=153507248406372763
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fwww.westinstore.com%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwww.westinstore.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1451:13::2360 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.dotomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
cache-control: max-age=0, no-store
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

ibs:dpid=19360&dpuuid=
dpm.demdex.net/ibs:dpid=19360&dpuuid=83393839253693602362863306772897227483&expiration=1696437371&nuid=83393839253693602362863306772897227483&rurl=https://dpm.demdex.net/ Frame B2C1
Redirect Chain

https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=83393839253693602362863306772897227483&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=19360&dpuuid=83393839253693602362863306772897227483&expiration=1696437371&nuid=83393839253693602362863306772897227483&rurl=https://dpm.demdex.net/ibs:dpid=19360&...

42 B
960 B

154ms
141ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=19360&dpuuid=83393839253693602362863306772897227483&expiration=1696437371&nuid=83393839253693602362863306772897227483&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v047-0233fb13d.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qBvBAkcIQio=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dpm.demdex.net/ibs:dpid=19360&dpuuid=83393839253693602362863306772897227483&expiration=1696437371&nuid=83393839253693602362863306772897227483&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/360572/domain/westinstore.com/ 36 B
356 B 337ms
110ms XHR
application/json 2600:9000:211c:da00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/360572/domain/westinstore.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:da00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.westinstore.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 10:38:11 GMT
via: 1.1 28fca7284ad6e07382ad05b79a20cd6a.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: JFK52-P4
age: 107880
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
content-length: 36
x-amz-cf-id: rBOho9mUU9bG7rkNLHHPQVSLLDSVYTbl4cajobGcGwNwUsraMSzs3A==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1696350970915%26url%3Dhttps%253A%252F%252Fwww.westinstore.com%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQISE7LjOPRpkQAAAYr2ZacEvwGGx-KSHZD9KW9bUE...

0
487 B

268ms
126ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQISE7LjOPRpkQAAAYr2ZacEvwGGx-KSHZD9KW9bUEy2gjV3Cvq2g6KCRmGJdAVnoz08lg
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5BB7175610DD4BE99D75DCF8504791D4 Ref B: MIAEDGE1508 Ref C: 2023-10-03T16:36:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG0n0YIuGxjE09CFf0rQ==

Redirect headers

date: Tue, 03 Oct 2023 16:36:10 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A88A56A41FF14056A97FA386F6940D6A Ref B: MIAEDGE1609 Ref C: 2023-10-03T16:36:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1696350970915&url=https%3A%2F%2Fwww.westinstore.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQISE7LjOPRpkQAAAYr2ZacEvwGGx-KSHZD9KW9bUEy2gjV3Cvq2g6KCRmGJdAVnoz08lg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG0n0UJEypDWEHOzmB1A==

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 6C22 488 B
1 KB 107ms
106ms Script
application/x-javascript 18.173.140.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwww.westinstore.com%2F&upid=byw7ch4&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.140.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-140-104.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Tue, 03 Oct 2023 05:29:31 GMT
Via: 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK52-P2
Age: 40000
x-amz-server-side-encryption: AES256
ETag: "2775054c068b37509e0798448f7fd32c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: 6Gv_59iqAkcPLMr5iEslisoCF0fdItn7FZ_OX1dAjNL_BQdHy9lYgw==

GET
H2 200 fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.js Show response
tr.snapchat.com/config/com/ 2 KB
916 B 255ms
118ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

ad3de033d35a25fc5f9f10dba697a0faf904351287af3f62f3beb525cb8ae83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.westinstore.com/
Origin: https://www.westinstore.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.westinstore.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame B362 672 B
1 KB 259ms
125ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=5df3b8e6-f819-4248-b622-298be94efe1a&u_sclid=ed047288-e14e-44ef-96a9-04f4905aedd9

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.westinstore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Tue, 03 Oct 2023 16:36:11 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 9

GET
H2 200 main.b4887131.js Show response
s.pinimg.com/ct/lib/ 63 KB
18 KB 96ms
92ms Script
application/javascript 2a04:4e42:79::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.b4887131.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:79::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
content-encoding: br
x-cdn: fastly
etag: "aa7df97ef17cd5e7b3b0e69ee5fe57f8"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 18175

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=83393839253693602362863306772897227483&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=83393839253693602362863306772897227483&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

142ms
141ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v047-05463794a.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ksK+JXsuSwo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 668
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81069a431ff267e1-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3FF2
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426

0
0

270ms
88ms

Document
text/plain

100.24.189.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.189.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-189-89.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store
date: Tue, 03 Oct 2023 16:36:11 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time: D=32 t=1696350971
x-served-by: beacon-n004-ash-prod.krxd.net

Redirect headers

content-length: 0
date: Tue, 03 Oct 2023 16:36:11 GMT
location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426
x-age: 0
x-cache: MISS
x-cache-hits: 0
x-served-by: usermatch-a018-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215 Show response
dpm.demdex.net/ Frame 72AB
Redirect Chain

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5be847d9-6051-4b3c-ba84-22eb96664426&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215

42 B
942 B

144ms
144ms

Document
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Content-Type: image/gif
DCS: dcs-prod-usw2-1-v047-01c36ab7e.edge-usw2.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ZYwrPmQ8SjY=
content-encoding: gzip

Redirect headers

content-length: 189
date: Tue, 03 Oct 2023 16:36:11 GMT
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=0eda1bed-7326-48e1-b3f8-6caccb3e3215
server: Kestrel

GET
H2

200

setuid Show response
ib.adnxs.com/ Frame C0D8
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5021429799070947935&ttd_tdid=5be847d9-6051-4b3c-ba84-22eb96664426
https://ib.adnxs.com/setuid?entity=82&code=0eda1bed-7326-48e1-b3f8-6caccb3e3215&gdpr=0&gdpr_consent=

43 B
847 B

102ms
102ms

Document
image/gif

68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/setuid?entity=82&code=0eda1bed-7326-48e1-b3f8-6caccb3e3215&gdpr=0&gdpr_consent=

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 50f08f72-a3c3-400b-bd48-6a43773bbae3
cache-control: no-store, no-cache, private
content-length: 43
content-type: image/gif
date: Tue, 03 Oct 2023 16:36:11 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

Redirect headers

content-length: 231
date: Tue, 03 Oct 2023 16:36:11 GMT
location: https://ib.adnxs.com/setuid?entity=82&code=0eda1bed-7326-48e1-b3f8-6caccb3e3215&gdpr=0&gdpr_consent=
server: Kestrel

GET
H2 200 otFloatingRounded.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/ 10 KB
11 KB 115ms
115ms Fetch
application/json 104.126.112.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otFloatingRounded.json
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.117 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
etag: "becf963d0b2b5f4544a5ec243252794c:1654544379.603934"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=115490
accept-ranges: bytes
content-length: 9894
expires: Thu, 05 Oct 2023 00:41:01 GMT

GET
H2 200 otPcTab.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/ 47 KB
48 KB 142ms
142ms Fetch
application/json 104.126.112.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/otPcTab.json
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.117 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
last-modified: Mon, 06 Jun 2022 19:40:07 GMT
server: AkamaiNetStorage
etag: "398ef3d808c735374c8e1b4d3984d51a:1654544407.4634"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=116150
accept-ranges: bytes
content-length: 47745
expires: Thu, 05 Oct 2023 00:52:01 GMT

GET
H2 200 otCommonStyles.css Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/ 20 KB
4 KB 176ms
176ms Fetch
text/css 104.126.112.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otCommonStyles.css
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.117 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
etag: "61ee8e79970dcae1685a883b098b34d0:1654544379.290447"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=856050
accept-ranges: bytes
content-length: 4130
expires: Fri, 13 Oct 2023 14:23:41 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm
https://tag.yieldoptimizer.com/ps/ps?tc=588225597&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm

2 B
657 B

81ms
80ms

Image
text/javascript

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=588225597&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm
Protocol: H2
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=588225597&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
910 B 401ms
119ms XHR
application/json 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612644799820&pd=%7B%7D&cb=1696350971113&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

08daf7d9b447083b35810607993da728edef5c5c54f0a4d1d14f97feabe217c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.9c794668.1696350971.1274deed
x-envoy-upstream-service-time: 1
content-length: 389
x-pinterest-rid: 1078491112935167
pin-unauth: dWlkPVpESTFPVGd5WkRFdFpqSTNNUzAwTWpjd0xXSXpOREV0WVRjelpEUTROVFF5WVRNeQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westinstore.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 0210c1305c399aa552ac834a27e97093560dab76
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 568 B
909 B 400ms
119ms XHR
application/json 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22order_quantity%22%3A%22%22%2C%22product_id%22%3A%22%22%2C%22product_category%22%3A%22%22%2C%22product_name%22%3A%22%22%2C%22product_brand%22%3A%22WI%22%7D&tid=2612644799820&cb=1696350971115&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

08daf7d9b447083b35810607993da728edef5c5c54f0a4d1d14f97feabe217c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.9c794668.1696350971.1274deee
x-envoy-upstream-service-time: 6
content-length: 389
x-pinterest-rid: 1244130379042466
pin-unauth: dWlkPU4yRTFZelZpTWpBdE9HWTFaaTAwWkdNMkxXRTJNV0l0T0RaaVpESmlaVEk1WXpGbQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westinstore.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 0210c1305c399aa552ac834a27e97093560dab76
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
456 B 413ms
134ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612644799820&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.westinstore.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1696350971116

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9c794668.1696350971.1274deef
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 0210c1305c399aa552ac834a27e97093560dab76
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1182665854690797
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22069&dpuuid=2030583685179
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://tag.yieldoptimizer.com/ps/ps?tc=15408414&t=i&p=2233
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2030583685179

42 B
942 B

146ms
145ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2030583685179

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-04b87cca0.edge-usw2.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VBF5NG/XT+Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2030583685179
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 330ms
112ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2003%20Oct%202023%2016%3A36%3A11%20GMT&n=10&b=Westin%20Hotel%20Store&.yp=405909&f=https%3A%2F%2Fwww.westinstore.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm%2Cadobe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 03 Oct 2023 16:36:11 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mhcy=&mhcr=&mhcd=&mhst=&mhnm=
https://tag.yieldoptimizer.com/ps/ps?tc=436748017&t=s&p=1057&mhcy=&mhcr=&mhcd=&mhst=&mhnm=

2 B
629 B

83ms
82ms

Image
text/javascript

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=436748017&t=s&p=1057&mhcy=&mhcr=&mhcd=&mhst=&mhnm=
Protocol: H2
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=436748017&t=s&p=1057&mhcy=&mhcr=&mhcd=&mhst=&mhnm=
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=kNmFD0JXRoZiSQG6PRSDNWCzq9JXuw2A&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kNmFD0JXRoZiSQG6PRSDNWCzq9JXuw2A&gdpr=0&gdpr_consent=

42 B
942 B

144ms
144ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kNmFD0JXRoZiSQG6PRSDNWCzq9JXuw2A&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v047-0d6def3fd.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8W3c4fbLSWA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kNmFD0JXRoZiSQG6PRSDNWCzq9JXuw2A&gdpr=0&gdpr_consent=
date: Tue, 03 Oct 2023 16:36:10 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1412082
content-length: 0

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame B362 38 KB
17 KB 126ms
122ms Script
application/javascript 18.173.132.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=5df3b8e6-f819-4248-b622-298be94efe1a&u_sclid=ed047288-e14e-44ef-96a9-04f4905aedd9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-247.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: e936a316d012316cc367cf7071d88cd728807a5c176322f9cd4c99ce429414fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 19:11:23 GMT
content-encoding: gzip
via: 1.1 6da26d1d98186e04c83824717d4976ec.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 77088
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 16808
x-amz-cf-id: FKRc3nG2iC0F0-0xedsZIgzFQxMAs3tmQl6e2txg8vmHnw5dMg_Fiw==

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=83393839253693602362863306772897227483&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=83393839253693602362863306772897227483&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-itMhx_BE2pF6k94c1RmFBERbUkBYXjQRheM-~A

42 B
942 B

148ms
147ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-itMhx_BE2pF6k94c1RmFBERbUkBYXjQRheM-~A

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v047-0813cfda9.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tYQT9ZtOTlw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-itMhx_BE2pF6k94c1RmFBERbUkBYXjQRheM-~A
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

p Show response
tr.snapchat.com/cm/ Frame 3BF2
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1696350971451&u_scsid=04d0e68d-3085-457b-b1d0-4e0651e2e1b1&u_sclid=5f9337fa-bf85-4e11-b7b1-368f8989a5fd
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696111285211%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696111285211%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1696111285211&pnid=140&pcid=8a30ef68-6ef9-4092-8248-2aeb28aced89

0
219 B

130ms
129ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1696111285211&pnid=140&pcid=8a30ef68-6ef9-4092-8248-2aeb28aced89

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Tue, 03 Oct 2023 16:36:11 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 03 Oct 2023 16:36:11 GMT
location: https://tr.snapchat.com/cm/p?rand=1696111285211&pnid=140&pcid=8a30ef68-6ef9-4092-8248-2aeb28aced89
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H/1.1

200
OK

ibs:dpid=30862&dpuuid=10594436656399763652
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=83393839253693602362863306772897227483&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10594436656399763652

42 B
942 B

143ms
143ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10594436656399763652

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v047-09ddee93b.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WEfR6fuVTps=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10594436656399763652
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ 0
95 B 120ms
118ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.westinstore.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://www.westinstore.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 p
tr.snapchat.com/ Frame 0
0 91ms
90ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.westinstore.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://www.westinstore.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 03 Oct 2023 16:36:11 GMT
server: API Gateway
via: 1.1 google

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 1E4F 565 B
625 B 111ms
111ms Document
text/html 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.b4887131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.westinstore.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.9c794668.1696350971.1274df34
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 16:36:11 GMT
pinterest-version: 0210c1305c399aa552ac834a27e97093560dab76
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 7999733943508477

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
701 B 126ms
126ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22order_quantity%22%3A%22%22%2C%22product_id%22%3A%22%22%2C%22product_category%22%3A%22%22%2C%22product_name%22%3A%22%22%2C%22product_brand%22%3A%22WI%22%7D&tid=2612644799820&cb=1696350971546&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.westinstore.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22b4887131%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.westinstore.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:11 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9c794668.1696350971.1274df38
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 0210c1305c399aa552ac834a27e97093560dab76
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 7
content-length: 35
x-pinterest-rid: 3474087263046074
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=80742&dpuuid=9832b05c-842b-4bd5-9e10-ce7f7a29daa8
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9832b05c-842b-4bd5-9e10-ce7f7a29daa8

42 B
942 B

157ms
156ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9832b05c-842b-4bd5-9e10-ce7f7a29daa8

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-06e1cc0d3.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: pad5Yx2QTY4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9832b05c-842b-4bd5-9e10-ce7f7a29daa8
date: Tue, 03 Oct 2023 16:36:11 GMT
content-length: 0
request-time: 0

GET
H2 404 usync.php
pxl.jivox.com/tags/sync/ Frame B2C1 0
0 88ms
87ms Image
text/html 3.222.111.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.111.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-111-229.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=66757
dpm.demdex.net/ Frame B2C1
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=83393839253693602362863306772897227483
https://dpm.demdex.net/ibs:dpid=66757?id=83393839253693602362863306772897227483&dpuuid=P1UvOtIm

42 B
942 B

151ms
150ms

Image
image/gif

54.190.231.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=66757?id=83393839253693602362863306772897227483&dpuuid=P1UvOtIm

Protocol

HTTP/1.1

Server

54.190.231.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-231-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v047-0dff18da8.edge-usw2.demdex.com 9 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: M72tvgXbTxk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: //dpm.demdex.net/ibs:dpid=66757?id=83393839253693602362863306772897227483&dpuuid=P1UvOtIm
date: Tue, 03 Oct 2023 16:36:11 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJ4Q19RQUFBRURfaUFOXw==

170 B
188 B

111ms
110ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJ4Q19RQUFBRURfaUFOXw==

Protocol

Server

142.250.65.162 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mia-kmia1760066-MIA
pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696350972.099793,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlJ4Q19RQUFBRURfaUFOXw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRxC_QAAAED_iAN_&expires=90

42 B
753 B

496ms
123ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRxC_QAAAED_iAN_&expires=90
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6734403d2cb3625dc1fef1bbd4a17cf3
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-mia-kmia1760066-MIA
pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696350972.099773,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZRxC_QAAAED_iAN_&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRxC_QAAAED_iAN_
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRxC_QAAAED_iAN_&C=1

43 B
339 B

126ms
125ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZRxC_QAAAED_iAN_&C=1
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6w8cXAu72pyIZZGxqfPz9p1AHuZTTutF2XrK0Db8g%2Bz%2FNCldJUH4GGp%2FXrNUnqPFQNhcfrvmJpCYDD3wrtnYze2e3BOIhphXS%2FZYSfmBO6IUPFn71WiCOxUOfEqZh8JAspEWswDI0juolg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 81069a499d010992-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dY7HFjKznnNmXHP7kjTR4r53n2rHlVyfh9wTX%2FY%2FOPyIwUfazG0rBNyc164fTyQt0W40y%2BEy9qElGw%2BwN05e%2B8Mn%2FIpCmy3iL%2FrQL3FD%2Fbwo%2FANtx6pXBqt1O7duBA4PAOpCEhJjRuwmeg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=ZRxC_QAAAED_iAN_&C=1
cache-control: no-cache
cf-ray: 81069a48ebfd0992-MIA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZRxC_QAAAED_iAN_

43 B
899 B

99ms
99ms

Image
image/gif

68.67.160.186
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZRxC_QAAAED_iAN_

Protocol

Server

68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
an-x-request-uuid: 788c50dc-71db-4c2a-81e9-963ea0bcbb36
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.72; 38.132.118.72; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-mia-kmia1760066-MIA
pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696350972.206926,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZRxC_QAAAED_iAN_
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZRxC_QAAAED_iAN_
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZRxC_QAAAED_iAN_

43 B
171 B

159ms
158ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZRxC_QAAAED_iAN_
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZRxC_QAAAED_iAN_
date: Tue, 03 Oct 2023 16:36:12 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRxC_QAAAED_iAN_

1 B
240 B

126ms
124ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRxC_QAAAED_iAN_
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 03 Oct 2023 16:36:11 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-mia-kmia1760066-MIA
pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696350972.408327,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZRxC_QAAAED_iAN_
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET

partner
sync.search.spotxchange.com/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRxC_QAAAED_iAN_&img=1

0
0

GET
H3

200

b.php
www.facebook.com/fr/ Frame B2C1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRxC_QAAAED_iAN_&t=2592000&o=0

43 B
152 B

129ms
129ms

Image
image/gif

2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRxC_QAAAED_iAN_&t=2592000&o=0

Protocol

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:36:12 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: public
x-fb-debug: tpHP6XdL7acoZaHu4mWwPssXB0oy3VC0Lr9SP2JUojQgcVrh89h1+gp6go8vwRvy7FNzJd4AtlUDz2mP20fk0g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Tue, 03 Oct 2023 09:36:12 PDT

Redirect headers

x-served-by: cache-mia-kmia1760066-MIA
pragma: no-cache
date: Tue, 03 Oct 2023 16:36:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1696350973.610641,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZRxC_QAAAED_iAN_&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

s.gif
cm.ipinyou.com/xcms/aam/ Frame B2C1
Redirect Chain

https://cm.ipinyou.com/xcmr/aam/r.gif
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=NA40_D9nyfI&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D
https://cm.ipinyou.com/xcms/aam/s.gif?tid=83393839253693602362863306772897227483

43 B
485 B

291ms
290ms

Image
image/gif

152.136.187.208
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/xcms/aam/s.gif?tid=83393839253693602362863306772897227483
Protocol: HTTP/1.1
Server: 152.136.187.208 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Oct 2023 16:36:14 GMT
Server: nginx/1.21.6
Transfer-Encoding: chunked
Content-Type: image/gif
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-2-v047-005ebda66.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0Z/IXz2DQrg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://cm.ipinyou.com/xcms/aam/s.gif?tid=83393839253693602362863306772897227483
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.rundsp.com
URL: https://match.rundsp.com/match.gif?id=83393839253693602362863306772897227483&partner=adobe

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRxC_QAAAED_iAN_&img=1

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 15:13:57	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.westinstore.com/	1970-01-20 15:22:35	Name: AWSALB Value: 5hTKv0jA3csrex7Uxjhv7pwydRn+iOVDqXab0kYxyuMKGR5VFUE/0YatXfifaMzUI4XNn9A3UDPFOjOZ/pI3AzrsCTsxZqTTi5r+fcYZmBWyolzVUg+QziC2+wki
www.westinstore.com/	1970-01-20 15:22:35	Name: AWSALBCORS Value: 5hTKv0jA3csrex7Uxjhv7pwydRn+iOVDqXab0kYxyuMKGR5VFUE/0YatXfifaMzUI4XNn9A3UDPFOjOZ/pI3AzrsCTsxZqTTi5r+fcYZmBWyolzVUg+QziC2+wki
www.westinstore.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 2lgo4g5pg04jgc1xy12x0kub
www.westinstore.com/	1969-12-31 23:59:59	Name: HBsessionID Value: d9528579-51cb-469e-ac11-0ecf8a5aa3aa
.westinstore.com/	1970-01-20 17:22:06	Name: _gcl_au Value: 1.1.1053258656.1696350968
.westinstore.com/	1970-01-21 00:48:30	Name: _ga_B8YT5MHGF2 Value: GS1.1.1696350968.1.0.1696350968.60.0.0
.westinstore.com/	1970-01-21 00:48:30	Name: _ga Value: GA1.2.237618869.1696350969
.westinstore.com/	1970-01-20 15:12:31	Name: _gat_UA-32601214-3 Value: 1
.demdex.net/	1970-01-20 19:31:42	Name: demdex Value: 83393839253693602362863306772897227483
.westinstore.com/	1969-12-31 23:59:59	Name: AMCVS_664516D751E565010A490D4C%40AdobeOrg Value: 1
.westinstore.com/	1969-12-31 23:59:59	Name: Value: GA1.2.237618869.1696350969
.westinstore.com/	1970-01-20 15:13:57	Name: _gid Value: GA1.2.1675250513.1696350970
.westinstore.com/	1970-01-20 17:22:06	Name: _fbp Value: fb.1.1696350969644.2070150112
.everesttech.net/	1970-01-20 23:58:06	Name: everest_g_v2 Value: g_surferid~ZRxC_QAAAED_iAN_
.westinstore.com/	1970-01-20 15:12:32	Name: s_tbm Value: true
.westinstore.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 19:31:42	Name: dpm Value: 83393839253693602362863306772897227483
.westinstore.com/	1970-01-21 00:48:30	Name: AMCV_664516D751E565010A490D4C%40AdobeOrg Value: -1712354808%7CMCIDTS%7C19634%7CMCMID%7C83490906098775493172871641270926781618%7CMCAAMLH-1696955769%7C9%7CMCAAMB-1696955769%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1696358169s%7CNONE%7CMCSYNCSOP%7C411-19641%7CvVersion%7C4.3.0
.adnxs.com/	1970-01-20 17:22:06	Name: uuid2 Value: 5021429799070947935
.rlcdn.com/	1970-01-20 23:58:06	Name: rlas3 Value: OGTcSCz31YTX3lUqrIDTnf8xE9aGcLNo0D6Mnw3IpnU=
.doubleclick.net/	1970-01-21 00:48:30	Name: IDE Value: AHWqTUk16pLWuaTdKk-cy4eQo4wYVy4UY2qOQNqNNKVSWIePqSJSN0ckaToIvq3FjM0
.rlcdn.com/	1970-01-20 16:38:54	Name: pxrc Value: CPqF8agGEgUI6AcQABIGCPHrARAA
.westinstore.com/	1970-01-20 15:13:57	Name: _uetsid Value: f5a73380620a11eeba7f5f15bb8d8712
.westinstore.com/	1970-01-21 00:34:06	Name: _uetvid Value: f5a85b00620a11ee8eeaa7549c5aac3e
.bat.bing.com/	1970-01-20 15:22:35	Name: MR Value: 0
.bing.com/	1970-01-21 00:34:06	Name: MUID Value: 311705CB2EFE62DB322C16542F6E63D8
.c.bing.com/	1970-01-20 15:22:35	Name: MR Value: 0
.sojern.com/	1970-01-20 23:58:06	Name: cid Value: 41de06b8-9232-08d3-5770-a0e20f30bf2d#1696291200000
.media6degrees.com/	1970-01-20 19:31:42	Name: clid Value: 2s1yosa011705v3wpu2o2000000000017o011401a01
.media6degrees.com/	1970-01-20 19:31:42	Name: acs Value: 012020k1s1yosaxzt10
.westinstore.com/	1970-01-20 15:12:32	Name: _dpm_ses.13a3 Value: *
.westinstore.com/	1970-01-20 23:58:06	Name: _dpm_id.13a3 Value: cedc7120-8d56-425f-99a1-ba078b33735e.1696350971.1.1696350971.1696350971.492a3e91-e9da-44d5-a41f-a97a06d14f50
.dotomi.com/	1969-12-31 23:59:59	Name: DotomiSession_2814 Value: 2_1696350970760$153507248409401289$1539383898$1696350970761
.dotomi.com/	1970-01-20 23:59:33	Name: DotomiSync Value: 0$19633$19633$41440-0#5010-0#16164-0#52136-0#14200-0#17100-0#67215-0#1103-0#
.dotomi.com/	1970-01-21 00:38:26	Name: DotomiUser Value: 153507248409401289$0$1539383898$$1
.sojern.com/	1970-01-20 23:58:06	Name: gid Value: CAESEGxRh8O0h4I91xsJrkepE-E
.sojern.com/	1970-01-20 17:22:06	Name: apnid Value: 5021429799070947935
.westinstore.com/	1970-01-21 00:42:17	Name: _scid Value: 6b82a0f3-bee6-4d91-9ea3-7fb1726641c3
.westinstore.com/	1970-01-21 00:42:17	Name: _scid_r Value: 6b82a0f3-bee6-4d91-9ea3-7fb1726641c3
.jivox.com/	1970-01-20 17:22:06	Name: jvxsync Value: tRDRNwHHRgOa
.adsrvr.org/	1970-01-20 23:59:33	Name: TDID Value: 0eda1bed-7326-48e1-b3f8-6caccb3e3215
.flashtalking.com/	1970-01-21 00:41:54	Name: flashtalkingad1 Value: "GUID=575426A6AD3434"
.sojern.com/	1970-01-20 15:55:42	Name: ttdid Value: 0eda1bed-7326-48e1-b3f8-6caccb3e3215
.adform.net/	1970-01-20 15:57:09	Name: C Value: 1
.contextweb.com/	1970-01-20 23:50:54	Name: V Value: xNljUnrdc3F2
.contextweb.com/	1970-01-20 23:58:06	Name: pb_rtb_ev Value: 3-1n7n\|2N.0.AQEDIF8GcuLWyAFawCNbAQEL_wE
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: baa8def5b0778b4e
.adform.net/	1970-01-20 16:38:54	Name: uid Value: 5802205606864877847
.linkedin.com/	1970-01-20 17:22:06	Name: li_sugr Value: f85fcfe3-91bf-49b7-941a-9a6f9c7b0d32
.linkedin.com/	1970-01-20 23:58:06	Name: bcookie Value: "v=2&d8ba421b-5f76-4a39-8bc2-39dce7bf8b72"
.linkedin.com/	1970-01-20 15:13:57	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2996:u=1:x=1:i=1696350971:t=1696437371:v=2:sig=AQFVgrPQHfIAYgYhvn-qFvMPv2x14bpb"
www.westinstore.com/	1970-01-20 15:13:57	Name: ln_or Value: eyIzNjA1NzIiOiJkIn0%3D
.pubmatic.com/	1970-01-20 17:22:06	Name: KRTBCOOKIE_32 Value: 11175-AQEDIF8GcuLWyAFawCNbAQEL_wE&KRTB&22713-AQEDIF8GcuLWyAFawCNbAQEL_wE&KRTB&22715-AQEDIF8GcuLWyAFawCNbAQEL_wE&KRTB&23519-AQEDIF8GcuLWyAFawCNbAQEL_wE
.pubmatic.com/	1970-01-20 15:55:42	Name: PugT Value: 1696350971
.adsrvr.org/	1970-01-20 23:59:33	Name: TDCPM Value: CAESEgoDYWFtEgsIkJPfqJyOojwQBRgFIAMoAjILCNbhl9GyjqI8EAU4AQ..
.sojern.com/	1970-01-20 23:58:06	Name: adfid Value: 5802205606864877847
.yieldoptimizer.com/	1970-01-20 23:58:06	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 23:58:06	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 23:58:06	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 23:58:06	Name: cktst Value: 15408414
www.westinstore.com/	1970-01-20 23:58:06	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Oct+03+2023+06%3A36%3A11+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=6.26.0&isIABGlobal=false&hosts=&consentId=daec8d71-3b2e-457d-bf72-260c94b3a816&interactionCount=0&landingPath=https%3A%2F%2Fwww.westinstore.com%2F&groups=1%3A1%2C3%3A1%2C4%3A1%2C6%3A1
.tvpixel.com/	1970-01-20 23:58:06	Name: sp Value: 0c77940a-85af-49e7-9e0f-923b4aa263be
.linkedin.com/	1970-01-20 15:55:42	Name: UserMatchHistory Value: AQI-rca7a0vMKAAAAYr2ZaXQJiGpfL5rbJ5n5yOTLl9EB-DJyiXof5MhSxERrw6F_ShrRuBqPPD6XQ
.linkedin.com/	1970-01-20 15:55:42	Name: AnalyticsSyncHistory Value: AQJgd0y628kjZwAAAYr2ZaXQSZtHNY9-hTrRMHiWvr3LohmkZXJRyLRC62mZTfGcIFPci39lijnCEtLRIoGZuA
.yieldoptimizer.com/	1970-01-20 23:58:06	Name: ckid Value: 2030583685179
.yieldoptimizer.com/	1970-01-20 23:58:06	Name: ph Value: %7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D
.yieldoptimizer.com/	1970-01-20 23:58:06	Name: dph Value: %7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D
.tribalfusion.com/	1970-01-20 17:22:06	Name: ANON_ID Value: aRntuJPME7eQmKvCjWxrcFGa12cjrbcPnnjDXLuObdmsn71g0Ifab5QlfkfyvvpbdmCMM7y1h4Pb4DNGGh2AHcpM
.criteo.com/	1970-01-21 00:34:06	Name: uid Value: 8654e4ec-ab81-4e57-9821-19b2235f4b76
.pinterest.com/	1970-01-20 23:58:06	Name: ar_debug Value: 1
.westinstore.com/	1970-01-20 23:58:06	Name: _pin_unauth Value: dWlkPVpESTFPVGd5WkRFdFpqSTNNUzAwTWpjd0xXSXpOREV0WVRjelpEUTROVFF5WVRNeQ
.analytics.yahoo.com/	1970-01-20 23:58:06	Name: IDSYNC Value: "173h~2e9s:19cu~2e9s"
.yahoo.com/	1970-01-20 23:58:28	Name: A3 Value: d=AQABBPtCHGUCEFjAAy5EB6gHvUHfqmlMhg0FEgEBAQGUHWUmZdxH0iMA_eMAAA&S=AQAAAo2IoHjqfLG1hefqRleJZGA
.www.linkedin.com/	1970-01-20 23:58:06	Name: bscookie Value: "v=1&20231003163611b5d6be4e-b2b2-4e7a-89d6-9262bffecaf2AQFuxLXqgy9ZyVy4yegsf0f4ZapvTJXD"
.snapchat.com/	1970-01-21 00:34:06	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQgBiDu02rKlNk+H57r1PNEAkTvQ1xbxOyrNeogo583hPwKyiucnWcX/0DjuM0fkAAAAA=
.krxd.net/	1970-01-20 19:31:42	Name: _kuid_ Value: P1UvOtIm
.ct.pinterest.com/	1970-01-20 23:58:06	Name: _pinterest_ct_ua Value: "TWc9PSZKUDVJbXg4dXY4QzErMDYzaTVRUVNOVExQc1NVRCtMYnozcGRGcUxWMmNIRHBEanFxb0JHUEp2WTBkTGZFdjBWU2lzeEFHZVBBRXhGY3F3MlVxZTNpM0t4TnMxa3NMWmx0SWxoV1crYXhqbz0maGhkcm1IemFHK2FkVWNoTmRaUFpyQ2tiZ2pRPQ=="
.mookie1.com/	1970-01-21 00:41:18	Name: id Value: 10594436656399763652
.mookie1.com/	1970-01-21 00:41:18	Name: mdata Value: 1\|10594436656399763652\|1696350971634
.mookie1.com/	1970-01-21 00:41:18	Name: ov Value: 628a4eec8a64803791e0a67f9d015786
.tapad.com/	1970-01-20 16:38:54	Name: TapAd_TS Value: 1696350971754
.tapad.com/	1970-01-20 16:38:54	Name: TapAd_DID Value: 8a30ef68-6ef9-4092-8248-2aeb28aced89
.tapad.com/	1970-01-20 16:38:54	Name: TapAd_3WAY_SYNCS Value:
.innovid.com/	1970-01-20 17:22:06	Name: uuid Value: 9832b05c-842b-4bd5-9e10-ce7f7a29daa8-20231003 12:36:11
.westinstore.com/	1970-01-21 00:42:17	Name: _sctr Value: 1%7C1696327200000
.adnxs.com/	1970-01-20 17:22:06	Name: anj Value: dTM7k!M41$CxrEQF']wIg2ImLvuDmV!A#F(.TSz-DlWtu-ldfQG1g72?NQ+qa_v=g^+/XMXq0%8V^DsMIfo)3T(`Q/SjNgns-SQkLd@<oBqtk<T-s19o9VQex7]i6pHtDF3/s1%nKU$`nLw0pgROacuWO=t/[YmN]mq:Oy21P)j.gTzX5%
.casalemedia.com/	1970-01-20 23:58:06	Name: CMID Value: ZRxC-KMo1Vx8YWy3t5dlLQAA
.casalemedia.com/	1970-01-20 17:22:06	Name: CMPS Value: 406
.casalemedia.com/	1970-01-20 17:22:06	Name: CMPRO Value: 406
.openx.net/	1970-01-20 23:58:06	Name: i Value: e5972cf5-d3c9-4b07-affb-3894db5a412a\|1696350972
.pubmatic.com/	1970-01-20 17:22:06	Name: KRTBCOOKIE_218 Value: 4056-ZRxC_QAAAED_iAN_&KRTB&22978-ZRxC_QAAAED_iAN_&KRTB&23194-ZRxC_QAAAED_iAN_&KRTB&23209-ZRxC_QAAAED_iAN_
.rubiconproject.com/	1970-01-20 23:58:06	Name: khaos Value: LNAJKJGY-26-CAXY
.rubiconproject.com/	1970-01-20 23:58:06	Name: audit Value: 1\|PU25BtL1VGT7DaISXJ35EzLrjCcRHUJIdXYaWJWgMsubz16xSA9sXW6KsvkD39wcfUDPuvVB3RaM1KxoLazIt8oW2SgbbjsrEOjxxX8e+bPPRP03ZWsbXmNTFwflmut+Uss/CGfPYtZ/6K+MJaMXAo76/Gy8ewrDCOeqF/Dn4Co=
.demdex.net/	1970-01-20 19:31:42	Name: dextp Value: 358-1-1696350969956\|477-1-1696350970064\|771-1-1696350970165\|992-1-1696350970368\|903-1-1696350970470\|1957-1-1696350970580\|3047-1-1696350970687\|13870-1-1696350970792\|19360-1-1696350970898\|22054-1-1696350971009\|22069-1-1696350971118\|28645-1-1696350971220\|30646-1-1696350971342\|30862-1-1696350971459\|80742-1-1696350971560\|96420-1-1696350971662\|66757-1-1696350971764\|144230-1-1696350971867\|144231-1-1696350971969\|144232-1-1696350972071\|144233-1-1696350972174\|144234-1-1696350972275\|144235-1-1696350972376\|144236-1-1696350972478\|144237-1-1696350972579\|134084-1-1696350972680
.ipinyou.com/	1970-01-21 00:38:26	Name: PYID Value: NA40_D9nyfI

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://match.rundsp.com/match.gif?id=83393839253693602362863306772897227483&partner=adobe Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZRxC_QAAAED_iAN_&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

514006899.collect.igodigital.com
a.tribalfusion.com
ad.doubleclick.net
adobe-sync.dotomi.com
adservice.google.com
ag.innovid.com
ajax.googleapis.com
analytics.google.com
assets.adobedtm.com
bat.bing.com
beacon.krxd.net
beacon.sojern.com
bh.contextweb.com
c.bing.com
c.tvpixel.com
c1.adform.net
cache.marriott.com
cdn.linkedin.oribi.io
cm.everesttech.net
cm.g.doubleclick.net
cm.ipinyou.com
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
dsum-sec.casalemedia.com
fcmatch.google.com
fcmatch.youtube.com
freeheavenlybed.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
login-ds.dotomi.com
login.dotomi.com
marriottinternationa.demdex.net
match.adsrvr.org
match.rundsp.com
match.sync.ad.cpe.dotomi.com
odr.mookie1.com
p.tvpixel.com
partners.tremorhub.com
pixel.rubiconproject.com
pixel.sojern.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.jivox.com
s.pinimg.com
s.tribalfusion.com
s.yimg.com
sc-static.net
secure.adnxs.com
servedby.flashtalking.com
simage2.pubmatic.com
smetrics.marriott.com
snap.licdn.com
sp.analytics.yahoo.com
static.sojern.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
tr.snapchat.com
ups.analytics.yahoo.com
us-east.ads.audio.thisisdax.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.westinstore.com
yahoo-match.dotomi.com
match.rundsp.com
sync.search.spotxchange.com
100.24.189.89
104.126.112.117
104.18.26.193
104.77.220.247
107.178.244.119
13.107.42.14
142.250.65.162
142.250.65.198
142.250.72.98
151.101.194.49
152.136.187.208
162.248.18.37
174.129.211.22
18.173.132.247
18.173.140.104
18.213.153.175
184.29.161.102
185.167.164.43
198.148.27.131
2001:4860:4802:34::181
2001:4998:14:800::1001
216.34.207.41
2600:1400:9000:19e::1e80
2600:1400:9000::687e:74c0
2600:1f16:b8a:8e02:f974:5106:aab1:ba10
2600:1f18:612b:4232:2423:bda:ecda:97c4
2600:9000:211c:da00:2:53b2:240:93a1
2600:9000:21dd:3800:1d:bf0a:0:93a1
2600:9000:2510:e00:1c:42e6:6b80:93a1
2606:4700:4400::6812:2089
2606:4700:4400::6812:2412
2606:4700::6812:19ad
2606:ae80:1451:13::2360
2606:ae80:1471:19::1140
2607:f8b0:4004:c08::9b
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81e::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:824::2002
2620:100:a001::c
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:79::84
3.218.191.219
3.222.111.229
3.225.218.10
34.111.113.62
34.196.184.138
34.199.166.235
35.190.43.134
35.190.52.204
35.190.60.146
35.190.90.30
35.244.159.8
35.244.188.9
35.81.33.81
52.223.40.198
54.190.231.22
63.140.36.112
68.67.160.186
76.13.32.146
8.43.72.97
96.45.82.169
034f221493fdbe5c9bc66a4c21b6b2690dae8b7be7acdcdd312ee04d67157891
04ddbe4a575f6691a79b76e1cfc742f223027895fc948e03ea68f208b5ffaf7f
0506f3db7e5c239d83ccf3017ba9b3e9c5c46386dbf8bf69758aa0053024719e
065a8d41bd0860b56c50e5e03594b50c6b31cb023236cf6b2e700fd20781628d
0703ac1045338ac277afc33cd6ac4bc8c1c59a43e43b0ef05518fc39defb80e4
07a8f14e8438b13c5a14d5385af76b029dd1d63a0c062664e6e110d55fab283f
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
08daf7d9b447083b35810607993da728edef5c5c54f0a4d1d14f97feabe217c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f0789242934f0a02e83c9bfc6b9aa421918f27d73a41e02b3c55cdfe8db31d3
0f52936827da447a19aaa0a653d7688050cc9e8a861d23834f34f53afe70223f
10a5bf80d926f2da8f87254d73a9ae73d28e9c82a24148ccc6227a3419969834
12a6a9761b8e449410af511753ac58f55e6bdf619b4c3c06bf649b6331bc9157
149d02df8ceb9537beb3b45b0391f5d398976a2487fce99b78d40154bd279127
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1ed7090a3766f597168d7920e4987a8b49080581785f6b0c4c1e773c2aee1cd0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
28751f082a89cbf613dd65a6f3d4d3a130ea2a621f7bf84e60d1089514acf931
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2cac89100642acb92e8c705a639a012b32de7eb32db954a31890da8a091610c3
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3beb2c5a31a69ee56087fe91855891ef6de31c5d3450827d799f14c6624f4294
3ea15f32a4853ce4f19ba7a060810fee8e2eaa1a373af09933cc16739c796035
4086654c22ecd1ff194204f2aed8803c257869272696ddd0e11680632e6a8fc2
453bcb82842a196ad284ceeb8b0654bba8bd341fc048492b21ceb2043f6ac58a
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
49e8c6ccae8ff943924893e41ef6018a0bddfa7ad4e0fff0754717cb84203294
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dcd1d233a303979fd4c798f25607a9edf46a0b843f833183c016cfaca020cd3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
4faca1b69c7113f7a1dfe1eedc26a554a926543976e11954b33ceeba73f65a04
50c4b9037e38e297e6a3a9570270e5d6812b19fd8664ddde0476f62584557db3
51b1e876eeb96f80cc3be50a1450b661e722852ab786d464332dde7fa4d90c71
522b965494eb0d686229a315fa437aa0914f96aac22da38d6a9a7431a99da507
53e13cd03ab4a8400f55879f83bbd7096657dbc69cc9939510567ed9c5f4f8d5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55125619d629b1cbb69d77d94a56b9ca459d658ac089085bd37ea23e135a9470
55bfc33f06723d1d61fc9badecb2651b231d04a8256e831f44e3b70e403f6b3b
564fd76dfaa679712bdf2ab47cd3146a052cb85b2daa12ad71e08d7b23bf845f
5b71b771ccfb9a9e2e992b98bf541630263d5324f94b9261731601224454b468
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6092573f099c4a9db3728ab57fcf7be5e76f54e4cf89dd6d0f2cfa207c4a3927
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
61f3aaad8175f868109ff0023aa50deaba5d994d61940cac15ba7ac980189d80
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6abcad2d84ac87a648b36a0ea980d43faa246abe46df0d6fd7adc48739c45ef2
6adcfe3a682eb4ea7e652e6b0af5b8663c8c91b26b04da86690e266cd90a03b1
6c858a27f88b430e737e3c572e73642e303add402f7777b59584110ac22e634d
71bc3b889b6e2ea1b45826f4ecb9e17214599bd2565918d4648b1ed42dc3c074
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
71ff5dfc82040edc74e72185e472f8645a51295586f2e9d1a43e1cd073ae4a62
7316c1dfbc9f061b2280befce5285d9576624d84376031f96583df11d82ea916
73487721adbe8773c19ff723cfe635f9f777a892197981ce6ce1c678f14c5a26
754617cc2ec9d7af5f5dd2a5bf7f0b7e1b234cef7585a0b922ea6f8d36f47562
761aa93e19f8db81b90276c0c8645392bb7466d7afc2bf5c42cbf89abcb8f654
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
7af2f85ba5ddbd3cee00d6603f238f5df9ac31361efdf421ebdc38ea8e028431
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c471add5c59aa852e2bf3b1a3d8e754f7a5eb6e09e7bff8cbbbff20892e691f
7db69aaa7c3a169e4589669c1dc31cf51a328097abe4ff37cffd63027c0a46d5
7dbb99afa2ca46884692f7772146d6f3f7c4f1ba928babc0f490f3e7ba62114e
8163556863397a8446d7fb165bbf309f7c14598f5f3eb159828ac2965e21859b
81d3624342a46faebb6ffc8c3901223325d087e7a24923f60c842ac2499b335c
8275ab81eeadc2b99491f909929f0cf715924617842bc7426ec85de0328577b7
878b57236146067b4ca9d7aa4dc562a7c759ef9b7cac3abded22ae48306ffc1d
88051bbb4e4ad7ff1cd669c404a99bcc48f5fbe136097e893b8406232c2dc88f
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
89978a964ff095a65c50e3a932d2ca0f07b7a2c41843d3279b61b27abb937b80
8c3ba94146560c35176b157a88669c6f26aaa68935ad09855f879ffa1c0dd042
8ed558cf86c3a044fbf838d330de798de42c7128621b9c2b95d80dbefe6be0eb
8fa875d12c4ef71eb04d8573f2177489045a0152b29470105738f937700ab719
9143d8ef78bb93d3503d0e927345d57a65ca85bd57d0f8de7cd296b2c2fce3fe
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
937a406198e4940c95d59ccbc8a26bda68fe9a29836b02a95224b8076d113f4e
96122b9e8cf4e7c5e537c4e1e667027d5e7ec9593a7e6b974b883f72d4d70cf0
972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432
993eba760ffd1fced5db5d31c08134a1955c3509c303c2dbeffec301c01b9409
9a54157564353d14c9b67a3dfbea7bfae2f60694e73272f9c044f07d24355cec
9ffddcc9b61f2d8babbb180b867204f5b72aafaceb39bd68f9d8bc10ccd08deb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0f049a10e87fe8b6eca9e9c4e034a63a56301e1b45386d9930d77187203ef01
a1b0077c53cd0821dc5d32cc62ad0150299483683fadacd29c44e4ed4b311755
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a9a8449ddc3206cccf422950e69332206cb82b1f9fd04c3539ffec0d6e91c662
ab8c0d8db2086d665fbe9fd404c0dadf0c82227c58ccec1a7100b5455e15aaf9
abdf9d14b96d496821dd573995b40e19f3dc95c1cc339ce0c7d4d297d426d632
acc539d92c252fa744c66814038c8d3c1482e0092092e46024404c5927262d3b
ad3de033d35a25fc5f9f10dba697a0faf904351287af3f62f3beb525cb8ae83b
adc3b0d9080e23f699b945e50b8420a261d0a434ea0b2599da079f71f1d4b600
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef882e79e84cca28ec0c33ca648484fb354f285da375fffbed11716b06228a0
b0952e1544bfe70637180690c307246eba2fc8e457d8ac707bd3de10c6fd270d
b122668aecf6b807958f34382c6ca2bd0e43c9c4c59dbcc74b0315c84f6090ea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b243c488d74271bee975d9cfbad3c2effdb4d6e620ca30e7c911408251ad0790
b6688e2070c89a4aa945950f568f93bbcb68613067245ee5139ad48e51c71a06
b8de3cff3dec93c9a12e9b437c5e2766ce21872796eb22fc7c57777ec38a7b7f
c0cef2a6c41e1465fec6e2d28c3e87746dc203f4e6c2b48568b83f2244e6aba5
c1e6a9fc44c6f605e77a0ccfec4ee151d99459f1fa47035c66b65b568a329f6c
c7a5ac7699a044df2a6cb702caf1616b7fafe5dee0dcfb9448c21b46a6373034
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d380c7d6cc1152eb2afcaae20ee7b78484b81f64d1c608486401c0d77ba0af0b
d8241ea6568f4f798f96bbff9be959534bc0f058924b40f2b4ee90aef13df0cf
d9c2b0ad1f04007644469c3d2363d498373925b9a3a6c490fbb06f4ec50c604c
da170abb4adae0d24db442bca04d39fbb8976ae3f11f7eff0fc4f57f0e875ddc
dd8dac20e092dd5ea9a989fdf4581ca717750b3984e1bba3e1be17e79bf8e75e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df822e44efc31160c2e2cff9d29435159054bcceb67fa2512c3899f02dfb7557
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ad5cff46dcc2e813eba026fff2268bcab6a740a0f7c466dcc58caa4c5d2b37
e936a316d012316cc367cf7071d88cd728807a5c176322f9cd4c99ce429414fc
e9b2070bb7592b4e287af672ba3de51262305f924943e07684a40687fe0cdfa6
ea2e0663443259e8f6bcd4791f232d4b8f000df607cbdcfae5022c7ada89d357
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b1cf53ad659354a5db298a78b00048d1138c22263bf033532b3dab4259be8f
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f897e47f14a988214044366dedc178f2b76e8134c368c0d69d8e1773b79c837f
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fad2b41a387ad2bff0c05ed1475f79529e13a17163eb6e36f8953822d96ded88
fd9fc38417ef7b71580396d408252e08c3ea64a88231caa67f384a0d85b31fc3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.westinstore.com Open in urlscan Pro 2600:9000:2510:e00:1c:42e6:6b80:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

77 %HTTPS

42 %IPv6

54 Domains

81 Subdomains

54 IPs

4 Countries

2864 kBTransfer

6477 kBSize

96 Cookies

34 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.westinstore.com Open in urlscan Pro
2600:9000:2510:e00:1c:42e6:6b80:93a1 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

77 %
HTTPS

42 %
IPv6

54
Domains

81
Subdomains

54
IPs

4
Countries

2864 kB
Transfer

6477 kB
Size

96
Cookies

207 HTTP transactions
0 data transactions