homes-and-villas.marriott.com Open in urlscan Pro
104.108.45.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email-marriott.com/T/v70000017840cf4b64b1141bf4bbc780a0/6211e9f5ba3944000000021ef3a0bcda/6211e9f5-ba39-4400-bdb8-08...
Effective URL:
https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
Submission: On March 24 via api (March 24th 2021, 1:49:31 am UTC) from US

Summary HTTP 79 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 36 domains to perform 79 HTTP transactions. The main IP is 104.108.45.72, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is homes-and-villas.marriott.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 23rd 2021. Valid for: a year.

This is the only time homes-and-villas.marriott.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.127.187.250 159.127.187.250	19137 (EPSILON-I...) (EPSILON-INTERACTIVE)
23	104.108.45.72 104.108.45.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:26f0:710... 2a02:26f0:7100:491::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 15	54.195.23.91 54.195.23.91	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:5c00:1d:cb70:f5c0:21	16509 (AMAZON-02) (AMAZON-02)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.153.194 34.250.153.194	16509 (AMAZON-02) (AMAZON-02)
5	13.226.159.100 13.226.159.100	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3b80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:64:... 2a02:26f0:64:699::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.252.166.160 34.252.166.160	16509 (AMAZON-02) (AMAZON-02)
3 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.208.50.102 54.208.50.102	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	54.228.114.223 54.228.114.223	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e	16509 (AMAZON-02) (AMAZON-02)
1 1	34.236.250.51 34.236.250.51	14618 (AMAZON-AES) (AMAZON-AES)
1 1	107.21.231.45 107.21.231.45	14618 (AMAZON-AES) (AMAZON-AES)
1	54.171.91.151 54.171.91.151	16509 (AMAZON-02) (AMAZON-02)
11 11	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
79	29

1 159.127.187.250 (United States) 1 redirects

ASN19137 (EPSILON-INTERACTIVE, US)

email-marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.108.45.72 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-45-72.deploy.static.akamaitechnologies.com

homes-and-villas.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:653 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.glassboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:7100:491::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.195.23.91 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marriottinternationa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5c00:1d:cb70:f5c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1mqz30n8nowyf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

smetrics.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.153.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-153-194.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.159.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-100.dus51.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3b80 (United States)

ASN13335 (CLOUDFLARENET, US)

marriott.btttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:699::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.166.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-166-160.eu-west-1.compute.amazonaws.com

marriottinternationa.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.50.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-50-102.compute-1.amazonaws.com

report.marriott.glassboxdigital.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.114.223 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-114-223.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

match.rundsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adobe-sync.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:f6ab:342:7837:ce6e (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.250.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-250-51.compute-1.amazonaws.com

pxl.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.231.45 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-231-45.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.91.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-91-151.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.114.49 (Frankfurt am Main, Germany) 11 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	marriott.com homes-and-villas.marriott.com smetrics.marriott.com	1019 KB
15	demdex.net 1 redirects dpm.demdex.net marriottinternationa.demdex.net	17 KB
12	everesttech.net 12 redirects cm.everesttech.net sync-tm.everesttech.net	3 KB
9	adobedtm.com assets.adobedtm.com	74 KB
5	trustarc.com consent.trustarc.com	33 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
3	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com	2 KB
3	bing.com 1 redirects bat.bing.com c.bing.com	9 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	348 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	529 B
2	criteo.com 2 redirects gum.criteo.com	769 B
2	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	936 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	778 B
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	51 KB
1	facebook.com www.facebook.com	211 B
1	pubmatic.com image2.pubmatic.com	809 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	jivox.com 1 redirects pxl.jivox.com	357 B
1	innovid.com 1 redirects ag.innovid.com	247 B
1	mookie1.com odr.mookie1.com	324 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	892 B
1	dotomi.com adobe-sync.dotomi.com	103 B
1	rundsp.com match.rundsp.com	40 B
1	flashtalking.com servedby.flashtalking.com
1	glassboxdigital.io report.marriott.glassboxdigital.io	941 B
1	omtrdc.net marriottinternationa.tt.omtrdc.net	1 KB
1	btttag.com marriott.btttag.com	23 KB
1	cloudfront.net d1mqz30n8nowyf.cloudfront.net	6 KB
1	gstatic.com fonts.gstatic.com	29 KB
1	googleapis.com fonts.googleapis.com	941 B
1	glassboxcdn.com cdn.glassboxcdn.com	93 KB
1	email-marriott.com 1 redirects email-marriott.com	207 B
79	36

	Domain	Requested by
23	homes-and-villas.marriott.com	homes-and-villas.marriott.com cdn.glassboxcdn.com
14	dpm.demdex.net	1 redirects homes-and-villas.marriott.com
11	sync-tm.everesttech.net	11 redirects
9	assets.adobedtm.com	homes-and-villas.marriott.com assets.adobedtm.com
5	consent.trustarc.com	homes-and-villas.marriott.com consent.trustarc.com
4	ib.adnxs.com	3 redirects
3	cm.g.doubleclick.net	2 redirects
3	tag.yieldoptimizer.com	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	gum.criteo.com	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	bat.bing.com	assets.adobedtm.com
2	smetrics.marriott.com	cdn.glassboxcdn.com assets.adobedtm.com
1	www.facebook.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	pxl.jivox.com	1 redirects
1	ag.innovid.com	1 redirects
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	adobe-sync.dotomi.com
1	match.rundsp.com
1	servedby.flashtalking.com
1	c.bing.com	1 redirects
1	report.marriott.glassboxdigital.io	cdn.glassboxcdn.com
1	marriottinternationa.tt.omtrdc.net	cdn.glassboxcdn.com
1	c.go-mpulse.net	cdn.glassboxcdn.com
1	marriott.btttag.com	homes-and-villas.marriott.com
1	cm.everesttech.net	1 redirects
1	marriottinternationa.demdex.net	homes-and-villas.marriott.com
1	d1mqz30n8nowyf.cloudfront.net	homes-and-villas.marriott.com
1	fonts.gstatic.com	fonts.googleapis.com
1	s.go-mpulse.net	homes-and-villas.marriott.com
1	fonts.googleapis.com	homes-and-villas.marriott.com
1	cdn.glassboxcdn.com	homes-and-villas.marriott.com
1	email-marriott.com	1 redirects
79	43

This site contains no links.

Subject Issuer	Validity	Valid
www.marriott.com Entrust Certification Authority - L1K	`2021-01-23` - `2022-02-11`	a year	crt.sh
glassboxcdn.com Cloudflare Inc ECC CA-3	`2020-06-01` - `2021-06-01`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
smetrics.marriott.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-22` - `2022-04-22`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
marriott.glassboxdigital.io Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2020-12-14` - `2022-01-15`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
*.rundsp.com Go Daddy Secure Certificate Authority - G2	`2020-03-07` - `2021-05-06`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
Frame ID: EE81F6AD00DC79F300BCD00EAFB695B7
Requests: 55 HTTP requests in this frame

Frame: https://marriottinternationa.demdex.net/dest5.html?d_nsid=0
Frame ID: 50BCC377830BD71A1FE38B36E80F46CD
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://email-marriott.com/T/v70000017840cf4b64b1141bf4bbc780a0/6211e9f5ba3944000000021ef3a0bcda/6211e9... HTTP 302
https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

79
Requests

99 %
HTTPS

36 %
IPv6

36
Domains

43
Subdomains

29
IPs

7
Countries

1362 kB
Transfer

6415 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email-marriott.com/T/v70000017840cf4b64b1141bf4bbc780a0/6211e9f5ba3944000000021ef3a0bcda/6211e9f5-ba39-4400-bdb8-08e29cdaad3b?__dU__=v0oQlZ2XmHtXjKKCycNLIk04888UAVMa5S575yBLsoKzM4fwBvfuHkRA==&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_30tcPSLyBQEcmR78dbg70euA86I9VSN32Dzd6irlJNtYh4F3irZvslMYLfQr2fqzSKbPcH7bN9Cysmxk0MB3G7R6GAnPYjbTPZQTFEDzV_nmn24XmCw5x-3i-nWPpXGWgFLmjwNbDvNd_sDVxQIQDXvvuX8m3OryEnUyBcR5X6boxck2TPVxhTKpwKA-R1IcePt2sG63kYxpaT9t1kyWhXy1s7SnQi5Ldxn2mB9yvpWrb7FDYvIY3sHKV_Y3xcdjll0yXU0WfYcmQgcJ88U_ZmMgNy9rOlNu5qxpSVpnsgB3CxC1DKAOtkctCOqbVayGgo8SXiI1qfMJ3NP-8EAqD7jBaYhAQ8io2BJnchazxAaw== HTTP 302
https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1616550532469 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1616550532469

Request Chain 33

https://cm.everesttech.net/cm/dd?d_uuid=52550970634061268983107241616957175525 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFqahQAAAH3qAw_u

Request Chain 45

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1189981434767402582

Request Chain 52

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=ot HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=541012612&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=ot

Request Chain 54

https://idsync.rlcdn.com/365868.gif?partner_uid=52550970634061268983107241616957175525 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTI1NTA5NzA2MzQwNjEyNjg5ODMxMDcyNDE2MTY5NTcxNzU1MjUQABoNCIW16oIGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2ed1cdbd5d5b2de1f718ab946f000714a62ad76a1676a2c34387ff36261c5e89b0da87c991749652

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTI1NTA5NzA2MzQwNjEyNjg5ODMxMDcyNDE2MTY5NTcxNzU1MjU= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTI1NTA5NzA2MzQwNjEyNjg5ODMxMDcyNDE2MTY5NTcxNzU1MjU=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN13qoZa_7WMhCvksK_8AtI&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 58

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=7b308751-c3ae-4e67-89d4-606ebda0e9e9

Request Chain 59

https://c.bing.com/c.gif?uid=52550970634061268983107241616957175525&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3B5227B38E0C60C2019737B78FDE61C8

Request Chain 63

https://a.tribalfusion.com/i.match?p=b13&u=52550970634061268983107241616957175525&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=52550970634061268983107241616957175525&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 64

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014704736456

Request Chain 65

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KwoQVa8ZpmPKN-hZaBSL-sAX0bK-diez&gdpr=0&gdpr_consent=

Request Chain 66

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=52550970634061268983107241616957175525&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gscXCxNE2pEHuC6DWNzYwcnNV5EApqvl4kE-~A

Request Chain 68

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=761c495b-183e-42b2-aadd-15911a64ecab

Request Chain 69

https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN HTTP 302
https://dpm.demdex.net/ibs:dpid=96420&dpuuid=ssxjiMT9eoyP&us_privacy=$%7BUS_PRIVACY%7D

Request Chain 70

https://usermatch.krxd.net/um/v2?partner=adobe&id=52550970634061268983107241616957175525 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=52550970634061268983107241616957175525

Request Chain 71

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZxYWhRQUFBSDNxQXdfdQ==

Request Chain 72

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFqahQAAAH3qAw_u&expires=90

Request Chain 73

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YFqahwAAAG4-ZSzr HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFqahwAAAG4-ZSzr&_test=YFqahwAAAG4-ZSzr HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFqahwAAAG4-ZSzr&_test=YFqahwAAAG4-ZSzr&C=1

Request Chain 74

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=YFqahwAAAHzG2VZV HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YFqahwAAAHzG2VZV&_test=YFqahwAAAHzG2VZV HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYFqahwAAAHzG2VZV%26_test%3DYFqahwAAAHzG2VZV

Request Chain 75

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YFqahwAAAKz20joG HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFqahwAAAKz20joG&_test=YFqahwAAAKz20joG HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YFqahwAAAKz20joG&_test=YFqahwAAAKz20joG

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFqahwAAAG4-ZSzr

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFqahwAAAHzG2VZV&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFqahwAAAHzG2VZV&img=1&__user_check__=1&sync_id=1804a095-8c43-11eb-8cbe-1e588e904406

Request Chain 78

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFqahwAAAKz20joG&t=2592000&o=0

Request Chain 79

https://cm.ipinyou.com/xcmr/aam/r.gif HTTP 302
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=L3O9ltAFcl2a&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=134084&dpuuid=L3O9ltAFcl2a&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request terms-of-service Show response
homes-and-villas.marriott.com/en/
Redirect Chain

https://email-marriott.com/T/v70000017840cf4b64b1141bf4bbc780a0/6211e9f5ba3944000000021ef3a0bcda/6211e9f5-ba39-4400-bdb8-08e29cdaad3b?__dU__=v0oQlZ2XmHtXjKKCycNLIk04888UAVMa5S575yBLsoKzM4fwBvfuHkRA...
https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

143 KB
42 KB

869ms
813ms

Document
text/html

104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e824b2a763eb5e46a79c525707b01408b0d9eb6a8e471b13788dd3148b6ccf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: homes-and-villas.marriott.com
:scheme: https
:path: /en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: nginx
x-request-id: 20628b2ba41bbb95f976db3458385b5d
x-hvmi-site-id: us-west-1
etag: "22615-fO1prgaCr2RxWG1vQ2vmnr2spTU"
content-encoding: gzip
x-akamai-transformed: 9 37998 0 pmb=mTOE,3mRUM,2
cache-control: max-age=604773
expires: Wed, 31 Mar 2021 01:48:25 GMT
date: Wed, 24 Mar 2021 01:48:52 GMT
content-length: 40526
vary: Accept-Encoding
set-cookie: hvmi_csrfToken=uEbxj1Le-l7vWtd9aIQSJP3gt6xZ40U9_kJM;httpOnly;path=/ hvmi_sessionID=0aeb19ca-1964-4571-93f0-b46d3bc5c0c7;path=/ mbox=PC#rQXPdsztO6Ujl9zjhKeEO49hdHvyIgJZlLYmE3kbzkNJDXyOx0.35_0#1679622532|session#rQXPdsztO6Ujl9zjhKeEO49hdHvyIgJZlLYmE3kbzkNJDXyOx0#1616552332; Domain=.marriott.com; Expires=Fri Mar 24 2023 01:48:52 GMT+0000 (Coordinated Universal Time); Path=/ origin=prodeast.homes-and-villas.akadns.net; path=/ AKA_A2=A; expires=Wed, 24-Mar-2021 02:48:52 GMT; path=/; domain=marriott.com; secure; HttpOnly ak_bmsc=5FFC7A2EF5A4A526358D2EE764A1029D48F7B2E413790000849A5A606DF2EA6A~plO/Eo5I+S28NOZAgawUyw2xa28Kr6UkZ9hMEsEevo0wgWkVDn7Vt8j1MwIQ170BOSsudJrR2AF1fBMFQ/yA+jtGY5XBlMIiiDo0ggPK2B4KqRZmffGqdaK1n6XkMeAv/nG/W1h+j4DbM3j1XyczSZeDOxNr7R+yuoVgIMreGmRGugaMFxvNAcyVRIP7UfWqKKVLdfZKyKsd+4Rl2669Y/8TlSpk1uyUXLqyfNXoJZgho=; expires=Wed, 24 Mar 2021 03:48:52 GMT; max-age=7200; path=/; domain=.marriott.com; HttpOnly bm_mi=3738D44BB27E5648D9CD9FD8DC9E4F55~t3M8jdGNOUbjeNo4T7kWbDaUwGXu84kcN6lOBwKn/1sClvlR8crcCbit7iRToTgZ4pFItFeAH805eQbM4Ef5JEd3NmcnQL956ioF20viWmGKw3wmDvGlo5Wiil6Fr2q/l/K2nuUQb8hedyy3Ct5UMgIvRLKfp0b1tBH0DjyPY2RFidSk2/wlYVbRagZN0U2+ZO/eyjIPgOcM146aZqNhKkAql595mU8SrScvrDCZSb1k8fcLT/Ye9IM4+orkfoxP; Domain=.marriott.com; Path=/; Max-Age=0; HttpOnly bm_sz=E24D99EA39FB01D2BF06DCDE3A0BDC54~YAAQ5LL3SFFdh194AQAAJZXrYQtVnqwTMGnY0k1MtYUaLDlAfTct49pRKt0S1q+xGHakPuDA8dJZcwgsneIMRGo7RSH9KGHnUb0PwQdlUdwDsLuTjpLMiKp2aCuxArYduP18sq/i6GSjPJ+8ZXL3SozNkhVTvYEivMz0ow7G1XMvWQ45Go1HXxr5v0ni4bvExf0=; Domain=.marriott.com; Path=/; Expires=Wed, 24 Mar 2021 05:48:51 GMT; Max-Age=14399; HttpOnly _abck=9BDAACFF1EAC1B324797EF391C4AEA02~-1~YAAQ5LL3SFJdh194AQAAJZXrYQWLOiixIgRMEX1GixLsVY7Pf521+UUAupmINqFyMTwNTP26ooBL+S/zDVaCd7kcvqmFHpzMtNxzzxnlWZCH1LldP691TQjmbSwRLET5AwNKQbrGsZnyidnAeNOuUSP6Cpuq+03g2xz+GjGLQLW5ts8ck5TwtJZ0ejpqKmJsTeIDAHdLQUxp8n0L0Mt22LIkBZQLdoP6OZFlPUbTzlgmj+8o6t/BuMbFhh/fyifMv8sTR7sm9vLEQxgy/NOvMO/KMDJFMOZJUOBJBzqOzwarEiVpzgKxT7+bbM5VSkEQQFwnylQUIWh+rnus1eWg+fMH+nuHdFWSENj0+GTlWSt9U5IqAFMzNpA+oAgH7A==~-1~-1~-1; Domain=.marriott.com; Path=/; Expires=Thu, 24 Mar 2022 01:48:52 GMT; Max-Age=31536000; Secure
server-timing: cdn-cache; desc=MISS edge; dur=95 origin; dur=690
link: <https://homes-and-villas.marriott.com/assets/fonts/proxima-nova-regular/proxima-nova-regular.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://homes-and-villas.marriott.com/assets/fonts/proxima-nova-bold/proxima-nova-bold.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://homes-and-villas.marriott.com/assets/fonts/proxima-nova-semibold/proxima-nova-semibold.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://cdn.glassboxcdn.com>;rel="preconnect",<https://assets.adobedtm.com>;rel="preconnect"
x-download-options: noopen
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-frame-options: deny
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload

Redirect headers

location: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
cache-control: no-cache
content-length: 0
date: Wed, 24 Mar 2021 01:48:51 GMT

GET
H2 200 proxima-nova-regular.woff2
homes-and-villas.marriott.com/assets/fonts/proxima-nova-regular/ 33 KB
34 KB 55ms
54ms Font
application/font-woff2 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/assets/fonts/proxima-nova-regular/proxima-nova-regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

467d8dc0fbdee4720b91b7003413eb6d8c662ad2e8714454bfa02333f5f381c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ofo9f_XIPcuv26YDrEslnitSWJkBP0tX
x-content-type-options: nosniff
x-amz-request-id: PHXSMG7ZP1MTDSC0
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 34212
x-amz-id-2: WEacWnluIGAQLneuDzgR4CQENjri/anFvyF/rFAz1XnEEh4IhaliwZFbjzcInzLlGWQU0hbNDWs=
last-modified: Wed, 17 Mar 2021 12:48:34 GMT
server: AmazonS3
x-frame-options: deny
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/font-woff2
x-xss-protection: 1; mode=block
cache-control: max-age=82086
etag: "c07517329a30d7a4d303f797171c7def"
accept-ranges: bytes
expires: Thu, 25 Mar 2021 00:36:58 GMT

GET
H2 200 proxima-nova-bold.woff2
homes-and-villas.marriott.com/assets/fonts/proxima-nova-bold/ 33 KB
34 KB 62ms
61ms Font
application/font-woff2 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/assets/fonts/proxima-nova-bold/proxima-nova-bold.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

95dea0c6107c6a884200e581723e5c95f27be3ae02606ebeed90f905478af665

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wcvtjoIKZc8c3mGJIGh.45izd36bcLNK
x-content-type-options: nosniff
x-amz-request-id: G063P9HZWMSJJQBR
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 34140
x-amz-id-2: Pw02n6Hdi1BdX3690hvItaZ48kqlJClb3WdzKbEA7+8zaevp4biCN7QaoPTI02JGv0gXl7auZjA=
last-modified: Wed, 17 Mar 2021 12:48:34 GMT
server: AmazonS3
x-frame-options: deny
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/font-woff2
x-xss-protection: 1; mode=block
cache-control: max-age=81930
etag: "f31edee55c2e260794bc2e4f9d91341f"
accept-ranges: bytes
expires: Thu, 25 Mar 2021 00:34:22 GMT

GET
H2 200 proxima-nova-semibold.woff2
homes-and-villas.marriott.com/assets/fonts/proxima-nova-semibold/ 33 KB
34 KB 77ms
77ms Font
application/font-woff2 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/assets/fonts/proxima-nova-semibold/proxima-nova-semibold.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

04058da714d06cbff554a477d019660f993b6bb9465d48354d56f591521f5bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iKDX5ZVRpQEpPWhgBb4AOjjrRXDPGfJZ
x-content-type-options: nosniff
x-amz-request-id: 5HFB1V89JZPAXNVJ
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 33804
x-amz-id-2: PAxsLC8jtrCv2Oh/w0l14z3GnfqHcEDbBcT8we0IQuwjIYEFTM0RY9DRwhnUlpx/EJOGh2ps6/g=
last-modified: Wed, 17 Mar 2021 12:48:34 GMT
server: AmazonS3
x-frame-options: deny
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/font-woff2
x-xss-protection: 1; mode=block
cache-control: max-age=81651
etag: "9b6f2d8ae1e4e8dec8ee1cde27e3259a"
accept-ranges: bytes
expires: Thu, 25 Mar 2021 00:29:43 GMT

GET
H2 200 detector-dom.min.js Show response
cdn.glassboxcdn.com/marriott/HVMI/ 302 KB
93 KB 25ms
24ms Script
application/javascript 2606:4700:10::6816:653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js
Requested by: Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812cd2054cf3119c9ece6b36f173145a23f90a300bff68052392c9063b6f918d

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:52 GMT
via: 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6050
x-cache: Hit from cloudfront
content-type: application/javascript
content-encoding: gzip
cf-request-id: 090384ad3c00002b959eae1000000001
last-modified: Thu, 24 Sep 2020 07:09:50 GMT
server: cloudflare
etag: W/"182126235c4e75c6be02bb4e3bc0afa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: 94DfrJqzMFVRWa8HATgMQuOmlxz00Zps
cache-control: max-age=14400
x-amz-cf-pop: FRA2-C2
cf-ray: 634c3d5b9f822b95-FRA
x-amz-cf-id: _60jaSAk6WDQhLXlRHr8s8SVc0V6AQDayWamQoegfuYE7SaSEOuLgw==

GET
H2 200 vendors-head.fbac3323d4.js Show response
homes-and-villas.marriott.com/shared/ 140 KB
42 KB 0ms
0ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/vendors-head.fbac3323d4.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

84150f8451791f0630ffde5bfd1a1e585f237b073991862e6e8fd20f7004129e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wntr4fp1CsR2ko1073gGWguGm.r1QucS
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: HGRTYTXC587M9KDE
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 42276
x-amz-id-2: hPyNpvDRq+As5iUYjcK3UDXlcLeWrqtn82Hzk2iY55uP4Z3rk9AFBwxeFu9sc3K4djwOzO1G8tQ=
x-akamai-http2-push: 1
last-modified: Mon, 22 Mar 2021 06:59:26 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:51 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=9962
etag: "e43b5eca55c301a18a01f685855a4e50"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 04:34:53 GMT

GET
H2 200 launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js Show response
assets.adobedtm.com/ 173 KB
48 KB 20ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Requested by: Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f3a32b3d844913ac983be0c2d2bff884aaf974a8658d9d1a8f85b5b70f40335

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:52 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:22:52 GMT
server: AkamaiNetStorage
etag: "2d726e0012926dcee3c50aa0dd9e7d29:1615814572.482844"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 48279
expires: Wed, 24 Mar 2021 02:48:52 GMT

GET
H2 200 vendors.fbac3323d4.css
homes-and-villas.marriott.com/shared/ 19 KB
4 KB 1ms
0ms Stylesheet
text/css 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/vendors.fbac3323d4.css

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

4e091d595c8b7f093a70e712501618862919a32b9294d215f89f621b022ac889

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: O77EeM2yRV2zB5x_K3S6T4V8ZOKZgWk4
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: 4P12CTZN0XM4Q5MH
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3644
x-amz-id-2: cRNw7cTmBzI8/Rb1EHOPahPY9mh9JMeeIcp2RUwdhcpWX/Z/8D8nQBdCaJSgq5WiEryG6k1IcBY=
x-akamai-http2-push: 1
last-modified: Mon, 22 Mar 2021 07:34:39 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:51 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: max-age=12118
etag: "ff407917e0720d14e43ff8190742a8ff"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 05:10:49 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
941 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:900&display=swap

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1d98166ef5cf84a9a97fcc84f177ff8a182d46887910badcb2b5fb1a46a6f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 01:48:52 GMT
server: ESF
date: Wed, 24 Mar 2021 01:48:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Mar 2021 01:48:52 GMT

GET
H2 200 77527039 Show response
homes-and-villas.marriott.com/akam/11/ 32 KB
11 KB 44ms
41ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/akam/11/77527039

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

2281703fd729755012fdd654551eec86b6e28488805d967e9057f5c859dcd0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 10431
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 02 May 2019 20:04:45 GMT
x-frame-options: deny
etag: "d06df1a87201bbcc6187ce5ac3219b9cab90396e830172b1317b298ea43b3de2"
x-download-options: noopen
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
expires: Wed, 24 Mar 2021 01:48:52 GMT

GET
H2 200 logo-white.svg
homes-and-villas.marriott.com/assets/images/ 21 KB
6 KB 44ms
42ms Image
image/svg+xml 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://homes-and-villas.marriott.com/assets/images/logo-white.svg

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e27458b3b13aade8b003e8cd370728cb3d3fc8c14363498f4be46be85d7d9b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3M2QGJz1WKL5Qy7LB4NDdGJ7oRG_77xO
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: VES8ADSG5774DSY0
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 5973
x-amz-id-2: RKDHN3KQCIwpYdRDh3Bfa7sIfN8Wqe38NPVqW3TZhdMQC6i5r49yKza6dp23GH7zc+/sbShRDhE=
last-modified: Thu, 18 Mar 2021 05:49:32 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=49195
etag: "76a32bfe6dc6fa743880e17a9ef9dd97"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 15:28:47 GMT

GET
H2 200 back-to-top-link.svg
homes-and-villas.marriott.com/assets/images/ 2 KB
1 KB 105ms
102ms Image
image/svg+xml 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://homes-and-villas.marriott.com/assets/images/back-to-top-link.svg

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

dd48a8d1827cb58fe865837176aa5c205185bc47afc6c79a309b8cf3a7a26f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cs_Qi42UFKxAID6Z0A35DehphblgoRJS
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: WV8SZ55JC362VE8G
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=45
vary: Accept-Encoding
content-length: 940
x-amz-id-2: 4RiojA+5XX8mdFX0+XBSRwRPkHJnZDimZV6T8sOC6Wlcy5AZjqcK731yXCQqewsJPOWL8RXKRIE=
last-modified: Thu, 18 Mar 2021 14:23:24 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: image/svg+xml
x-xss-protection: 1; mode=block
cache-control: max-age=8563
etag: "d5a63fcc1c481b42038b6b9d7db3d90f"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 04:11:35 GMT

GET
H2 200 vendors.fbac3323d4.js Show response
homes-and-villas.marriott.com/shared/ 3 MB
323 KB 30ms
29ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/vendors.fbac3323d4.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

adeca133ca6434dfa6ddd90d588ae4c9e6ab8a31b9c23a1340aac1fadcbfd646

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PWHO_Aghknlz22v5LnsuVgGxqM.F808M
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: FRSG32NA6QQP7TT2
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 329536
x-amz-id-2: 0mQMRXYvyxRlV/31QsR5BE/RPmrQ5pe9ksnQ6WndzMnBew3VPLOgtx8IEJ8+jQ6qqlw57gMOWMI=
last-modified: Mon, 22 Mar 2021 07:17:15 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=11076
etag: "45fbf6fef8a5412cd5da6ed36e9ca81e"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 04:53:28 GMT

GET
H2 200 Banner.fbac3323d4.js Show response
homes-and-villas.marriott.com/shared/common/ 289 KB
65 KB 63ms
61ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/common/Banner.fbac3323d4.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

7538fdd8947b95e41aa5d4ae70a64195a1fb2bc0933783bb42379069ac1f3991

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: gMFQXNwqGdVlY9TUCL8eeuhVCcCOEZ8y
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: 2349WNGTZSDGYY7C
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 66209
x-amz-id-2: CUpqP+Jh1nYY2NE4rAy0DKln3HRxL5IjQ6rqkp47j+wbcHZMBK454bmrXhkY0EdeLnJdBJqEoxI=
last-modified: Mon, 22 Mar 2021 07:03:32 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=10306
etag: "4485257d6a6f10a08fd37cc3bb41ef40"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 04:40:38 GMT

GET
H2 200 PopUpModal.fbac3323d4.js Show response
homes-and-villas.marriott.com/shared/common/ 294 KB
66 KB 69ms
68ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/common/PopUpModal.fbac3323d4.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

d114417c5c4a73dd411f6a030a720d7d8e6c360dab4f0266d06168b2f57147b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bqX_VZFACLumrvruNMKvDtzVjMgNtsJg
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: 09AM3VY4XPN2GQMT
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 67226
x-amz-id-2: KjSCDWIQ+V/0nYOo+ZDDWKz3c76h5dWC9e3jQlxyFy7GTmLNJ0aGiFqevnekCNLxGcYtGNd2RWg=
last-modified: Mon, 22 Mar 2021 07:12:50 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=10853
etag: "af88cb56ab407a834d53313c1c38f226"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 04:49:45 GMT

GET
H2 200 Header.fbac3323d4.js Show response
homes-and-villas.marriott.com/shared/nav/ 600 KB
142 KB 77ms
75ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/nav/Header.fbac3323d4.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

5e73bec2caa1852f50ee14c37d8f027329e2769d2a57995b4452557cc0818708

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sLbgjjpSDlaEUe__LWqqWdVjjUJkEJ_t
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: PAKRDMZD919F0RP6
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 144247
x-amz-id-2: RARqeXi13nWl0adAx/+3ySRI9As9HYOqjjW7dhbo32jBCVkV6xT6oqxlNBARKpS69lRLKnDewkc=
last-modified: Mon, 22 Mar 2021 07:16:31 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=11019
etag: "47896a1340ed9b62c81d6e6dfcaaa7c7"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 04:52:31 GMT

GET
H2 200 TermsOfServices.fbac3323d4.js Show response
homes-and-villas.marriott.com/shared/content/ 232 KB
52 KB 219ms
217ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/content/TermsOfServices.fbac3323d4.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

3e7cc3b07cdbdb92229b5062fd7d7dffc4cefd848f5a5cfa6cebcb36454720d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DKVl61WGmoAx8u2vUwR1T29r00uhM3Bw
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: SPMK6F1B1NFDSXMF
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=134
content-length: 52816
x-amz-id-2: n4S8e/4uUUIaJdnclxqiflD6HpPgTFnR54v7ZjCGIXa40FPKdcAQlRaAqqvJwAX17oyjy55jd50=
last-modified: Mon, 22 Mar 2021 10:44:28 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=44926
etag: "e53165b1b767a9a50788901ff10856b8"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 14:17:38 GMT

GET
H2 200 Footer.fbac3323d4.js Show response
homes-and-villas.marriott.com/shared/nav/ 225 KB
51 KB 94ms
93ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/shared/nav/Footer.fbac3323d4.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

d421a89e7cdeb05a73653e49af3a7bb8d58a073b29c748faeac29b5058eff27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: u6AzbTLGn9x8S6dk6P7U5w7xpins_I3k
content-encoding: br
x-content-type-options: nosniff
x-amz-request-id: 0QPZ6F9RZATH5MEB
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 51429
x-amz-id-2: DLXF2tH2m4uuuy8ELZ0+pL3YCyhecD9tQ5tbdpUk4rp5WN6KpUcpEbii+Ib2eVl2h6L0xSWnPRw=
last-modified: Mon, 22 Mar 2021 07:20:18 GMT
server: Akamai Resource Optimizer
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen, noopen
x-frame-options: deny
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=11342
etag: "fbaabad8c2360d27683556e2aa16b070"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 04:57:54 GMT

GET
H2 200 5273029b1no217720bdfa1a7abac692 Show response
homes-and-villas.marriott.com/clientlibs/ 73 KB
19 KB 37ms
37ms Script
application/javascript 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/clientlibs/5273029b1no217720bdfa1a7abac692

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d7647710fb2bc7cf162729f1ab695dbdbb4d3d38a219e7bb7da6f06030bd7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 18915
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Feb 2021 22:20:44 GMT
x-frame-options: deny
etag: "77ab0fb0bef6d3471b849a9e26e339e68a4c60a0a2f5d2cf6ab40c38bc1b0875"
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
cache-control: max-age=21600
expires: Wed, 21 Apr 2021 02:13:31 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1616550532469
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1616550532469

5 KB
3 KB

35ms
35ms

XHR
application/json

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1616550532469

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f5d4c640ceb52f8e9d7406ef118c05505eb62ca1ca65c62233669b73e3efa493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0e45fdbb7.edge-irl1.demdex.com 5.80.7.20210304103356 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: Oo/UF4ZSTdQ=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://homes-and-villas.marriott.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1686
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://homes-and-villas.marriott.com
X-TID: 6jGfmWAQSsE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1616550532469
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 XVVSZ-RBZ6H-9VMMZ-582FD-UJL4A Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 20ms
7ms Script
application/javascript 2a02:26f0:7100:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/XVVSZ-RBZ6H-9VMMZ-582FD-UJL4A
Requested by: Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:52 GMT
content-encoding: br
last-modified: Thu, 04 Feb 2021 05:07:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 honeycomb-icons.woff2
homes-and-villas.marriott.com/assets/fonts/honeycomb-icons/ 54 KB
55 KB 97ms
96ms Font
application/font-woff2 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/assets/fonts/honeycomb-icons/honeycomb-icons.woff2?t2o3u

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

70a32632e9b746c6c416332a41a33d4a005d56d7128bb5c874b9539bc68d7a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pW114xWfCLF1JXEbfnBOn4CEU5nacAbH
x-content-type-options: nosniff
x-amz-request-id: 1SRE13M83JERZAT8
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 55168
x-amz-id-2: Pr7oF/M3OHEWdbWtvxNJuuaGuJu8BJgx3/dUecoXcp4KMiDULR7o0srwX5JqMBGCgG4mr/vRs1k=
last-modified: Wed, 17 Mar 2021 12:48:34 GMT
server: AmazonS3
x-frame-options: deny
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/font-woff2
x-xss-protection: 1; mode=block
cache-control: max-age=42655
etag: "3a73cc64a834166c71432db281ff14a9"
accept-ranges: bytes
expires: Wed, 24 Mar 2021 13:39:47 GMT

GET
H3-Q050 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfsunDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 28 KB
29 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKfsunDXbtM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad5ee1ffb2d2d826d72e273f32926c0e69ee706a338b6e6dfabb929545487b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:09:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:29:28 GMT
server: sffe
age: 113955
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29168
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:09:37 GMT

GET
H2 200 acta-headline-bold.woff2
homes-and-villas.marriott.com/assets/fonts/acta-headline-bold/ 24 KB
24 KB 63ms
62ms Font
application/font-woff2 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/assets/fonts/acta-headline-bold/acta-headline-bold.woff2

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

fc61952dab3e61f9b7c1d20ca54771e98a9ef2d298c266d1b744a4984d09e83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: iw6ILK_.BwDaAgI62nAHSZPBCLB4VAkn
x-content-type-options: nosniff
x-amz-request-id: GE1TFKW2R1R10SVR
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 24356
x-amz-id-2: 8iDAR8GY4p1PO/JbYv/mm+tVw4pKO4R2039O3PjUQPedWGx0o2sXm2cvwJM7vZTpIGT7AdoyHk8=
last-modified: Wed, 17 Mar 2021 12:48:34 GMT
server: AmazonS3
x-frame-options: deny
date: Wed, 24 Mar 2021 01:48:52 GMT
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/font-woff2
x-xss-protection: 1; mode=block
cache-control: max-age=81561
etag: "89da2aab639eb2a9a6536ad8f207128e"
accept-ranges: bytes
expires: Thu, 25 Mar 2021 00:28:13 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 34 KB
13 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:52 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: AkamaiNetStorage
etag: "72404253c27255247028f0ba11022cf8:1559603012"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12916
expires: Wed, 24 Mar 2021 02:48:52 GMT

GET
H2 200 outpace_marriott_combined.min.js Show response
d1mqz30n8nowyf.cloudfront.net/prod/js/ 31 KB
6 KB 29ms
6ms Script
application/javascript 2600:9000:20eb:5c00:1d:cb70:f5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mqz30n8nowyf.cloudfront.net/prod/js/outpace_marriott_combined.min.js
Requested by: Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5c00:1d:cb70:f5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c38b38210051706981fb9dba449dfeb4fa1095d6fef33ebb593e55ee3798383

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:42:43 GMT
content-encoding: gzip
last-modified: Wed, 16 Jan 2019 20:49:35 GMT
server: AmazonS3
age: 18370
etag: W/"72fa32db69f86bb2492c06892ac65b51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Z5ytBHW8XH26A5wmOTDz5lwYx12HIItbwBKZ7dWiF5SQKHrF1Wf0Tw==

POST
H2 201 5273029b1no217720bdfa1a7abac692 Show response
homes-and-villas.marriott.com/clientlibs/ 17 B
799 B 179ms
179ms XHR
application/json 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/clientlibs/5273029b1no217720bdfa1a7abac692

Requested by

Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
x-content-type-options: nosniff
access-control-allow-headers: Content-Type
x-download-options: noopen
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://homes-and-villas.marriott.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-dns-prefetch-control: off
vary: Origin
content-length: 17
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 RCd9d8795449384933af2158840c078ec2-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/ 2 KB
1 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/RCd9d8795449384933af2158840c078ec2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: df31baba5633c8ac7dde29a67401c8541a28cba3fd5d7b4f16cb119e032df4b1

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:22:53 GMT
server: AkamaiNetStorage
etag: "bcb532997937f1aea8f318193b8e9d65:1615814573.482224"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 834
expires: Wed, 24 Mar 2021 02:48:53 GMT

GET
H2 200 RC09b2ba1a55304f39b3dbc87559e75ec9-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/ 2 KB
991 B 7ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/RC09b2ba1a55304f39b3dbc87559e75ec9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a48daa09b9b31324b061069b426422b11cb68bddf35cde17d544d523775d140b

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:22:53 GMT
server: AkamaiNetStorage
etag: "bcb532997937f1aea8f318193b8e9d65:1615814573.482224"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 716
expires: Wed, 24 Mar 2021 02:48:53 GMT

GET
H2 200 RCffa3124be2f94e2db1668d847599e15b-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/ 483 B
571 B 7ms
7ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/RCffa3124be2f94e2db1668d847599e15b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c95d594609a98fd309371574d2e0be36b47325043ebe6ace28dfe6a0312604be

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:22:53 GMT
server: AkamaiNetStorage
etag: "bcb532997937f1aea8f318193b8e9d65:1615814573.482224"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 296
expires: Wed, 24 Mar 2021 02:48:53 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
marriottinternationa.demdex.net/ Frame 50BC 7 KB
3 KB 138ms
32ms Document
text/html 54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marriottinternationa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/shared/vendors-head.fbac3323d4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: marriottinternationa.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://homes-and-villas.marriott.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=52550970634061268983107241616957175525
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://homes-and-villas.marriott.com/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 10 Mar 2021 16:01:36 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=52550970634061268983107241616957175525;Path=/;Domain=.demdex.net;Expires=Mon, 20-Sep-2021 01:48:53 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: xaCPgWQIQtU=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
smetrics.marriott.com/ 48 B
518 B 124ms
30ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=664516D751E565010A490D4C%40AdobeOrg&mid=52273490166592331153132745135016229004&ts=1616550533119

Requested by

Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

d24ff83aec36dc1a8ff5536432ad97b2b3017477f3a68fb0fd86b8853a8e0ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7df884dd44-d84dj
vary: Origin
x-c: main-1434.I637bed.M0-481
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YFqahQAAAH3qAw_u
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=52550970634061268983107241616957175525
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFqahQAAAH3qAw_u

42 B
915 B

33ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFqahQAAAH3qAw_u

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-07f3058bd.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 84RaUIbhSp0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YFqahQAAAH3qAw_u
Date: Wed, 24 Mar 2021 01:48:53 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 25 KB
9 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: AkamaiNetStorage
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8640
expires: Wed, 24 Mar 2021 02:48:53 GMT

GET
H2 200 marriott-bonvoy-member-logo.png
homes-and-villas.marriott.com/assets/images/ 3 KB
3 KB 29ms
29ms Image
image/webp 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://homes-and-villas.marriott.com/assets/images/marriott-bonvoy-member-logo.png

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e8836c456487b9824995a14a6fd0c3e2e0e804811e49b66a6be4e8d7973b2a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Mar 2021 16:06:25 GMT
server: Akamai Image Manager
x-frame-options: deny
etag: "585133000d006d1dce95ae0063f846c7"
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: image/webp
cache-control: private, no-transform, max-age=2041776
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-dns-prefetch-control: off
content-length: 2684
x-xss-protection: 1; mode=block
expires: Fri, 16 Apr 2021 16:58:29 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 11 KB
5 KB 78ms
22ms Script
text/javascript 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=marriottgdpr.com&text=true&c=teconsent&js=nj&noticeType=bb

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-100.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

623b002d7e774213c3186eea78b7736bd5fccefe762ac46f388e35689fa9717a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1278
x-cache: Hit from cloudfront
cloudfront-viewer-country: NL
content-length: 4471
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
cloudfront-viewer-country-region: NH
x-amz-cf-id: RkIah7jvYutAZYZSo-4yy0KgKdNErVG_aHZfu-BjZXdke1Azv1Yhug==
expires: Wed, 24 Mar 2021 02:27:35 GMT

GET
H2 200 btt.js Show response
marriott.btttag.com/ 96 KB
23 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:3b80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marriott.btttag.com/btt.js

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3b80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f0b06331d759107914e672513633634b4b0e6522531f87fe7cf58d9320960b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17423
content-length: 23399
cf-request-id: 090384b09400004a91f8b33000000001
timing-allow-origin: *
last-modified: Tue, 23 Mar 2021 20:58:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 634c3d60ee144a91-FRA

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 68 B
340 B 41ms
29ms XHR
application/json 2a02:26f0:64:699::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=XVVSZ-RBZ6H-9VMMZ-582FD-UJL4A&d=homes-and-villas.marriott.com&t=5388502&v=1.632.0&sl=0&si=qqd90qup22-qqgadh&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=564072
Requested by: Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:64:699::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a629ed8a9e67331790bbe0b0b645ee3bd84e2057380351235d4064b8d02a0fcb

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 24 Mar 2021 01:48:53 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 68
Content-Type: application/json

GET
H2 200 json
marriottinternationa.tt.omtrdc.net/m2/marriottinternationa/mbox/ 982 B
1 KB 234ms
172ms XHR
application/json 34.252.166.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://marriottinternationa.tt.omtrdc.net/m2/marriottinternationa/mbox/json?mbox=target-global-mbox&mboxSession=rQXPdsztO6Ujl9zjhKeEO49hdHvyIgJZlLYmE3kbzkNJDXyOx0&mboxPC=rQXPdsztO6Ujl9zjhKeEO49hdHvyIgJZlLYmE3kbzkNJDXyOx0.35_0&mboxPage=228b81ae15fa49e08da7a3a9153cfc19&mboxRid=da310330ab8b47abbeedc6e7e0844f80&mboxVersion=1.7.1&mboxCount=1&mboxTime=1616554132493&mboxHost=homes-and-villas.marriott.com&mboxURL=https%3A%2F%2Fhomes-and-villas.marriott.com%2Fen%2Fterms-of-service%3Fnck%3D389299941%26ck%3D49775694%26lk%3D1000456564&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&mr_is_member=&res_cash_points_mix=&res_number_guest=&res_revenue_adr_rate_usd=&res_revenue_currency_type=&res_revenue_stay_total_usd=&res_room_nights_total=&res_stay_length=&res_trip_purpose_selected=&search_date_check_in=&search_date_check_out=&search_destination_city=&search_destination_city_state_country=&search_type=&at_property=c065373e-ce7e-fa25-5930-fd9bee15978c&mboxMCSDID=59C0BC7B2AD4F65E-22F9D4B336073D97&vst.trk=metrics.marriott.com&vst.trks=smetrics.marriott.com&mboxMCGVID=52273490166592331153132745135016229004&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.166.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-166-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
timing-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
p3p: CP="NOI DSP CURa OUR STP COM"
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-request-id: da310330ab8b47abbeedc6e7e0844f80

POST
H2 201 5273029b1no217720bdfa1a7abac692
homes-and-villas.marriott.com/clientlibs/ 17 B
781 B 181ms
181ms XHR
application/json 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/clientlibs/5273029b1no217720bdfa1a7abac692

Requested by

Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
x-content-type-options: nosniff
access-control-allow-headers: Content-Type
x-download-options: noopen
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://homes-and-villas.marriott.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-dns-prefetch-control: off
vary: Origin
content-length: 17
x-xss-protection: 1; mode=block

GET
H2 200 v1.7-1745 Show response
consent.trustarc.com/asset/notice.js/v/ 70 KB
23 KB 26ms
26ms Script
text/javascript 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-1745
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=marriottgdpr.com&text=true&c=teconsent&js=nj&noticeType=bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-100.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a33131ca8724c9a71ada74fb60745a77adb4efcb146181fd620ac1dac416ecb8

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:22:00 GMT
content-encoding: gzip
age: 1613
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Wed, 17 Mar 2021 02:08:17 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
timing-allow-origin: *
x-amz-cf-id: 9OJAbMR6kZncEwn1I4h9ZMxlqZp-BiPRKAQBJTcJDkdou6Nv3229sw==
expires: Fri, 23 Apr 2021 01:22:00 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
384 B 96ms
53ms Image
image/gif 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=marriottgdpr.com&country=nl&state=&behavior=implied&c=3e1e
Requested by: Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-100.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: MXNVMp7JKrInT-7w8QDXTA4gfux9Zbfj28BTgpbTcME53T2Nz8rEFg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 13 KB
5 KB 22ms
22ms Script
text/javascript 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=marriottgdpr.com&country=nl&js=nj2&text=true&c=teconsent&noticeType=bb

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=marriottgdpr.com&text=true&c=teconsent&js=nj&noticeType=bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-100.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

0feb1e91f13cb9415e51674ccc365bdd3ab2101dd1c5d47f7aabf6137f054787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://homes-and-villas.marriott.com
Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1278
x-cache: Hit from cloudfront
cloudfront-viewer-country: NL
content-length: 4379
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
cloudfront-viewer-country-region: NH
x-amz-cf-id: hQgtUgcOUM6xU2MyDTzAmwOFfDx2f3S2aJyEEcmID8moxXyBQqcmGQ==
expires: Wed, 24 Mar 2021 02:27:35 GMT

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
433 B 50ms
50ms Image
image/gif 13.226.159.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=marriottgdpr.com&behavior=implied&country=nl&language=en&rand=0.7211030199474169

Requested by

Host: homes-and-villas.marriott.com
URL: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-100.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: DUS51-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
x-xss-protection: 1; mode=block
x-amz-cf-id: 9YiWv4R7xSkk2ZKcYRZLIghlj1Tw2Qq1jmHPUekrKg3FZ17j35PcoA==
expires: Wed, 24 Mar 2021 01:48:52 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=1189981434767402582
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1189981434767402582

42 B
915 B

33ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=1189981434767402582

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0c9f150ff.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: nqCYjyrpRj4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Mar 2021 01:48:53 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.138:80
AN-X-Request-Uuid: a00005cb-af6c-4184-ae66-e7a7fabb9b3d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=1189981434767402582
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 201 5273029b1no217720bdfa1a7abac692
homes-and-villas.marriott.com/clientlibs/ 17 B
774 B 383ms
383ms XHR
application/json 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/clientlibs/5273029b1no217720bdfa1a7abac692

Requested by

Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
x-content-type-options: nosniff
access-control-allow-headers: Content-Type
x-download-options: noopen
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://homes-and-villas.marriott.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-dns-prefetch-control: off
vary: Origin
content-length: 17
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cls_report
report.marriott.glassboxdigital.io/glassbox/reporting/9774FE71-FB9E-08EA-71A4-C6033419AAC1/ 0
941 B 298ms
99ms XHR
text/plain 54.208.50.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.marriott.glassboxdigital.io/glassbox/reporting/9774FE71-FB9E-08EA-71A4-C6033419AAC1/cls_report?_cls_s=91e691ec-e361-461c-9b15-f3a599890c3e%3A0&_cls_v=222e5073-607a-44cb-aa10-67d0d9e7fdc9
Requested by: Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.50.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-50-102.compute-1.amazonaws.com
Software: GlassBox Cligate /
Resource Hash

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 24 Mar 2021 01:48:53 GMT
Server: GlassBox Cligate
vary: origin
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: https://homes-and-villas.marriott.com
access-control-allow-credentials: true
Connection: keep-alive
GB-Server: g5025
X-Robots-Tag: noindex
Content-Length: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: 22E73B7160DE47489658ACBC7344929D Ref B: FRAEDGE1311 Ref C: 2021-03-24T01:48:53Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET
H2 200 RC68755de56d494006a71d7d4d18fc7248-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/ 704 B
626 B 6ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/RC68755de56d494006a71d7d4d18fc7248-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7e30c81936a6722b6a3a0f5e5db47de8ea5b620e282bd14e7e5627f26628a6d4

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:22:53 GMT
server: AkamaiNetStorage
etag: "bcb532997937f1aea8f318193b8e9d65:1615814573.482224"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 351
expires: Wed, 24 Mar 2021 02:48:53 GMT

GET
H2 200 RCd647d78b3b7f4ee29f55a3f0a1483041-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/ 1 KB
833 B 6ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/RCd647d78b3b7f4ee29f55a3f0a1483041-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4d3a648983259edf486f353a8043093ad5b050e191817420903b52316546922

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:22:53 GMT
server: AkamaiNetStorage
etag: "bcb532997937f1aea8f318193b8e9d65:1615814573.482224"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 558
expires: Wed, 24 Mar 2021 02:48:53 GMT

GET
H2 200 RCe04961c7ea3749e5bbfba55e5b3d5105-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/ 1 KB
812 B 7ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d464f943435f/e4719caae84e/RCe04961c7ea3749e5bbfba55e5b3d5105-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd870f032b8fd497894b9a0ab768a71ec.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0eecb6df53784249ab2880adc6535b9aa3c3c1d2cd2ef9b2155e593979fb58f3

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:22:53 GMT
server: AkamaiNetStorage
etag: "bcb532997937f1aea8f318193b8e9d65:1615814573.482224"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://homes-and-villas.marriott.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 537
expires: Wed, 24 Mar 2021 02:48:53 GMT

GET
H2

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=ot
https://tag.yieldoptimizer.com/ps/ps?tc=541012612&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=ot

539 B
539 B

20ms
19ms

Image
text/javascript

35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=541012612&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=ot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control: no-cache
content-type: text/javascript;charset=ISO-8859-1
alt-svc: clear
content-length: 539
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=541012612&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=ot
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5140893&tm=al001&Ver=2&mid=cc661650-4846-4c66-8bb4-8ce381036a70&sid=16a354a08c4311eb964b1717437a7426&vid=16a35c108c4311eb99cbbf5206546f2e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Terms%20of%20Service%20%7C%20Homes%20%26%20Villas%20by%20Marriott%20International&p=https%3A%2F%2Fhomes-and-villas.marriott.com%2Fen%2Fterms-of-service%3Fnck%3D389299941%26ck%3D49775694%26lk%3D1000456564&r=&lt=2414&evt=pageLoad&msclkid=N&sv=1&rn=794359
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 67500C94002C4F49A95D8771E8585AB7 Ref B: FRAEDGE1311 Ref C: 2021-03-24T01:48:53Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=2ed1cdbd5d5b2de1f718ab946f000714a62ad76a1676a2c34387ff36261c5e89b0da87c991749652
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=52550970634061268983107241616957175525
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTI1NTA5NzA2MzQwNjEyNjg5ODMxMDcyNDE2MTY5NTcxNzU1MjUQABoNCIW16oIGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2ed1cdbd5d5b2de1f718ab946f000714a62ad76a1676a2c34387ff36261c5e89b0da87c991749652

42 B
915 B

33ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=2ed1cdbd5d5b2de1f718ab946f000714a62ad76a1676a2c34387ff36261c5e89b0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-08de48bc8.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: xTzHJKXXSC4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 24 Mar 2021 01:48:53 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=2ed1cdbd5d5b2de1f718ab946f000714a62ad76a1676a2c34387ff36261c5e89b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

POST
H2 200 pixel_77527039
homes-and-villas.marriott.com/akam/11/ 0
630 B 27ms
26ms XHR
text/html 104.108.45.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://homes-and-villas.marriott.com/akam/11/pixel_77527039

Requested by

Host: cdn.glassboxcdn.com
URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.108.45.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-108-45-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/en/terms-of-service?nck=389299941&ck=49775694&lk=1000456564
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 Mar 2021 01:48:53 GMT
x-content-type-options: nosniff
x-frame-options: deny
x-download-options: noopen
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: text/html
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-dns-prefetch-control: off
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 s08042308515709
smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LBQ1/ 5 KB
6 KB 63ms
62ms Script
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LBQ1/s08042308515709?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=24%2F2%2F2021%202%3A48%3A53%203%20-60&d.&nsid=0&jsonv=1&.d&sdid=59C0BC7B2AD4F65E-22F9D4B336073D97&mid=52273490166592331153132745135016229004&aamlh=6&ce=UTF-8&pageName=homes-and-villas.marriott.com%2Fen%2Fterms-of-service&g=https%3A%2F%2Fhomes-and-villas.marriott.com%2Fen%2Fterms-of-service%3Fnck%3D389299941%26ck%3D49775694%26lk%3D1000456564&cc=USD&v0=ck%3D49775694%3Bnck%3D389299941%3Blk%3D1000456564&products=%3B%3B%3B&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c5=HRS&c26=Adobe%20Launch&v41=HRS&v44=Not%20A%20Member&c71=HRS&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://homes-and-villas.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: cY6OE5T6TcE=
date: Wed, 24 Mar 2021 01:48:53 GMT
x-content-type-options: nosniff
x-c: main-1434.I637bed.M0-481
p3p: CP="This is not a P3P policy"
vary: *
content-length: 5377
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v090-02b0368d7.edge-irl1.demdex.com 5.80.7.20210304103356 13ms (+0ms)
pragma: no-cache
last-modified: Thu, 25 Mar 2021 01:48:53 GMT
server: jag
xserver: anedge-7df884dd44-grc99
etag: 3471515836868001792-4622080093181073301
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 23 Mar 2021 01:48:53 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEN13qoZa_7WMhCvksK_8AtI&google_cver=1
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTI1NTA5NzA2MzQwNjEyNjg5ODMxMDcyNDE2MTY5NTcxNzU1MjU=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTI1NTA5NzA2MzQwNjEyNjg5ODMxMDcyNDE2MTY5NTcxNzU1MjU=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN13qoZa_7WMhCvksK_8AtI&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

32ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN13qoZa_7WMhCvksK_8AtI&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-03c9bda76.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: +SrIUf/1TKQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN13qoZa_7WMhCvksK_8AtI&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=7b308751-c3ae-4e67-89d4-606ebda0e9e9
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=7b308751-c3ae-4e67-89d4-606ebda0e9e9

42 B
915 B

32ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=7b308751-c3ae-4e67-89d4-606ebda0e9e9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-07862d91d.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: n9OnSz41RVg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=7b308751-c3ae-4e67-89d4-606ebda0e9e9
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=3B5227B38E0C60C2019737B78FDE61C8
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://c.bing.com/c.gif?uid=52550970634061268983107241616957175525&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3B5227B38E0C60C2019737B78FDE61C8

42 B
915 B

32ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3B5227B38E0C60C2019737B78FDE61C8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0dce7327f.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: WRvETdVzRYE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:53 GMT
x-msedge-ref: Ref A: AB99447BD45F4ED2A65EB965ACF4A710 Ref B: FRAEDGE1311 Ref C: 2021-03-24T01:48:53Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3B5227B38E0C60C2019737B78FDE61C8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 404
Not Found /
servedby.flashtalking.com/map/ Frame 50BC 0
0 70ms
30ms Image
text/html 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D3047%26dpuuid=[%FT_GUID%]%26gdpr=0%26gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 match.gif
match.rundsp.com/ Frame 50BC 0
40 B 12ms
12ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.rundsp.com/match.gif?id=52550970634061268983107241616957175525&partner=adobe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:54 GMT
server: nginx

GET
H2 204 current
adobe-sync.dotomi.com/match/bounce/ Frame 50BC 0
103 B 11ms
11ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=52550970634061268983107241616957175525&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=52550970634061268983107241616957175525&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=52550970634061268983107241616957175525&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
929 B

32ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0142885fa.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: MBmlG4rRRd0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:54 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 982
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 634c3d68ca904e79-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090384b57a00004e79b29fd000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22069&dpuuid=3014704736456
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014704736456

42 B
915 B

33ms
33ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014704736456

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0c883069e.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: V5DlBeVPQpY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3014704736456
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=KwoQVa8ZpmPKN-hZaBSL-sAX0bK-diez&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KwoQVa8ZpmPKN-hZaBSL-sAX0bK-diez&gdpr=0&gdpr_consent=

42 B
915 B

32ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KwoQVa8ZpmPKN-hZaBSL-sAX0bK-diez&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-04a4fe428.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: l5OJKyDeQUM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=KwoQVa8ZpmPKN-hZaBSL-sAX0bK-diez&gdpr=0&gdpr_consent=
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3677
date: Wed, 24 Mar 2021 01:48:54 GMT
content-length: 227
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=52550970634061268983107241616957175525&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gscXCxNE2pEHuC6DWNzYwcnNV5EApqvl4kE-~A

42 B
915 B

32ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gscXCxNE2pEHuC6DWNzYwcnNV5EApqvl4kE-~A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-090d4298f.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: diG7XKqjTIU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 24 Mar 2021 01:48:54 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gscXCxNE2pEHuC6DWNzYwcnNV5EApqvl4kE-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 v2
odr.mookie1.com/t/ Frame 50BC 43 B
324 B 52ms
21ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=52550970634061268983107241616957175525&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:54 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=80742&dpuuid=761c495b-183e-42b2-aadd-15911a64ecab
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=761c495b-183e-42b2-aadd-15911a64ecab

42 B
915 B

32ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=761c495b-183e-42b2-aadd-15911a64ecab

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0d01dacb9.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: VwxvhxHTTkA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=761c495b-183e-42b2-aadd-15911a64ecab
date: Wed, 24 Mar 2021 01:48:54 GMT
content-length: 0
request-time: 0

GET
H/1.1

200
OK

ibs:dpid=96420&dpuuid=ssxjiMT9eoyP&us_privacy=$%7BUS_PRIVACY%7D
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN
https://dpm.demdex.net/ibs:dpid=96420&dpuuid=ssxjiMT9eoyP&us_privacy=$%7BUS_PRIVACY%7D

42 B
915 B

33ms
33ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=96420&dpuuid=ssxjiMT9eoyP&us_privacy=$%7BUS_PRIVACY%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-083cd07b1.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: gFuQwachTDU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=96420&dpuuid=ssxjiMT9eoyP&us_privacy=${US_PRIVACY}
date: Wed, 24 Mar 2021 01:48:55 GMT
server: Jetty(9.3.z-SNAPSHOT)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 50BC
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=52550970634061268983107241616957175525
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=52550970634061268983107241616957175525

0
338 B

92ms
30ms

Image
text/plain

54.171.91.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=52550970634061268983107241616957175525
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.91.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-91-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 01:48:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1616550535
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=52550970634061268983107241616957175525
date: Wed, 24 Mar 2021 01:48:55 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZxYWhRQUFBSDNxQXdfdQ==

170 B
224 B

30ms
30ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZxYWhRQUFBSDNxQXdfdQ==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616550535.260906,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUZxYWhRQUFBSDNxQXdfdQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFqahQAAAH3qAw_u&expires=90

0
239 B

22ms
21ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFqahQAAAH3qAw_u&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616550535.310718,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YFqahQAAAH3qAw_u&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YFqahwAAAG4-ZSzr
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFqahwAAAG4-ZSzr&_test=YFqahwAAAG4-ZSzr
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFqahwAAAG4-ZSzr&_test=YFqahwAAAG4-ZSzr&C=1

43 B
1003 B

28ms
28ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFqahwAAAG4-ZSzr&_test=YFqahwAAAG4-ZSzr&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Mar 2021 01:48:55 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Mar 2021 01:48:55 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Mar 2021 01:48:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YFqahwAAAG4-ZSzr&_test=YFqahwAAAG4-ZSzr&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 306
Expires: Wed, 24 Mar 2021 01:48:55 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=YFqahwAAAHzG2VZV
https://ib.adnxs.com/setuid?entity=158&code=YFqahwAAAHzG2VZV&_test=YFqahwAAAHzG2VZV
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYFqahwAAAHzG2VZV%26_test%3DYFqahwAAAHzG2VZV

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYFqahwAAAHzG2VZV%26_test%3DYFqahwAAAHzG2VZV

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Mar 2021 01:48:55 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid: 25275dcd-6c09-4207-ac2b-c26c9a48832a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Mar 2021 01:48:55 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.230:80
AN-X-Request-Uuid: 938dd40a-14f1-4856-8840-1cb5a9afb27b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYFqahwAAAHzG2VZV%26_test%3DYFqahwAAAHzG2VZV
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YFqahwAAAKz20joG
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YFqahwAAAKz20joG&_test=YFqahwAAAKz20joG
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YFqahwAAAKz20joG&_test=YFqahwAAAKz20joG

43 B
106 B

21ms
21ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YFqahwAAAKz20joG&_test=YFqahwAAAKz20joG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.204.1 /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:55 GMT
via: 1.1 google
server: OXGW/16.204.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YFqahwAAAKz20joG&_test=YFqahwAAAKz20joG
date: Wed, 24 Mar 2021 01:48:55 GMT
via: 1.1 google
server: OXGW/16.204.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFqahwAAAG4-ZSzr

1 B
809 B

87ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFqahwAAAG4-ZSzr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 24 Mar 2021 01:48:55 GMT
X-lat: lhrpug016:0:476
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616550536.713802,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFqahwAAAG4-ZSzr
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFqahwAAAHzG2VZV&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFqahwAAAHzG2VZV&img=1&__user_check__=1&sync_id=1804a095-8c43-11eb-8cbe-1e588e904406

43 B
549 B

17ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YFqahwAAAHzG2VZV&img=1&__user_check__=1&sync_id=1804a095-8c43-11eb-8cbe-1e588e904406
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 24 Mar 2021 01:48:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 137
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 24 Mar 2021 01:48:55 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YFqahwAAAHzG2VZV&img=1&__user_check__=1&sync_id=1804a095-8c43-11eb-8cbe-1e588e904406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 118
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 50BC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFqahwAAAKz20joG&t=2592000&o=0

43 B
211 B

38ms
37ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFqahwAAAKz20joG&t=2592000&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
x-fb-debug: TfMUdg6oY4oQB5aEiBqOnMqHkgKBSrDYfGHddwHg1qs/9s4gNVjgf06yGqzzDwj3NQbEM4PNJwDIV059iSzR6w==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 18:48:55 PDT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
expires: Tue, 23 Mar 2021 18:48:55 PDT

Redirect headers

pragma: no-cache
date: Wed, 24 Mar 2021 01:48:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616550536.915058,VS0,VE0
x-served-by: cache-hhn4083-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YFqahwAAAKz20joG&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET

demconf.jpg
dpm.demdex.net/ Frame 50BC
Redirect Chain

https://cm.ipinyou.com/xcmr/aam/r.gif
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=L3O9ltAFcl2a&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=134084&dpuuid=L3O9ltAFcl2a&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=134084&dpuuid=L3O9ltAFcl2a&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.demdex.net/	1970-01-19 21:21:42	Name: dextp Value: 144232-1-1616550535399

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js(Line 76) Message: [object HTMLDivElement]
console-api	log	(Line 2) Message: MVP Outpace Ram Multi-Page - START
console-api	log	(Line 33) Message: MVP Outpace Multi-Page - END
console-api	log	URL: https://d1mqz30n8nowyf.cloudfront.net/prod/js/outpace_marriott_combined.min.js(Line 1) Message: outpace js loaded!
console-api	log	URL: https://d1mqz30n8nowyf.cloudfront.net/prod/js/outpace_marriott_combined.min.js(Line 1) Message: not targeting because no placement group
console-api	log	URL: https://cdn.glassboxcdn.com/marriott/HVMI/detector-dom.min.js(Line 76) Message: [object HTMLDivElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adobe-sync.dotomi.com
ag.innovid.com
assets.adobedtm.com
bat.bing.com
beacon.krxd.net
c.bing.com
c.go-mpulse.net
cdn.glassboxcdn.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
consent.trustarc.com
d1mqz30n8nowyf.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
email-marriott.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
homes-and-villas.marriott.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
marriott.btttag.com
marriottinternationa.demdex.net
marriottinternationa.tt.omtrdc.net
match.adsrvr.org
match.rundsp.com
odr.mookie1.com
pixel.rubiconproject.com
pxl.jivox.com
report.marriott.glassboxdigital.io
s.go-mpulse.net
s.tribalfusion.com
servedby.flashtalking.com
smetrics.marriott.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
dpm.demdex.net
104.108.45.72
107.21.231.45
13.226.159.100
15.237.136.106
151.101.114.49
159.127.187.250
172.217.16.130
185.33.221.90
185.64.190.80
185.94.180.125
205.185.216.10
212.82.100.182
23.218.208.246
2600:9000:20eb:5c00:1d:cb70:f5c0:21
2606:4700:10::6816:3b80
2606:4700:10::6816:653
2606:4700::6812:c05
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:82a::200a
2a02:2638:1::13
2a02:26f0:64:699::11a6
2a02:26f0:7100:1b8::11a6
2a02:26f0:7100:491::1e80
2a02:fa8:8806:16::1370
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8101:f6ab:342:7837:ce6e
34.236.250.51
34.250.153.194
34.252.166.160
34.98.67.61
35.186.212.60
35.244.159.8
35.244.174.68
54.171.91.151
54.195.23.91
54.208.50.102
54.228.114.223
69.173.144.139
04058da714d06cbff554a477d019660f993b6bb9465d48354d56f591521f5bab
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
0eecb6df53784249ab2880adc6535b9aa3c3c1d2cd2ef9b2155e593979fb58f3
0feb1e91f13cb9415e51674ccc365bdd3ab2101dd1c5d47f7aabf6137f054787
1c38b38210051706981fb9dba449dfeb4fa1095d6fef33ebb593e55ee3798383
1d7647710fb2bc7cf162729f1ab695dbdbb4d3d38a219e7bb7da6f06030bd7b7
1f3a32b3d844913ac983be0c2d2bff884aaf974a8658d9d1a8f85b5b70f40335
2281703fd729755012fdd654551eec86b6e28488805d967e9057f5c859dcd0a8
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
3e7cc3b07cdbdb92229b5062fd7d7dffc4cefd848f5a5cfa6cebcb36454720d0
467d8dc0fbdee4720b91b7003413eb6d8c662ad2e8714454bfa02333f5f381c5
4e091d595c8b7f093a70e712501618862919a32b9294d215f89f621b022ac889
586f876503ed4dc63c6ff8567b67dfeb1c84723ef5c7cf218a8ed74ccba6e1ab
5e73bec2caa1852f50ee14c37d8f027329e2769d2a57995b4452557cc0818708
5e824b2a763eb5e46a79c525707b01408b0d9eb6a8e471b13788dd3148b6ccf4
623b002d7e774213c3186eea78b7736bd5fccefe762ac46f388e35689fa9717a
70a32632e9b746c6c416332a41a33d4a005d56d7128bb5c874b9539bc68d7a82
7538fdd8947b95e41aa5d4ae70a64195a1fb2bc0933783bb42379069ac1f3991
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e30c81936a6722b6a3a0f5e5db47de8ea5b620e282bd14e7e5627f26628a6d4
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
812cd2054cf3119c9ece6b36f173145a23f90a300bff68052392c9063b6f918d
84150f8451791f0630ffde5bfd1a1e585f237b073991862e6e8fd20f7004129e
89f0b06331d759107914e672513633634b4b0e6522531f87fe7cf58d9320960b
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95dea0c6107c6a884200e581723e5c95f27be3ae02606ebeed90f905478af665
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a33131ca8724c9a71ada74fb60745a77adb4efcb146181fd620ac1dac416ecb8
a48daa09b9b31324b061069b426422b11cb68bddf35cde17d544d523775d140b
a629ed8a9e67331790bbe0b0b645ee3bd84e2057380351235d4064b8d02a0fcb
ad5ee1ffb2d2d826d72e273f32926c0e69ee706a338b6e6dfabb929545487b6c
adeca133ca6434dfa6ddd90d588ae4c9e6ab8a31b9c23a1340aac1fadcbfd646
b493cdb3b30ea63f6a924f814dfccfcfe305dac02106f9994ce2bcb2e8ed28c4
b4d3a648983259edf486f353a8043093ad5b050e191817420903b52316546922
c95d594609a98fd309371574d2e0be36b47325043ebe6ace28dfe6a0312604be
d114417c5c4a73dd411f6a030a720d7d8e6c360dab4f0266d06168b2f57147b3
d24ff83aec36dc1a8ff5536432ad97b2b3017477f3a68fb0fd86b8853a8e0ef5
d421a89e7cdeb05a73653e49af3a7bb8d58a073b29c748faeac29b5058eff27d
dd48a8d1827cb58fe865837176aa5c205185bc47afc6c79a309b8cf3a7a26f8c
df31baba5633c8ac7dde29a67401c8541a28cba3fd5d7b4f16cb119e032df4b1
e1d98166ef5cf84a9a97fcc84f177ff8a182d46887910badcb2b5fb1a46a6f07
e27458b3b13aade8b003e8cd370728cb3d3fc8c14363498f4be46be85d7d9b79
e8836c456487b9824995a14a6fd0c3e2e0e804811e49b66a6be4e8d7973b2a02
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f5d4c640ceb52f8e9d7406ef118c05505eb62ca1ca65c62233669b73e3efa493
fc61952dab3e61f9b7c1d20ca54771e98a9ef2d298c266d1b744a4984d09e83c

homes-and-villas.marriott.com Open in urlscan Pro 104.108.45.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

99 %HTTPS

36 %IPv6

36 Domains

43 Subdomains

29 IPs

7 Countries

1362 kBTransfer

6415 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

homes-and-villas.marriott.com Open in urlscan Pro
104.108.45.72 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

99 %
HTTPS

36 %
IPv6

36
Domains

43
Subdomains

29
IPs

7
Countries

1362 kB
Transfer

6415 kB
Size

1
Cookies

79 HTTP transactions
2 data transactions