moments.marriottbonvoy.com Open in urlscan Pro
52.32.5.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email-marriott.com/T/v70000017d483182629c1c996e96c660a0/6a13ee753685485c0000021ef3a0bcd6/6a13ee75-3685-485c-9f58-3b...
Effective URL:
https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Submission: On November 22 via api (November 22nd 2021, 3:28:52 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 35 domains to perform 83 HTTP transactions. The main IP is 52.32.5.223, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is moments.marriottbonvoy.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 15th 2020. Valid for: a year.

This is the only time moments.marriottbonvoy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.127.187.250 159.127.187.250	19137 (EPSILON-I...) (EPSILON-INTERACTIVE)
31	52.32.5.223 52.32.5.223	16509 (AMAZON-02) (AMAZON-02)
2	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
5	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	54.195.238.9 54.195.238.9	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:b800:1d:cb70:f5c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.249.252.185 34.249.252.185	16509 (AMAZON-02) (AMAZON-02)
1 1	52.50.54.3 52.50.54.3	16509 (AMAZON-02) (AMAZON-02)
5	143.204.207.78 143.204.207.78	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
7	95.140.236.0 95.140.236.0	22822 (LLNW) (LLNW)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
2 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:9b42:ec:9152:470a	16509 (AMAZON-02) (AMAZON-02)
1 1	107.23.161.59 107.23.161.59	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.44.110.4 52.44.110.4	14618 (AMAZON-AES) (AMAZON-AES)
1	54.77.178.66 54.77.178.66	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
83	23

1 159.127.187.250 (United States) 1 redirects

ASN19137 (EPSILON-INTERACTIVE, US)

email-marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 52.32.5.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-32-5-223.us-west-2.compute.amazonaws.com

moments.marriottbonvoy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics-mar.lacek.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.195.238.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b800:1d:cb70:f5c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1mqz30n8nowyf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.252.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-252-185.eu-west-1.compute.amazonaws.com

marriottinternationa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.54.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-54-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.207.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-78.fra53.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.140.236.0 (United States)

ASN22822 (LLNW, US)
PTR: https-95-140-236-0.fra.llnw.net

lacek.hs.llnwd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

adobe-sync.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:9b42:ec:9152:470a (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.161.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-161-59.compute-1.amazonaws.com

pxl.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.110.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-110-4.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.178.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-178-66.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	marriottbonvoy.com moments.marriottbonvoy.com	2 MB
15	demdex.net dpm.demdex.net marriottinternationa.demdex.net	18 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
7	llnwd.net lacek.hs.llnwd.net	590 KB
5	trustarc.com consent.trustarc.com	35 KB
5	adobedtm.com assets.adobedtm.com	132 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	899 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	lacek.net analytics-mar.lacek.net	24 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	384 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	528 B
2	criteo.com 2 redirects gum.criteo.com	769 B
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com	2 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	803 B
2	facebook.net connect.facebook.net	85 KB
1	facebook.com www.facebook.com	1 KB
1	pubmatic.com image2.pubmatic.com	549 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	jivox.com 1 redirects pxl.jivox.com	358 B
1	innovid.com 1 redirects ag.innovid.com	248 B
1	mookie1.com odr.mookie1.com	324 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	885 B
1	dotomi.com adobe-sync.dotomi.com	104 B
1	flashtalking.com 1 redirects servedby.flashtalking.com	545 B
1	bing.com 1 redirects c.bing.com	539 B
1	marriott.com smetrics.marriott.com	6 KB
1	cloudfront.net d1mqz30n8nowyf.cloudfront.net	6 KB
1	email-marriott.com 1 redirects email-marriott.com	197 B
0	ipinyou.com Failed cm.ipinyou.com Failed
0	rundsp.com Failed match.rundsp.com Failed
83	35

	Domain	Requested by
28	moments.marriottbonvoy.com	moments.marriottbonvoy.com
14	dpm.demdex.net	assets.adobedtm.com moments.marriottbonvoy.com
8	sync-tm.everesttech.net	8 redirects
7	lacek.hs.llnwd.net	moments.marriottbonvoy.com
5	consent.trustarc.com	moments.marriottbonvoy.com consent.trustarc.com
5	assets.adobedtm.com	moments.marriottbonvoy.com assets.adobedtm.com
3	cm.g.doubleclick.net	2 redirects
3	ib.adnxs.com	2 redirects
3	analytics-mar.lacek.net	moments.marriottbonvoy.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	gum.criteo.com	2 redirects
2	tag.yieldoptimizer.com	2 redirects
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	connect.facebook.net	moments.marriottbonvoy.com connect.facebook.net
2	platform.twitter.com	moments.marriottbonvoy.com platform.twitter.com
1	www.facebook.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	pxl.jivox.com	1 redirects
1	ag.innovid.com	1 redirects
1	odr.mookie1.com
1	cms.analytics.yahoo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	adobe-sync.dotomi.com
1	servedby.flashtalking.com	1 redirects
1	c.bing.com	1 redirects
1	smetrics.marriott.com	assets.adobedtm.com
1	syndication.twitter.com	platform.twitter.com
1	cm.everesttech.net	1 redirects
1	marriottinternationa.demdex.net	assets.adobedtm.com
1	d1mqz30n8nowyf.cloudfront.net	moments.marriottbonvoy.com
1	email-marriott.com	1 redirects
0	cm.ipinyou.com Failed
0	match.rundsp.com Failed	moments.marriottbonvoy.com
83	40

This site contains links to these domains. Also see Links.

Domain
www.marriott.com
www.editionhotels.com
www.ritzcarlton.com
the-luxury-collection.marriott.com
st-regis.marriott.com
w-hotels.marriott.com
sheraton.marriott.com
www.marriottvacationclub.com
deltahotels.marriott.com
westin.marriott.com
le-meridien.marriott.com
renaissance-hotels.marriott.com
autograph-hotels.marriott.com
tribute-portfolio.marriott.com
design-hotels.marriott.com
courtyard.marriott.com
four-points.marriott.com
springhillsuites.marriott.com
fairfield.marriott.com
protea.marriott.com
achotels.marriott.com
aloft-hotels.marriott.com
moxy-hotels.marriott.com
homes-and-villas.marriott.com
www.residenceinn.marriott.com
towneplacesuites.marriott.com
element-hotels.marriott.com
www.facebook.com
www.instagram.com
twitter.com
www.messenger.com
www.youtube.com

Subject Issuer	Validity	Valid
moments.marriottbonvoy.com Entrust Certification Authority - L1K	`2020-12-15` - `2022-01-14`	a year	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-07-29`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-31` - `2021-11-29`	3 months	crt.sh
*.lacek.net Sectigo RSA Organization Validation Secure Server CA	`2020-03-26` - `2022-04-04`	2 years	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.hs.llnwd.net Sectigo RSA Organization Validation Secure Server CA	`2021-04-07` - `2022-05-08`	a year	crt.sh
smetrics.marriott.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-22` - `2022-04-22`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Frame ID: B2F53AD349739EAF3FDF113F6BE5B16E
Requests: 55 HTTP requests in this frame

Frame: https://marriottinternationa.demdex.net/dest5.html?d_nsid=0
Frame ID: 299C0AEA051531BF7FF30104DFF36D00
Requests: 26 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fmoments.marriottbonvoy.com
Frame ID: 6224734A8AAF31E482D7E7E43F2B8E9D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marriott Bonvoy Moments™ | Home

Page URL History Show full URLs

https://email-marriott.com/T/v70000017d483182629c1c996e96c660a0/6a13ee753685485c0000021ef3a0bcd6/6a13ee... HTTP 302
https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938 Page URL

Page Statistics

83
Requests

71 %
HTTPS

25 %
IPv6

35
Domains

40
Subdomains

23
IPs

7
Countries

2792 kB
Transfer

7549 kB
Size

49
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.marriott.com/about/privacy.mi
Title: Globalen Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.marriott.com/loyalty/createAccount/createAccountPage1.mi?segmentId=elite.nonrewards&enrollmentSourceCode=BA1S
Title: Join now

Search URL Search Domain Scan URL

URL: https://www.marriott.com/default.mi
Title: Marriott Bonvoy

Search URL Search Domain Scan URL

URL: http://www.editionhotels.com/
Title: Edition

Search URL Search Domain Scan URL

URL: http://www.ritzcarlton.com/
Title: The Ritz-Carlton

Search URL Search Domain Scan URL

URL: http://the-luxury-collection.marriott.com/
Title: The Luxury Collection

Search URL Search Domain Scan URL

URL: https://st-regis.marriott.com/
Title: St Regis

Search URL Search Domain Scan URL

URL: http://w-hotels.marriott.com/
Title: W Hotels

Search URL Search Domain Scan URL

URL: http://www.marriott.com/jw-marriott/travel.mi
Title: JW Marriott

Search URL Search Domain Scan URL

URL: http://www.marriott.com/marriott-hotels-resorts/travel.mi
Title: Marriott Hotels Resorts & Suites

Search URL Search Domain Scan URL

URL: http://sheraton.marriott.com/
Title: Sheraton

Search URL Search Domain Scan URL

URL: https://www.marriottvacationclub.com/request-information/?offer=bonus&loc=DB59*1-4AOG0R&%20cid=corp-mvc-mi-menu-deals-tl-mvc
Title: Marriott Vacation Club

Search URL Search Domain Scan URL

URL: http://deltahotels.marriott.com/
Title: Delta Hotels

Search URL Search Domain Scan URL

URL: https://westin.marriott.com/
Title: Westin

Search URL Search Domain Scan URL

URL: http://le-meridien.marriott.com/
Title: Le Meridien

Search URL Search Domain Scan URL

URL: https://renaissance-hotels.marriott.com/
Title: Renaissance Hotels

Search URL Search Domain Scan URL

URL: https://autograph-hotels.marriott.com/
Title: Autograph Collection

Search URL Search Domain Scan URL

URL: http://tribute-portfolio.marriott.com/
Title: Tribute Portfolio

Search URL Search Domain Scan URL

URL: https://design-hotels.marriott.com/
Title: Design Hotels

Search URL Search Domain Scan URL

URL: http://www.marriott.com/gaylord-hotels/travel.mi
Title: Gaylord Hotels

Search URL Search Domain Scan URL

URL: http://courtyard.marriott.com/
Title: Courtyard Hotels

Search URL Search Domain Scan URL

URL: http://four-points.marriott.com/
Title: Four Points

Search URL Search Domain Scan URL

URL: http://springhillsuites.marriott.com/
Title: Springhill Suites

Search URL Search Domain Scan URL

URL: http://fairfield.marriott.com/
Title: Fairfield Inn

Search URL Search Domain Scan URL

URL: http://protea.marriott.com/
Title: Protea

Search URL Search Domain Scan URL

URL: http://achotels.marriott.com/
Title: AC Hotels

Search URL Search Domain Scan URL

URL: http://aloft-hotels.marriott.com/
Title: Aloft

Search URL Search Domain Scan URL

URL: http://moxy-hotels.marriott.com/
Title: Moxy

Search URL Search Domain Scan URL

URL: https://homes-and-villas.marriott.com/
Title: Homes & Villas

Search URL Search Domain Scan URL

URL: http://www.residenceinn.marriott.com/
Title: Residence Inn

Search URL Search Domain Scan URL

URL: http://towneplacesuites.marriott.com/
Title: TownePlace Suites by Marriott

Search URL Search Domain Scan URL

URL: http://www.marriott.com/executive-apartments/travel.mi
Title: Marriott Executive Apartments

Search URL Search Domain Scan URL

URL: http://element-hotels.marriott.com/
Title: Element

Search URL Search Domain Scan URL

URL: https://www.facebook.com/marriottbonvoy
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/marriottbonvoy
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/MarriottBonvoy
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.messenger.com/t/marriottbonvoy
Title: Facebook Messenger

Search URL Search Domain Scan URL

URL: https://www.youtube.com/marriott
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/terms-of-use.mi
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.marriott.com/loyalty/terms/default.mi
Title: Program Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/ccpa/do-not-sell.mi
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.marriott.com/help/default.mi
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email-marriott.com/T/v70000017d483182629c1c996e96c660a0/6a13ee753685485c0000021ef3a0bcd6/6a13ee75-3685-485c-9f58-3bf7ea81d587?__dU__=v0oQlZ2XmHtXjKKCycNLIk04888UAVMa5S575yBLsoKzM4fwBvfuHkRA==&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0k4eFf_MPpUeruku_DGQVIHff4FocI2-rdsb3Ju4OrRlsUkzfaeHVNSDIxY57ae2KFejkmq_QSA1Me7pNtoTaSQB4NyewGeYyDqFYAR970BLeAzGFWttWgTsAY9yft30WXT9ny8DCXZnrRsdel4wujqMEKtTdoBR-B4DV7qkPzuEuJ5wAHkNVnXtHtv3Sw9Ck-hUcUAylJSMYqr5EyidlrlBZdzOS3W5pj1AA6G624MXmJNyxAHs2dAKvB20uOV4rgxxsas9mL6iy4dpqOnHn6lELmwtC-_8oBhwzws5dB-T8R_Ob9wMU-54Op-Az27vZ6Pm6Vhcb3ObiHrcOENIubeBMU-15vn-0= HTTP 302
https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://cm.everesttech.net/cm/dd?d_uuid=76652808498405249292616472071343695965 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZu3LgAAAKNHTwQE

Request Chain 52

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8394665442403164951

Request Chain 55

https://idsync.rlcdn.com/365868.gif?partner_uid=76652808498405249292616472071343695965 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzY2NTI4MDg0OTg0MDUyNDkyOTI2MTY0NzIwNzEzNDM2OTU5NjUQABoNCK7u7owGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2b62b3adf9f84ab4f38ef35aa3dd5082e7c4df660f810f6ae90177b95c5c0979b0da87c991749652

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzY2NTI4MDg0OTg0MDUyNDkyOTI2MTY0NzIwNzEzNDM2OTU5NjU= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzY2NTI4MDg0OTg0MDUyNDkyOTI2MTY0NzIwNzEzNDM2OTU5NjU=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJPb1-gMgVKs5bdBe6RlLaM&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 57

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=104f5918-bcc6-43ee-b2ed-7fc777511da7

Request Chain 58

https://c.bing.com/c.gif?uid=76652808498405249292616472071343695965&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=37DAAEFF277F64C20939BE0826AD6544

Request Chain 60

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50742D6421788C&gdpr=0&gdpr_consent=

Request Chain 64

https://a.tribalfusion.com/i.match?p=b13&u=76652808498405249292616472071343695965&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=76652808498405249292616472071343695965&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 65

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=99243494&t=i&p=2233 HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015333646653

Request Chain 66

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YyblC-YYFyJMFuZxdFg3Ht-EDPgJArwV&gdpr=0&gdpr_consent=

Request Chain 67

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=76652808498405249292616472071343695965&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Frs02CVE2pHNbwHZU68SCN_inllZ2WZ4wIg-~A

Request Chain 70

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=aac077fe-c67c-49af-b687-6c13a5f0f917

Request Chain 71

https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN HTTP 302
https://dpm.demdex.net/ibs:dpid=96420&dpuuid=sPvvqUO2Bua3&us_privacy=$%7BUS_PRIVACY%7D

Request Chain 72

https://usermatch.krxd.net/um/v2?partner=adobe&id=76652808498405249292616472071343695965 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76652808498405249292616472071343695965

Request Chain 73

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVp1M0xnQUFBS05IVHdRRQ==

Request Chain 74

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZu3LgAAAKNHTwQE&expires=90

Request Chain 75

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZu3LgAAAKNHTwQE HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZu3LgAAAKNHTwQE&C=1

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YZu3LgAAAKNHTwQE

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZu3LgAAAKNHTwQE HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZu3LgAAAKNHTwQE

Request Chain 78

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZu3LgAAAKNHTwQE

Request Chain 79

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZu3LgAAAKNHTwQE&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZu3LgAAAKNHTwQE&img=1&__user_check__=1&sync_id=e3dffb9c-4ba8-11ec-8864-107c10e90306

Request Chain 80

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZu3LgAAAKNHTwQE&t=2592000&o=0

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request msg Show response
moments.marriottbonvoy.com/partners/
Redirect Chain

https://email-marriott.com/T/v70000017d483182629c1c996e96c660a0/6a13ee753685485c0000021ef3a0bcd6/6a13ee75-3685-485c-9f58-3bf7ea81d587?__dU__=v0oQlZ2XmHtXjKKCycNLIk04888UAVMa5S575yBLsoKzM4fwBvfuHkRA...
https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

20 KB
10 KB

575ms
196ms

Document
text/html

52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

c9f9f802f91d1688751d66f0ca6b540b2eb1c3eb25688090beefd9a395043ea3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 22 Nov 2021 15:28:44 GMT
content-type: text/html; charset=UTF-8
content-length: 4127
server: Apache
strict-transport-security: max-age=31536000 includeSubDomains; preload
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
expect-ct: max-age=0
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

Redirect headers

location: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
cache-control: no-cache
content-length: 0
date: Mon, 22 Nov 2021 15:28:43 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 30ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 18:33:56 GMT
etag: "a709ab1b2c0d5d5e7c19895f6e1dcbfd+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=1800
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 29104
tw-cdn: FT
x-served-by: cache-bwi5178-BWI, cache-hhn11564-HHN

GET
H2 200 moments Show response
moments.marriottbonvoy.com/api/v1/ 1 MB
104 KB 539ms
537ms Script
application/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/api/v1/moments?__rt=_s&_token=AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6130aae15f052761ea8ce49016dac46e78d09d8d32b11e79145e3b81ef2f27c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 categories Show response
moments.marriottbonvoy.com/api/v1/ 11 KB
8 KB 714ms
712ms Script
application/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/api/v1/categories?__rt=_s&_token=AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

573783b135fbba2e7a6c0e1c41274ec3fd4814a83d76f10f7bc8f26cb21325cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
vary: Accept-Encoding
content-length: 2431
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 collections Show response
moments.marriottbonvoy.com/api/v1/ 5 KB
7 KB 540ms
538ms Script
application/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/api/v1/collections?__rt=_s&_token=AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e63eeb10b77a8a949bd5b3eb9310b352142ea2ec69bec155017b765a67d05c3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
vary: Accept-Encoding
content-length: 1150
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 all Show response
moments.marriottbonvoy.com/api/v1/content/ 13 KB
8 KB 541ms
539ms Script
application/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/api/v1/content/all?__rt=_s&_token=AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fc2cfd3bdb4ece2e2ca4cfbfea4db01e35c148e07b19e3f846e67b89c0000517

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
vary: Accept-Encoding
content-length: 2814
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 state Show response
moments.marriottbonvoy.com/api/v1/user/ 229 B
6 KB 713ms
711ms Script
application/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/api/v1/user/state?__rt=_s&_token=AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ed7aa8468ee1bc18bcefccaf522d12516356ac6742d0b64b5f382d3a2b98293b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
vary: Accept-Encoding
content-length: 214
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 global-header-footer.min.css
moments.marriottbonvoy.com/global/css/ 144 KB
26 KB 189ms
188ms Stylesheet
text/css 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e63c15a04c4e74fbb1866b1e1deba0ca49374f7869ffe063a2a789d866e0def7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 21687
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "23f01-5b84327b44b00-gzip"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: text/css
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 app.css
moments.marriottbonvoy.com/css/ 436 KB
66 KB 365ms
363ms Stylesheet
text/css 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/css/app.css

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2334013ed6ee61d4c3cb9ad72182066853dbea6bdaf30f07802a3cf84e5d5b34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 61814
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Tue, 16 Nov 2021 02:19:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "6cfb8-5d0de8f3cd900-gzip"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: text/css
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 launch-EN3963523be4674e5591a9c4d516697352.min.js Show response
assets.adobedtm.com/ 419 KB
109 KB 26ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fd78e0563ea4c30b77f53feb82baf48413db9a38e734a1d6fe7ae7989191f6fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 20:26:12 GMT
server: AkamaiNetStorage
etag: "999655cc673738bebad8f7d06e42cd78:1637094372.282166"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://moments.marriottbonvoy.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 110934
expires: Mon, 22 Nov 2021 16:28:45 GMT

GET
H2 200 entry-client.js Show response
moments.marriottbonvoy.com/js/ 3 MB
904 KB 537ms
535ms Script
text/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/js/entry-client.js

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

0b3481ecc6fff44a9e688cc910e6888639593167248f06d8f4067aead54c0797

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 17 Nov 2021 02:57:28 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "302e8e-5d0f333c91600-gzip"
expect-ct: max-age=0
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 header.min.js Show response
moments.marriottbonvoy.com/global/js/ 6 KB
7 KB 185ms
184ms Script
text/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/global/js/header.min.js

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ea61bdd8d5fbdc8dce42bbad5d8b1a777fd0f80782f1564f5f727f22acf2b741

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 1408
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "18ab-5b84327d2cf80-gzip"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: text/javascript
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 141ms
38ms XHR
application/json 54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1637594926067

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a59d3caee1fab4ca496a0e5b1d0fcc86d13c1e0a3302e7a76c3f6c2b7f7f864e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://moments.marriottbonvoy.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-03035d387.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: jecRElh5TxQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://moments.marriottbonvoy.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1700
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 34 KB
13 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: AkamaiNetStorage
etag: "72404253c27255247028f0ba11022cf8:1559603012"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://moments.marriottbonvoy.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12916
expires: Mon, 22 Nov 2021 16:28:46 GMT

GET
H2 200 outpace_marriott_combined.min.js Show response
d1mqz30n8nowyf.cloudfront.net/prod/js/ 31 KB
6 KB 34ms
7ms Script
application/javascript 2600:9000:2057:b800:1d:cb70:f5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1mqz30n8nowyf.cloudfront.net/prod/js/outpace_marriott_combined.min.js
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b800:1d:cb70:f5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c38b38210051706981fb9dba449dfeb4fa1095d6fef33ebb593e55ee3798383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:53:25 GMT
content-encoding: gzip
last-modified: Wed, 16 Jan 2019 20:49:35 GMT
server: AmazonS3
age: 38122
etag: W/"72fa32db69f86bb2492c06892ac65b51"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 4-MKl5rvYQK_g-IRFiUjYdPhDFrZu2uA-zt-or1ZwpOKZS3QvuivsQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e068996d9a14772bc173a4e9875bc4949d7b06e2a55ba9284761f724ad5c7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 72VXo//5n2Wg2LjdFvhouQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: pjzkZMNvPHCs3FmEzyz70aIVI+yL9InGnIL/CGrJ7Rskiy6jcJSmGXCPjAVDKwMBxynUHv8MqtngSm75LfFzlA==
x-fb-trip-id: 686109401
x-fb-content-md5: df4674510ad5fd0aa5c9c5b57bdf21d1
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 15:28:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4a90ace166c02273a82b9c26740056f7"
timing-allow-origin: *
expires: Mon, 22 Nov 2021 15:32:51 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 25 KB
9 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: AkamaiNetStorage
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://moments.marriottbonvoy.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8640
expires: Mon, 22 Nov 2021 16:28:46 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=97fc2e3746ee91a4282502c60c7d9f36

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6820080d745330cbdf5cd69fefe10e954f65474dfbcd014e42adc4a31d51fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://moments.marriottbonvoy.com/
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 14T8mjX2PlwtGPu3j3v9kw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84313
x-fb-rlafr: 0
x-fb-debug: 2RGfMNGvRSwQBaaFelqUFLHy1tIXvkNzJymPUdjA0+tbSeeoGhMsgkPVgVR0+TvQeSAscFzuNL7shoDl0lHowg==
x-fb-content-md5: 7572dbf6e71ba3287daf69479e2b53bf
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Nov 2021 15:28:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a268cc8a8bcd5f47a29676b2aea09b81"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Nov 2022 14:26:45 GMT

GET
H2 200 galleries Show response
moments.marriottbonvoy.com/api/v1/ 90 KB
34 KB 313ms
313ms XHR
application/json 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/api/v1/galleries

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/js/entry-client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

21be32f8ea793e294247d21fd0fee4074567d27f83a05114b2d3584b83c0c296

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
X-CSRF-TOKEN: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
vary: Accept-Encoding
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/json
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 trending Show response
moments.marriottbonvoy.com/api/v1/moments/ 544 B
6 KB 211ms
210ms XHR
application/json 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/api/v1/moments/trending

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/js/entry-client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

83d437e56c8c71e30127f9d8236245585346d86ec987be399deca6f03bb3f4f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
X-CSRF-TOKEN: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-csrf-token: AYSqEroNQ9gxFV7nFRdG5K8VGhxla2HekgpE3oeD
vary: Accept-Encoding
content-length: 323
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/json
expires: Thu, 19 Nov 1981 08:52:00 GMT, 0
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 brand-logo-icons.woff
moments.marriottbonvoy.com/global/fonts/brand-logo-icons/ 74 KB
79 KB 181ms
180ms Font
application/font-woff 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/global/fonts/brand-logo-icons/brand-logo-icons.woff

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

325d684c554058f0df28bfadf281f417a6dc690de33c89d9360eee65403fb7d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 75464
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "126c8-5b84327b44b00"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 proxima-nova-semibold.woff2
moments.marriottbonvoy.com/global/fonts/proxima-nova/proxima-nova-semibold/ 85 KB
90 KB 184ms
183ms Font
application/font-woff2 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/global/fonts/proxima-nova/proxima-nova-semibold/proxima-nova-semibold.woff2

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

274d28df8e4fa451e23ca788ea68f555971d5a2ae231bb57d30cb4b5b9e0fa41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 86984
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "153c8-5b84327d2cf80"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff2
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 portfolio-logo-icons.woff
moments.marriottbonvoy.com/global/fonts/portfolio-logo-icons/ 58 KB
64 KB 182ms
182ms Font
application/font-woff 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/global/fonts/portfolio-logo-icons/portfolio-logo-icons.woff

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e739f3767df54de0125c3f08a25e8900a3283c016e584a6b6879b7ea22a80071

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 59684
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "e924-5b84327d2cf80"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 proxima-nova-regular.woff2
moments.marriottbonvoy.com/global/fonts/proxima-nova/proxima-nova-regular/ 85 KB
90 KB 185ms
185ms Font
application/font-woff2 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/global/fonts/proxima-nova/proxima-nova-regular/proxima-nova-regular.woff2

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ba7d7a290780caf6a3852a7a6f3d3141c306274ef35e158b0c76c53bc6a06100

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 86624
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "15260-5b84327d2cf80"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff2
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 marriott-icons.woff
moments.marriottbonvoy.com/global/fonts/marriott-icons/ 67 KB
73 KB 186ms
186ms Font
application/font-woff 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/global/fonts/marriott-icons/marriott-icons.woff

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

53d819d1dc72e0f31444f9aee303b20b05013363de9a62abdcbc8f8c12910af4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/global/css/global-header-footer.min.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 68948
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "10d54-5b84327d2cf80"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H/1.1 200
OK dest5.html Show response
marriottinternationa.demdex.net/ Frame 299C 7 KB
3 KB 146ms
33ms Document
text/html 34.249.252.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marriottinternationa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.252.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-252-185.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 22 Nov 2021 15:28:46 GMT
DCS: dcs-prod-irl1-1-v019-0e819139a.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 10:46:54 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: R+tohdLDQpM=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZu3LgAAAKNHTwQE
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=76652808498405249292616472071343695965
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZu3LgAAAKNHTwQE

42 B
945 B

34ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZu3LgAAAKNHTwQE

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-014acb01f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7N5WP3tmR6Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZu3LgAAAKNHTwQE
Date: Mon, 22 Nov 2021 15:28:46 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 matomo.js Show response
analytics-mar.lacek.net/ 67 KB
23 KB 690ms
342ms Script
application/javascript 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-mar.lacek.net/matomo.js
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-5-223.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
last-modified: Mon, 24 Feb 2020 13:32:45 GMT
server: Apache
etag: "10d63-59f52680dc264-gzip"
balanced_to: ip-10-0-0-226
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 23358

GET
H2 200 RCe7b1b7c2c5e74b3d83447504543ed0a4-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/602b70145919/ 2 KB
1 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/602b70145919/RCe7b1b7c2c5e74b3d83447504543ed0a4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2c41f3b002e7dedc93805b9931375017f508634b7d7cda435a6843ee97f9b049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 20:26:13 GMT
server: AkamaiNetStorage
etag: "d733ffae6a3bfa4296abbb16179c83da:1637094373.123932"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://moments.marriottbonvoy.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 852
expires: Mon, 22 Nov 2021 16:28:46 GMT

GET
H2 200 widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 6224 319 KB
103 KB 7ms
7ms Document
text/html 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fmoments.marriottbonvoy.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/

Response headers

last-modified: Mon, 18 Oct 2021 18:32:00 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 22 Nov 2021 15:28:46 GMT
x-served-by: cache-bwi5153-BWI, cache-hhn11564-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105433

GET
H2 200 notice Show response
consent.trustarc.com/ 12 KB
5 KB 33ms
10ms Script
text/javascript 143.204.207.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=marriottgdpr.com&text=true&c=teconsent&js=nj&noticeType=bb

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-78.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

80c9ffa0749050ca0bdc141c44d1b1e44f68442178a5835f621a6c3e1ad99994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 885
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
content-length: 4618
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
cloudfront-viewer-country-region: HH
x-amz-cf-id: wFzva042P0WMB425xi1kSZMFXr63Aw4gGAAkYcpP04zDET8gnf4bxQ==
expires: Mon, 22 Nov 2021 16:14:01 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6224 232 B
447 B 134ms
113ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7bce3294da3a2636e6760a151daf83fd6292b059

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fmoments.marriottbonvoy.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-response-time: 107
date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 15:28:46 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c6bd44fe3b19429ece5a8ca00608d3d5ebc1b232e32ed98291f3e94d3824aae9
content-length: 166

GET
H2 200 Swiss721BT-Regular.woff2
moments.marriottbonvoy.com/fonts/swiss/Swiss_Regular/ 19 KB
24 KB 181ms
180ms Font
application/font-woff2 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/fonts/swiss/Swiss_Regular/Swiss721BT-Regular.woff2

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/css/app.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8a35e78c2edcf540215d88afd1dfb8eeb7ac247932ed558b3335d78c607ce3b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/css/app.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 19192
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:16 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "4af8-5c80ba8382300"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff2
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 Swiss721BT-Medium.woff2
moments.marriottbonvoy.com/fonts/swiss/Swiss_Medium/ 18 KB
23 KB 181ms
181ms Font
application/font-woff2 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/fonts/swiss/Swiss_Medium/Swiss721BT-Medium.woff2

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/css/app.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2926046a0fa017d9a34b6a93e6966a19f29a2b138d90227e57d77bf5dc38e924

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/css/app.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 18720
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:16 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "4920-5c80ba8382300"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff2
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 connector.png
moments.marriottbonvoy.com/images/2021/ 5 KB
10 KB 182ms
182ms Image
image/png 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moments.marriottbonvoy.com/images/2021/connector.png

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fa348462b168188744092482c0d9841ef8a1f9f07d0f5036ea7c1ede88254456

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 4817
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:16 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "12d1-5c80ba8382300"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: image/png
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 logo_mbv-moments.svg
moments.marriottbonvoy.com/images/2021/ 7 KB
8 KB 183ms
182ms Image
image/svg+xml 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moments.marriottbonvoy.com/images/2021/logo_mbv-moments.svg

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5ef827d95b62ad2c254e487fe0c1d351a28ea6236a04054ae9629d4ce9a71b6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 3030
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:16 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1d28-5c80ba8382300-gzip"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 icon_search.png
moments.marriottbonvoy.com/images/2021/ 766 B
6 KB 184ms
183ms Image
image/png 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moments.marriottbonvoy.com/images/2021/icon_search.png

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

bfc8b608495da96bcf53a7d54059678a854eb2b7c76764e92e7360ea7059309a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 766
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:16 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2fe-5c80ba8382300"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: image/png
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 icon_member.svg
moments.marriottbonvoy.com/images/2021/ 1 KB
6 KB 184ms
184ms Image
image/svg+xml 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moments.marriottbonvoy.com/images/2021/icon_member.svg

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

5c77b5948b892d768d3e971f44695a5204756c52fa574ce913c7c623df8e86ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 711
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:16 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "54f-5c80ba8382300-gzip"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 partner-logo-madison-square-garden.svg
moments.marriottbonvoy.com/images/logos/ 12 KB
9 KB 181ms
180ms Image
image/svg+xml 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moments.marriottbonvoy.com/images/logos/partner-logo-madison-square-garden.svg

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

73377e72915c063734363ab60d37d5e582d4166a02f7d35cd3d431433bc7762c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 4345
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin-when-cross-origin
last-modified: Wed, 06 Jan 2021 22:50:54 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2e94-5b84327d2cf80-gzip"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate, no-transform
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 icon-filter.png
moments.marriottbonvoy.com/images/2021/ 480 B
6 KB 180ms
178ms Image
image/png 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moments.marriottbonvoy.com/images/2021/icon-filter.png

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a91f83b304c0892cc905d253b6decb202936a8707b160d0999f7d4ed003cf24a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 480
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:16 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1e0-5c80ba8382300"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: image/png
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H/1.1 200
OK bd35da63db09b2006fed686b85c3d6d6b9d1d58f8a985e175fff04c364ab8be7.jpg
lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/ 61 KB
62 KB 91ms
20ms Image
image/jpeg 95.140.236.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/bd35da63db09b2006fed686b85c3d6d6b9d1d58f8a985e175fff04c364ab8be7.jpg
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.236.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-236-0.fra.llnw.net
Software: CloudStorage /
Resource Hash: 5e8b8e1c62316ec5a7ef3690f2a7b091aa3219881759cf1ec0772776178ff7f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:46 GMT
Last-Modified: Thu, 05 Aug 2021 00:12:02 GMT
Server: CloudStorage
Age: 199204
X-Agile-Request-Id: f799c4e1056e699b243fd1f3993d97b0, 832999cb7dabfe318a10349892b394df, 7381debee9133edaad96a5975f576686
Content-Type: image/jpeg
X-Agile-Checksum: 5e8b8e1c62316ec5a7ef3690f2a7b091aa3219881759cf1ec0772776178ff7f2
X-Permitted-Cross-Domain-Policies: all
X-Agile-Source: 69.28.134.190:1987
X-Agile-Brick-Id: 480531823
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 62527
X-LLID: 1770ed06395b77b9fdaf9810b80dec14

GET
H/1.1 200
OK abe95cda4adff8dad02df37dd25956c6d39f77aee6f303d7275d51a2d38d5ece.jpg
lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/ 75 KB
75 KB 90ms
18ms Image
image/jpeg 95.140.236.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/abe95cda4adff8dad02df37dd25956c6d39f77aee6f303d7275d51a2d38d5ece.jpg
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.236.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-236-0.fra.llnw.net
Software: CloudStorage /
Resource Hash: bebea65962ba150ac0b1929afeb2ac96a4e2235b73fabf8a35f5b51b42f5af59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:46 GMT
Last-Modified: Thu, 18 Nov 2021 19:21:03 GMT
Server: CloudStorage
Age: 1748
X-Agile-Request-Id: ded286ad998703675260fe94ab256c06, 4dea8549c31a57c3c2aa0e1917fda2d9
Content-Type: image/jpeg
X-Agile-Checksum: bebea65962ba150ac0b1929afeb2ac96a4e2235b73fabf8a35f5b51b42f5af59
X-Permitted-Cross-Domain-Policies: all
X-Agile-Source: 68.142.67.222:1987
X-Agile-Brick-Id: 480531847
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 76447
X-LLID: 16e7938e98a475325641d7075cabd1ca

GET
H/1.1 200
OK f77fac0af8ebdf3a5e788bb524b2c4bccf9c05ab6e5a1da45a3c7fe29b3612c3.jpg
lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/ 65 KB
65 KB 92ms
20ms Image
image/jpeg 95.140.236.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/f77fac0af8ebdf3a5e788bb524b2c4bccf9c05ab6e5a1da45a3c7fe29b3612c3.jpg
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.236.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-236-0.fra.llnw.net
Software: CloudStorage /
Resource Hash: f40dc208825da365062ec1775302f152e86bbb77ecf2a7406d15b6c820795a35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:46 GMT
Last-Modified: Thu, 18 Nov 2021 19:24:35 GMT
Server: CloudStorage
Age: 1748
X-Agile-Request-Id: 8fc28641c4e0e882ff278f9b494d54c4, 4e3a28641325a8811c25ccb75bb5ab0a
Content-Type: image/jpeg
X-Agile-Checksum: f40dc208825da365062ec1775302f152e86bbb77ecf2a7406d15b6c820795a35
X-Permitted-Cross-Domain-Policies: all
X-Agile-Source: 208.111.190.218:1987
X-Agile-Brick-Id: 480531843
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 66440
X-LLID: a1b84d7f6023b1488cd58a1393ad367f

GET
H/1.1 200
OK dd3c53d377d8f4e2d721c967d4a22e15ded2c1f07c2027f911a8d98a6a0aecd7.jpg
lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/ 89 KB
89 KB 94ms
20ms Image
image/jpeg 95.140.236.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/dd3c53d377d8f4e2d721c967d4a22e15ded2c1f07c2027f911a8d98a6a0aecd7.jpg
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.236.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-236-0.fra.llnw.net
Software: CloudStorage /
Resource Hash: 2dcaf30199c691e65aed57da3e8fccb63cf81d92d6d8769776eb13dbf6cb6c78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:46 GMT
Last-Modified: Wed, 17 Nov 2021 15:49:38 GMT
Server: CloudStorage
Age: 22554
X-Agile-Request-Id: a5baaa263fea8ee28dcfb6883d36fcc6, 2f6faee83fd24aa8b9a19122dabdf90f
Content-Type: image/jpeg
X-Agile-Checksum: 2dcaf30199c691e65aed57da3e8fccb63cf81d92d6d8769776eb13dbf6cb6c78
X-Permitted-Cross-Domain-Policies: all
X-Agile-Source: 68.142.67.225:1987
X-Agile-Brick-Id: 480531846
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 91083
X-LLID: 39b020ed8c8eb3e5b3feba1fd1973b1f

GET
H/1.1 200
OK 2f755de2c78962a3e6abf174c7395772ee683378e6aa095734ab116a8cddca29.jpg
lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/ 40 KB
41 KB 97ms
21ms Image
image/jpeg 95.140.236.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/2f755de2c78962a3e6abf174c7395772ee683378e6aa095734ab116a8cddca29.jpg
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.236.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-236-0.fra.llnw.net
Software: CloudStorage /
Resource Hash: ac025ac543fa538db58786395c4a7c678219a0c1b980e2b09ed18377ed16f35b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:46 GMT
Last-Modified: Sat, 11 Sep 2021 03:12:49 GMT
Server: CloudStorage
Age: 257715
X-Agile-Request-Id: b9b633fb4c998f2b55e7b4ea944d1a65, fbdc8d384e32b593040660c1a5cbf9ff, 920fde8464bc798a95b6c8db9eb0df61
Content-Type: image/jpeg
X-Agile-Checksum: ac025ac543fa538db58786395c4a7c678219a0c1b980e2b09ed18377ed16f35b
X-Permitted-Cross-Domain-Policies: all
X-Agile-Source: 208.111.190.219:1987
X-Agile-Brick-Id: 480531844
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 41038
X-LLID: 0f9cf67c79953f0eccc7d57f069e2651

GET
H/1.1 200
OK c17edd0eb0def79b0a6894ccac1fdcabe89f53b66da26a8c083f3654c0582426.jpg
lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/ 173 KB
174 KB 101ms
23ms Image
image/jpeg 95.140.236.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/c17edd0eb0def79b0a6894ccac1fdcabe89f53b66da26a8c083f3654c0582426.jpg
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.236.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-236-0.fra.llnw.net
Software: CloudStorage /
Resource Hash: 5afc6700a8e86b6e14cf986dc501c72dc0edd0cc2ad499170567d3a1c5970310

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:46 GMT
Last-Modified: Fri, 05 Nov 2021 18:52:27 GMT
Server: CloudStorage
Age: 109221
X-Agile-Request-Id: 368324b9913ae9b1171f5b77e6630ae5, 5b0a7dba9c39494e5a73cf646bdfa15c
Content-Type: image/jpeg
X-Agile-Checksum: 5afc6700a8e86b6e14cf986dc501c72dc0edd0cc2ad499170567d3a1c5970310
X-Permitted-Cross-Domain-Policies: all
X-Agile-Source: 69.28.134.160:1987
X-Agile-Brick-Id: 480531673
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 177168
X-LLID: f3e33af00e4a9c3a038c2ac243bff511

GET
H/1.1 200
OK bc3b802af21ed221513b4331ebcec09550504d3cac5568b13da9cddb65ee2284.jpg
lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/ 84 KB
84 KB 23ms
22ms Image
image/jpeg 95.140.236.0
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacek.hs.llnwd.net/e2/marriott/moments/images/event/medium/bc3b802af21ed221513b4331ebcec09550504d3cac5568b13da9cddb65ee2284.jpg
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.140.236.0 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-95-140-236-0.fra.llnw.net
Software: CloudStorage /
Resource Hash: 6dd6bd3402a4697a4fa3f1e12baf38eae3871017a3a246ad1552b74d05eb91a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:46 GMT
Last-Modified: Wed, 25 Aug 2021 20:22:58 GMT
Server: CloudStorage
Age: 257716
X-Agile-Request-Id: b48cc448613c46a227602b443f447d54, a3fec59f79bbd1071a12f152ed98ac41
Content-Type: image/jpeg
X-Agile-Checksum: 6dd6bd3402a4697a4fa3f1e12baf38eae3871017a3a246ad1552b74d05eb91a5
X-Permitted-Cross-Domain-Policies: all
X-Agile-Source: 68.142.67.21:1987
X-Agile-Brick-Id: 480531752
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 85688
X-LLID: 0bb898241f48df690b222893f0888b6d

GET
H2 200 Aldine721BT-Light.woff2
moments.marriottbonvoy.com/fonts/aldine/Aldine_Light/ 24 KB
29 KB 179ms
179ms Font
application/font-woff2 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/fonts/aldine/Aldine_Light/Aldine721BT-Light.woff2

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/css/app.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d0623677e2d909edd126f62389b93a4a59cfa9e06287efc2f8908b104b83a7c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/css/app.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 24532
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "5fd4-5c80ba8199e80"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff2
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 Aldine721BT-Light-Italic.woff2
moments.marriottbonvoy.com/fonts/aldine/Aldine_Light-Italic/ 26 KB
32 KB 182ms
182ms Font
application/font-woff2 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/fonts/aldine/Aldine_Light-Italic/Aldine721BT-Light-Italic.woff2

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/css/app.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

49ba1897ab441882e5bad3ec3709f7d3e59b0ea3859b8cd097fc91f44ae821ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/css/app.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 27064
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "69b8-5c80ba8199e80"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff2
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 Swiss721BT-Italic.woff2
moments.marriottbonvoy.com/fonts/swiss/Swiss_Italic/ 20 KB
25 KB 181ms
180ms Font
application/font-woff2 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://moments.marriottbonvoy.com/fonts/swiss/Swiss_Italic/Swiss721BT-Italic.woff2

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/css/app.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-32-5-223.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a52571e4a72ea32319a3cb3333e8d4348943062d8b681053b3d9908877216eff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/css/app.css
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
content-length: 19980
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
last-modified: Mon, 26 Jul 2021 19:21:14 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "4e0c-5c80ba8199e80"
expect-ct: max-age=0
strict-transport-security: max-age=31536000 includeSubDomains; preload
content-type: application/font-woff2
cache-control: max-age=84600, public
feature-policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'none'; fullscreen 'self'; payment 'none';
content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
accept-ranges: bytes
x-webkit-csp: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
x-content-security-policy: default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com *.apextag.com *.sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net *.truste.com *.trustarc.com localhost:* *.ampxchange.com *.admarketplace.com *.admarketplace.net *.signal.co *.facebook.com *.ensighten.com *.omtrdc.net *.demdex.net pixel.snapsmedia.io *.bing.com *.btstatic.com *.thebrighttag.com *.google-analytics.com *.googleadservices.com *.googletagmanager.com *.doubleclick.net *.serving-sys.com *.yahoo.com *.yimg.com *.yieldoptimizer.com *.youtube.com *.ytimg.com *.criteo.net *.criteo.com *.cloudfront.net *.jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: * data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: *.trustarc.com *.criteo.com static.criteo.net *.flashtalking.com *.demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* *.doubleclick.net sso.lacek.marriott.com/* *.sso.lacek.marriott.com/* *.marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com *.serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;

GET
H2 200 v1.7-940 Show response
consent.trustarc.com/asset/notice.js/v/ 75 KB
24 KB 9ms
8ms Script
text/javascript 143.204.207.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-940
Requested by: Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=marriottgdpr.com&text=true&c=teconsent&js=nj&noticeType=bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-78.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 917cd441969c201fe537f3c3c47a825d2fd9b68535a5873358b630a5c6a25f0d

Request headers

Referer: https://moments.marriottbonvoy.com/
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 14:43:18 GMT
content-encoding: gzip
age: 3103
x-cache: Hit from cloudfront
pragma: public
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 03:18:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: KSxe1FdxcA-XgoBEl9A9fraSlZ5JbIRFDYWJZkistSNVXQgB3JjhlQ==
expires: Wed, 22 Dec 2021 14:37:03 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
396 B 51ms
34ms Image
image/gif 143.204.207.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.trustarc.com/log?domain=marriottgdpr.com&country=de&state=&behavior=implied&c=59c9
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-78.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:46 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: AKq1SWX53QRaGMLjAxKSNcDpeNR3iAZ20fRe9uNUjsX7cJFNgrvH2w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 s96260210789366 Show response
smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LBWB/ 5 KB
6 KB 130ms
82ms Script
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LBWB/s96260210789366?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F10%2F2021%2015%3A28%3A46%201%200&d.&nsid=0&jsonv=1&.d&mid=76398119666032314642605631107518473780&aamlh=6&ce=UTF-8&pageName=moments.marriottbonvoy.com%2Fpartners%2Fmsg&g=https%3A%2F%2Fmoments.marriottbonvoy.com%2Fpartners%2Fmsg%3Fnck%3D136603220%26ck%3D49825144%26lk%3D1000517938&cc=USD&v0=ck%3D49825144%3Bnck%3D136603220%3Blk%3D1000517938&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v0=ck%3D49825144%3Bnck%3D136603220%3Blk%3D1000517938&c5=EXP&c8=D%3Dv15&v15=Weekday%20%3A%20Monday%20%3A%2010%3A00AM&c26=Launch&v41=EXP&c71=Off-Platform%20Basic&v192=moments.marriottbonvoy.com%2Fpartners%2Fmsg&v207=%3Fnck%3D136603220%26ck%3D49825144%26lk%3D1000517938&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6176307a1b8bb254bdec6b717d2d6a4d87861897ab7c29a28216bd2891c136f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-aam-tid: mf1aOfWGT7k=
date: Mon, 22 Nov 2021 15:28:46 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
vary: *
content-length: 5365
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v019-0a95db146.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Tue, 23 Nov 2021 15:28:46 GMT
server: jag
xserver: anedge-6988cccb6f-h5mkv
etag: 3516708326954369024-4619594887824370776
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 21 Nov 2021 15:28:46 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=8394665442403164951
dpm.demdex.net/ Frame 299C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8394665442403164951

42 B
945 B

35ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=8394665442403164951

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0ff20dc55.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: k3kGHSaqSWw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 15:28:46 GMT
X-Proxy-Origin: 136.243.198.82; 136.243.198.82; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e4f67570-d456-4377-914e-889d65f1ee54
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=8394665442403164951
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 notice Show response
consent.trustarc.com/ 13 KB
5 KB 9ms
8ms Script
text/javascript 143.204.207.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=marriottgdpr.com&country=de&js=nj2&text=true&c=teconsent&noticeType=bb

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=marriottgdpr.com&text=true&c=teconsent&js=nj&noticeType=bb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-78.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

23830907410c2ba9d64f8514b7a9d4c5c6c3d84e769800013d8b44052b941d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moments.marriottbonvoy.com/
Origin: https://moments.marriottbonvoy.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 885
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
content-length: 4676
x-xss-protection: 1; mode=block
timing-allow-origin: *
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
cloudfront-viewer-country-region: HH
x-amz-cf-id: Xku2cFx6tJpxghf2EssIQKYO7Kp2nKgqq3JMkhLJ1cJHY3hs-mzjfg==
expires: Mon, 22 Nov 2021 16:14:01 GMT

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
435 B 39ms
39ms Image
image/gif 143.204.207.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=marriottgdpr.com&behavior=implied&country=de&language=de&rand=0.7092204542798104

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.207.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-207-78.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:46 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx
x-amz-cf-pop: FRA53-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
content-length: 43
x-xss-protection: 1; mode=block
x-amz-cf-id: yNLHXyKGSLd8xR7VV1TFeSz_Lr0GmNhvZX1Bd90ewBXHv8lJpf7pqA==
expires: Mon, 22 Nov 2021 15:28:45 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=2b62b3adf9f84ab4f38ef35aa3dd5082e7c4df660f810f6ae90177b95c5c0979b0da87c991749652
dpm.demdex.net/ Frame 299C
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=76652808498405249292616472071343695965
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzY2NTI4MDg0OTg0MDUyNDkyOTI2MTY0NzIwNzEzNDM2OTU5NjUQABoNCK7u7owGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2b62b3adf9f84ab4f38ef35aa3dd5082e7c4df660f810f6ae90177b95c5c0979b0da87c991749652

42 B
945 B

35ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=2b62b3adf9f84ab4f38ef35aa3dd5082e7c4df660f810f6ae90177b95c5c0979b0da87c991749652

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0628fab0c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: psev1wLURFk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 22 Nov 2021 15:28:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=2b62b3adf9f84ab4f38ef35aa3dd5082e7c4df660f810f6ae90177b95c5c0979b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEJPb1-gMgVKs5bdBe6RlLaM&google_cver=1
dpm.demdex.net/ Frame 299C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzY2NTI4MDg0OTg0MDUyNDkyOTI2MTY0NzIwNzEzNDM2OTU5NjU=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzY2NTI4MDg0OTg0MDUyNDkyOTI2MTY0NzIwNzEzNDM2OTU5NjU=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJPb1-gMgVKs5bdBe6RlLaM&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

35ms
35ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJPb1-gMgVKs5bdBe6RlLaM&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-09eb10935.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QbC9s/k7S/A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJPb1-gMgVKs5bdBe6RlLaM&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=104f5918-bcc6-43ee-b2ed-7fc777511da7
dpm.demdex.net/ Frame 299C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=104f5918-bcc6-43ee-b2ed-7fc777511da7

42 B
945 B

34ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=104f5918-bcc6-43ee-b2ed-7fc777511da7

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0cac9a0e9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ABVyMt2MR1k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=104f5918-bcc6-43ee-b2ed-7fc777511da7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=37DAAEFF277F64C20939BE0826AD6544
dpm.demdex.net/ Frame 299C
Redirect Chain

https://c.bing.com/c.gif?uid=76652808498405249292616472071343695965&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=37DAAEFF277F64C20939BE0826AD6544

42 B
945 B

43ms
35ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=37DAAEFF277F64C20939BE0826AD6544

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-092dc6a27.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /+cpkt4eSok=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 68FEFC3CCBBE4F8F80FA19AA0677AF5E Ref B: FRAEDGE1317 Ref C: 2021-11-22T15:28:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=37DAAEFF277F64C20939BE0826AD6544
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 matomo.php
analytics-mar.lacek.net/ 43 B
483 B 209ms
209ms Image
image/gif 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-mar.lacek.net/matomo.php?action_name=moments.marriottbonvoy.com%2FMarriott%20Bonvoy%20Moments%E2%84%A2&idsite=2&rec=1&r=344529&h=15&m=28&s=47&url=https%3A%2F%2Fmoments.marriottbonvoy.com%2Fpartners%2Fmsg%3Fnck%3D136603220%26ck%3D49825144%26lk%3D1000517938&_id=b878a4c26c361b97&_idts=1637594927&_idvc=1&_idn=0&_refts=0&_viewts=1637594927&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=197&pv_id=m5fibc
Requested by: Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-5-223.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:47 GMT
cache-control: no-store
server: Apache
content-length: 43
balanced_to: ip-10-0-0-226
content-type: image/gif

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=50742D6421788C&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 299C
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50742D6421788C&gdpr=0&gdpr_consent=

42 B
945 B

35ms
35ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50742D6421788C&gdpr=0&gdpr_consent=

Requested by

Host: moments.marriottbonvoy.com
URL: https://moments.marriottbonvoy.com/partners/msg?nck=136603220&ck=49825144&lk=1000517938

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0180a36c3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: oJ+HextISkc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 15:28:47 GMT
Server: prod-xre-app51.frk11
X-HW: 1637594927.dop204.fr8.t,1637594927.cds268.fr8.shn,1637594927.dop204.fr8.t,1637594927.cds015.fr8.sc,1637594927.cds015.fr8.p
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=50742D6421788C&gdpr=0&gdpr_consent=
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0

GET match.gif
match.rundsp.com/ Frame 299C 0
0

GET
H2 200 RC13a65ced67c44530b4e082ec22d40a56-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/602b70145919/ 1 KB
818 B 8ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/602b70145919/RC13a65ced67c44530b4e082ec22d40a56-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 17fbd29af71bf618c84b90c7defc8469f0a873d9c8cb8285a7d1eb6cfd04494c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:47 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 20:26:13 GMT
server: AkamaiNetStorage
etag: "d733ffae6a3bfa4296abbb16179c83da:1637094373.123932"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://moments.marriottbonvoy.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 545
expires: Mon, 22 Nov 2021 16:28:47 GMT

GET
H2 204 current
adobe-sync.dotomi.com/match/bounce/ Frame 299C 0
104 B 96ms
61ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=76652808498405249292616472071343695965&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 299C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=76652808498405249292616472071343695965&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=76652808498405249292616472071343695965&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
959 B

33ms
32ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0c1efb9a7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 300
X-TID: /5vFDoAWRTo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:47 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 55
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b23308af86f7021-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://dpm.demdex.net/ibs:dpid=22054
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22069&dpuuid=3015333646653
dpm.demdex.net/ Frame 299C
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://tag.yieldoptimizer.com/ps/ps?tc=99243494&t=i&p=2233
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015333646653

42 B
945 B

34ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015333646653

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-073dcfdd6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /ddypa8qR5A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3015333646653
cache-control: no-cache
alt-svc: clear
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=YyblC-YYFyJMFuZxdFg3Ht-EDPgJArwV&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 299C
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YyblC-YYFyJMFuZxdFg3Ht-EDPgJArwV&gdpr=0&gdpr_consent=

42 B
945 B

36ms
36ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YyblC-YYFyJMFuZxdFg3Ht-EDPgJArwV&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0da93e24d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: RzrMqEpxRNo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=YyblC-YYFyJMFuZxdFg3Ht-EDPgJArwV&gdpr=0&gdpr_consent=
strict-transport-security: max-age=31536000
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3569
date: Mon, 22 Nov 2021 15:28:47 GMT
content-length: 227
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 299C
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=76652808498405249292616472071343695965&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Frs02CVE2pHNbwHZU68SCN_inllZ2WZ4wIg-~A

42 B
945 B

34ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Frs02CVE2pHNbwHZU68SCN_inllZ2WZ4wIg-~A

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0550d3c00.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: D1ZrNzPYQCE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 22 Nov 2021 15:28:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Frs02CVE2pHNbwHZU68SCN_inllZ2WZ4wIg-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 v2
odr.mookie1.com/t/ Frame 299C 43 B
324 B 30ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=76652808498405249292616472071343695965&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:48 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 matomo.php
analytics-mar.lacek.net/ 43 B
485 B 191ms
191ms Image
image/gif 52.32.5.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-mar.lacek.net/matomo.php?action_name=moments.marriottbonvoy.com%2FMarriott%20Bonvoy%20Moments%E2%84%A2&idsite=2&rec=1&r=284603&h=15&m=28&s=47&url=https%3A%2F%2Fmoments.marriottbonvoy.com%2Fpartners%2Fmsg%3Fnck%3D136603220%26ck%3D49825144%26lk%3D1000517938&_id=b878a4c26c361b97&_idts=1637594927&_idvc=1&_idn=0&_refts=0&_viewts=1637594927&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=197&pv_id=bqYfcC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.32.5.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-32-5-223.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moments.marriottbonvoy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:48 GMT
cache-control: no-store
server: Apache
content-length: 43
balanced_to: ip-10-0-0-226
content-type: image/gif

GET
H/1.1

200
OK

ibs:dpid=80742&dpuuid=aac077fe-c67c-49af-b687-6c13a5f0f917
dpm.demdex.net/ Frame 299C
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=aac077fe-c67c-49af-b687-6c13a5f0f917

42 B
945 B

34ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=aac077fe-c67c-49af-b687-6c13a5f0f917

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0550d3c00.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: bDEQPcUISUQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=aac077fe-c67c-49af-b687-6c13a5f0f917
date: Mon, 22 Nov 2021 15:28:48 GMT
content-length: 0
request-time: 0

GET
H/1.1

200
OK

ibs:dpid=96420&dpuuid=sPvvqUO2Bua3&us_privacy=$%7BUS_PRIVACY%7D
dpm.demdex.net/ Frame 299C
Redirect Chain

https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN
https://dpm.demdex.net/ibs:dpid=96420&dpuuid=sPvvqUO2Bua3&us_privacy=$%7BUS_PRIVACY%7D

42 B
945 B

35ms
34ms

Image
image/gif

54.195.238.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=96420&dpuuid=sPvvqUO2Bua3&us_privacy=$%7BUS_PRIVACY%7D

Protocol

HTTP/1.1

Server

54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-238-9.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0d5309355.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: eGo8U1JoSho=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=96420&dpuuid=sPvvqUO2Bua3&us_privacy=${US_PRIVACY}
date: Mon, 22 Nov 2021 15:28:48 GMT
server: Jetty(9.3.z-SNAPSHOT)
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 299C
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=76652808498405249292616472071343695965
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76652808498405249292616472071343695965

0
337 B

107ms
32ms

Image
text/plain

54.77.178.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76652808498405249292616472071343695965
Protocol: H2
Server: 54.77.178.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-178-66.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=116 t=1637594928
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76652808498405249292616472071343695965
date: Mon, 22 Nov 2021 15:28:48 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVp1M0xnQUFBS05IVHdRRQ==

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVp1M0xnQUFBS05IVHdRRQ==

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637594929.789578,VS0,VE0
x-served-by: cache-fra19142-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVp1M0xnQUFBS05IVHdRRQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZu3LgAAAKNHTwQE&expires=90

0
239 B

31ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZu3LgAAAKNHTwQE&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637594929.789714,VS0,VE0
x-served-by: cache-fra19142-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZu3LgAAAKNHTwQE&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZu3LgAAAKNHTwQE
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZu3LgAAAKNHTwQE&C=1

43 B
1003 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZu3LgAAAKNHTwQE&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 15:28:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 22 Nov 2021 15:28:49 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 15:28:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZu3LgAAAKNHTwQE&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Mon, 22 Nov 2021 15:28:49 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YZu3LgAAAKNHTwQE

43 B
1016 B

12ms
11ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=YZu3LgAAAKNHTwQE

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 15:28:48 GMT
X-Proxy-Origin: 136.243.198.82; 136.243.198.82; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a8854f4f-8f05-49f8-9223-06c5bdac8c04
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637594929.790239,VS0,VE0
x-served-by: cache-fra19142-FRA
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=YZu3LgAAAKNHTwQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZu3LgAAAKNHTwQE
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZu3LgAAAKNHTwQE

43 B
61 B

26ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZu3LgAAAKNHTwQE
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:48 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZu3LgAAAKNHTwQE
date: Mon, 22 Nov 2021 15:28:48 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZu3LgAAAKNHTwQE

1 B
549 B

81ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZu3LgAAAKNHTwQE
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 15:28:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:520
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637594929.958554,VS0,VE0
x-served-by: cache-fra19142-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZu3LgAAAKNHTwQE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZu3LgAAAKNHTwQE&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZu3LgAAAKNHTwQE&img=1&__user_check__=1&sync_id=e3dffb9c-4ba8-11ec-8864-107c10e90306

43 B
548 B

23ms
23ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZu3LgAAAKNHTwQE&img=1&__user_check__=1&sync_id=e3dffb9c-4ba8-11ec-8864-107c10e90306
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 15:28:49 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 92
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 22 Nov 2021 15:28:49 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YZu3LgAAAKNHTwQE&img=1&__user_check__=1&sync_id=e3dffb9c-4ba8-11ec-8864-107c10e90306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 85
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 299C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZu3LgAAAKNHTwQE&t=2592000&o=0

43 B
1 KB

60ms
45ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZu3LgAAAKNHTwQE&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 07:28:49 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: P9RA0lXqZisPXnjTXh5Yr1KghJwHonE5+L+DfGIbFmw2aJCPSG0tlomLSMYTZhwwXLo31srBH8SeddLsOaUxWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Mon, 22 Nov 2021 07:28:49 PST

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:28:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637594929.158647,VS0,VE0
x-served-by: cache-fra19142-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZu3LgAAAKNHTwQE&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET r.gif
cm.ipinyou.com/xcmr/aam/ Frame 299C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.rundsp.com
URL: https://match.rundsp.com/match.gif?id=76652808498405249292616472071343695965&partner=adobe

Domain: cm.ipinyou.com
URL: https://cm.ipinyou.com/xcmr/aam/r.gif

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
moments.marriottbonvoy.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: tsch3ehnqk5o30b0f54v1ol834
moments.marriottbonvoy.com/	1969-12-31 23:59:59	Name: moments_session Value: b3PvvsB6R7R9nArygfoqhMxMcjzNcDAU5r2Lz2Xy
.demdex.net/	1970-01-20 03:12:26	Name: demdex Value: 76652808498405249292616472071343695965
.marriottbonvoy.com/	1969-12-31 23:59:59	Name: AMCVS_664516D751E565010A490D4C%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 07:38:50	Name: everest_g_v2 Value: g_surferid~YZu3LgAAAKNHTwQE
.dpm.demdex.net/	1970-01-20 03:12:26	Name: dpm Value: 76652808498405249292616472071343695965
moments.marriottbonvoy.com/	1970-01-19 22:53:16	Name: XSRF-TOKEN Value: eyJpdiI6IlRqYWJ2VHhWREQzdWVrUVRaY05IRFE9PSIsInZhbHVlIjoiWHlPNVpmZ25DS1M5eFFmaG5UYXZtUW5rSnU1a0xreTJ0SlZMQm9jZHdiazBIS1kycXgwNFRvWmtWZ3U4dzFBMiIsIm1hYyI6IjBiOWNmYTA0ZGU0ZDIwY2JlOTYwMzc5ZGI5OTJhMzM1Y2E5NjRlY2E2ZjU5MWIwNDg5OTk1MWVjYzdmMDc2ZTQifQ%3D%3D
.marriottbonvoy.com/	1970-01-20 16:24:26	Name: AMCV_664516D751E565010A490D4C%40AdobeOrg Value: -1712354808%7CMCIDTS%7C18954%7CMCMID%7C76398119666032314642605631107518473780%7CMCAAMLH-1638199726%7C6%7CMCAAMB-1638199726%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1637602126s%7CNONE%7CMCSYNCSOP%7C411-18961%7CvVersion%7C4.3.0
.marriottbonvoy.com/	1970-01-19 22:53:16	Name: s_tbm Value: true
.marriottbonvoy.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.adnxs.com/	1970-01-20 01:02:50	Name: uuid2 Value: 8394665442403164951
moments.marriottbonvoy.com/	1970-01-19 23:03:19	Name: AWSALB Value: Cy5HfiLGd69FIvY3cg+CaOPnZrueqGiSHPPETiXEhpT51714UE1O/eImAcFwp87pgsmX5R2EvL9ex7sPoC2DdMF84tT2S6qjF7YCDUy790UHJI0xJxUcQQ/ra1HE
moments.marriottbonvoy.com/	1970-01-19 23:03:19	Name: AWSALBCORS Value: Cy5HfiLGd69FIvY3cg+CaOPnZrueqGiSHPPETiXEhpT51714UE1O/eImAcFwp87pgsmX5R2EvL9ex7sPoC2DdMF84tT2S6qjF7YCDUy790UHJI0xJxUcQQ/ra1HE
.rlcdn.com/	1970-01-20 07:38:50	Name: rlas3 Value: 5zqUCIkbXtu/av3LX+TB1eMOxvPc1PRKpiafcT9QovY=
.rlcdn.com/	1970-01-20 00:19:38	Name: pxrc Value: CK7u7owGEgUI6AcQABIGCPHrARAA
.doubleclick.net/	1970-01-20 08:14:50	Name: IDE Value: AHWqTUl_OJ360VwORiQSMFzIJKN21wJt_qrab_FVS74BbpPHtw9K6ZQn2Wzp3jRJSdg
.adsrvr.org/	1970-01-20 07:38:50	Name: TDID Value: 104f5918-bcc6-43ee-b2ed-7fc777511da7
.moments.marriottbonvoy.com/	1970-01-20 08:19:10	Name: _pk_id.2.5db0 Value: b878a4c26c361b97.1637594927.1.1637594927.1637594927.
.moments.marriottbonvoy.com/	1970-01-19 22:53:16	Name: _pk_ses.2.5db0 Value: 1
.adsrvr.org/	1970-01-20 07:38:50	Name: TDCPM Value: CAESEgoDYWFtEgsIrNLq89n1ljoQBRgFIAEoAjILCO7owaDw9ZY6EAU4AQ..
.bing.com/	1970-01-20 08:14:50	Name: MUID Value: 37DAAEFF277F64C20939BE0826AD6544
.flashtalking.com/	1970-01-20 16:24:26	Name: flashtalkingad1 Value: "GUID=50742D6421788C"
.yieldoptimizer.com/	1970-01-20 08:14:50	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 08:14:50	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 08:14:50	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 07:38:50	Name: cktst Value: 99243494
.yieldoptimizer.com/	1970-01-20 08:14:50	Name: ckid Value: 3015333646653
.yieldoptimizer.com/	1970-01-20 08:14:50	Name: dph Value: %7B%22t%22%3A%5B113007%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/	1970-01-20 08:14:50	Name: ph Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B113007%5D%7D
.criteo.com/	1970-01-20 08:14:50	Name: uid Value: 333bbcaa-3857-4cd9-ac3c-622d78a34efa
.tribalfusion.com/	1970-01-20 01:02:50	Name: ANON_ID Value: aNnrXhyg6AarA7u8QGNxgc7bZa6HW4DPiZcduFNwLTdQQJrpi3exdTl6KGuDqTUKddUTvqZdS5t
.yahoo.com/	1970-01-20 07:39:12	Name: A3 Value: d=AQABBDC3m2ECEIkx3MAwRmIMaCca7n93hQE&S=AQAAAla_fcsbU7lauVhMzF80cS4
.innovid.com/	1970-01-20 01:02:50	Name: uuid Value: aac077fe-c67c-49af-b687-6c13a5f0f917-20211122 10:28:48
analytics-mar.lacek.net/	1970-01-19 23:03:19	Name: AWSALBCORS Value: 3aOolxK2cu38cRWmD1Jnd+dev6cK0eNGphQ6gdk2/65mEPZHE+T99CVfJRuFufcJMhyJOgJDq3haU5K/m38MdULNZnI0Fg9Rh9kV6DTh3u+TjsusAefCDzDKwYzf
.adnxs.com/	1970-01-20 01:02:50	Name: anj Value: dTM7k!M4.FErk#WF']wIg2In1hNArR!]tbPl1MwL(!R7qUY$a[Rk:4YWJXsX4?JyX[BpdKSOp4/X%W#.wL5oa9/sZwfzrVFy5mM0/rwze8php!!!d*a:Z/
.jivox.com/	1970-01-20 03:12:26	Name: jvxsync Value: sPvvqUO2Bua3
.jivox.com/	1970-01-19 23:13:24	Name: jvxadbsync Value: 1637594928834
.openx.net/	1970-01-20 07:38:50	Name: i Value: dc2ed1e9-53e2-4505-b196-b57d0ff9631c\|1637594928
.krxd.net/	1970-01-20 03:12:26	Name: _kuid_ Value: Of0p7N7s
.pubmatic.com/	1970-01-20 01:02:50	Name: KRTBCOOKIE_218 Value: 4056-YZu3LgAAAKNHTwQE&KRTB&22978-YZu3LgAAAKNHTwQE&KRTB&23194-YZu3LgAAAKNHTwQE&KRTB&23209-YZu3LgAAAKNHTwQE
.pubmatic.com/	1970-01-19 23:36:26	Name: PugT Value: 1637594928
.pubmatic.com/	1970-01-20 01:02:50	Name: PUBMDCID Value: 3
.casalemedia.com/	1970-01-20 07:38:50	Name: CMID Value: YZu3MdGy0JW8pLVWS7O4DAAA
.casalemedia.com/	1970-01-20 01:02:50	Name: CMPS Value: 5234
.casalemedia.com/	1970-01-20 01:02:50	Name: CMPRO Value: 1139
.casalemedia.com/	1970-01-20 07:38:50	Name: CMRUM3 Value: 58619bb7312760YZu3LgAAAKNHTwQE
.casalemedia.com/	1970-01-19 22:54:41	Name: CMST Value: YZu3MWGbtzEA
.spotxchange.com/	1970-01-20 07:38:54	Name: audience Value: e3dffb23-4ba8-11ec-8864-107c10e90306
.demdex.net/	1970-01-20 03:12:26	Name: dextp Value: 358-1-1637594926830\|477-1-1637594926931\|771-1-1637594927032\|903-1-1637594927133\|1957-1-1637594927235\|3047-1-1637594927336\|13870-1-1637594927437\|19360-1-1637594927538\|22054-1-1637594927639\|22069-1-1637594927740\|28645-1-1637594927841\|30646-1-1637594927942\|30862-1-1637594928043\|80742-1-1637594928143\|96420-1-1637594928244\|66757-1-1637594928345\|144230-1-1637594928446\|144231-1-1637594928547\|144232-1-1637594928648\|144233-1-1637594928749\|144234-1-1637594928852\|144235-1-1637594928953\|144236-1-1637594929054\|144237-1-1637594929155\|134084-1-1637594929256

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'speaker'.
network	error	URL: https://match.rundsp.com/match.gif?id=76652808498405249292616472071343695965&partner=adobe Message: Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics-mar.lacek.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com e.acuityplatform.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com www.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com ; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
Strict-Transport-Security	max-age=31536000 includeSubDomains; preload
X-Content-Security-Policy	default-src 'self' lacek.hs.llnwd.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: lacek.hs.llnwd.net platform.twitter.com tms.marriott.com s.pinimg.com smetrics.marriott.com a.tribalfusion.com pixel.mathtag.com s.pinimg.com .apextag.com .sojern.com js.adsrvr.org connect.facebook.net analytics.lacek.net .truste.com .trustarc.com localhost:* .ampxchange.com .admarketplace.com .admarketplace.net .signal.co .facebook.com .ensighten.com .omtrdc.net .demdex.net pixel.snapsmedia.io .bing.com .btstatic.com .thebrighttag.com .google-analytics.com .googleadservices.com .googletagmanager.com .doubleclick.net .serving-sys.com .yahoo.com .yimg.com .yieldoptimizer.com .youtube.com .ytimg.com .criteo.net .criteo.com .cloudfront.net .jivox.com static.hotjar.com vars.hotjar.com scripts.hotjar.com script.hotjar.com origin.acuityplatform.com www.everestjs.net s.tribalfusion.com rules.quantcount.com snap.licdn.com assets.adobedtm.com px.ads.linkedin.com p.teads.tv code.jquery.com secure.quantserve.com bttrack.com cdn.bttrack.com secure.adnxs.com; object-src 'self' lacek.hs.llnwd.net; style-src 'self' 'unsafe-inline' lacek.hs.llnwd.net fonts.googleapis.com ; img-src 'self' blob: data:; media-src 'self' blob lacek.hs.llnwd.net; frame-src 'self' data: .trustarc.com .criteo.com static.criteo.net .flashtalking.com .demdex.net www.youtube.com player.vimeo.com lacek.hs.llnwd.net platform.twitter.com staticxx.facebook.com static.sojern.com insight.adsrvr.org localhost:* .doubleclick.net sso.lacek.marriott.com/ .sso.lacek.marriott.com/ .marriott.com/aries-auth/logout.comp pixel.mathtag.com vars.hotjar.com; font-src 'self' data: lacek.hs.llnwd.net fonts.gstatic.com; connect-src 'self' lacek.hs.llnwd.net ct.pinterest.com .serving-sys.com *.omtrdc.net snapsmedia.io s.yimg.com dpm.demdex.net smetrics.marriott.com in.hotjar.com lasteventf-tm.everesttech.net bttrack.com; report-uri https://utilities.lacek.net/csp-report-uri/;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
adobe-sync.dotomi.com
ag.innovid.com
analytics-mar.lacek.net
assets.adobedtm.com
beacon.krxd.net
c.bing.com
cm.everesttech.net
cm.g.doubleclick.net
cm.ipinyou.com
cms.analytics.yahoo.com
connect.facebook.net
consent.trustarc.com
d1mqz30n8nowyf.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
email-marriott.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
lacek.hs.llnwd.net
marriottinternationa.demdex.net
match.adsrvr.org
match.rundsp.com
moments.marriottbonvoy.com
odr.mookie1.com
pixel.rubiconproject.com
platform.twitter.com
pxl.jivox.com
s.tribalfusion.com
servedby.flashtalking.com
smetrics.marriott.com
sync-tm.everesttech.net
sync.search.spotxchange.com
syndication.twitter.com
tag.yieldoptimizer.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
cm.ipinyou.com
match.rundsp.com
104.244.42.72
107.23.161.59
13.36.218.177
143.204.207.78
151.101.66.49
159.127.187.250
172.217.16.130
185.33.220.242
185.64.190.80
185.94.180.125
199.232.136.157
2.18.234.21
209.197.3.19
212.82.100.182
2600:9000:2057:b800:1d:cb70:f5c0:21
2606:4700::6812:d05
2620:1ec:c11::200
2a02:2638::1c
2a02:26f0:6c00:28a::1e80
2a02:fa8:8806:12::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d01c:1d8:8102:9b42:ec:9152:470a
3.33.220.150
34.249.252.185
34.98.64.218
34.98.67.61
35.186.212.60
35.244.174.68
52.32.5.223
52.44.110.4
52.50.54.3
54.195.238.9
54.77.178.66
69.173.144.139
95.140.236.0
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
0b3481ecc6fff44a9e688cc910e6888639593167248f06d8f4067aead54c0797
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17fbd29af71bf618c84b90c7defc8469f0a873d9c8cb8285a7d1eb6cfd04494c
1c38b38210051706981fb9dba449dfeb4fa1095d6fef33ebb593e55ee3798383
21be32f8ea793e294247d21fd0fee4074567d27f83a05114b2d3584b83c0c296
2334013ed6ee61d4c3cb9ad72182066853dbea6bdaf30f07802a3cf84e5d5b34
23830907410c2ba9d64f8514b7a9d4c5c6c3d84e769800013d8b44052b941d5e
274d28df8e4fa451e23ca788ea68f555971d5a2ae231bb57d30cb4b5b9e0fa41
2926046a0fa017d9a34b6a93e6966a19f29a2b138d90227e57d77bf5dc38e924
2c41f3b002e7dedc93805b9931375017f508634b7d7cda435a6843ee97f9b049
2dcaf30199c691e65aed57da3e8fccb63cf81d92d6d8769776eb13dbf6cb6c78
325d684c554058f0df28bfadf281f417a6dc690de33c89d9360eee65403fb7d8
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
49ba1897ab441882e5bad3ec3709f7d3e59b0ea3859b8cd097fc91f44ae821ed
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53d819d1dc72e0f31444f9aee303b20b05013363de9a62abdcbc8f8c12910af4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
573783b135fbba2e7a6c0e1c41274ec3fd4814a83d76f10f7bc8f26cb21325cb
5afc6700a8e86b6e14cf986dc501c72dc0edd0cc2ad499170567d3a1c5970310
5c77b5948b892d768d3e971f44695a5204756c52fa574ce913c7c623df8e86ca
5e068996d9a14772bc173a4e9875bc4949d7b06e2a55ba9284761f724ad5c7e9
5e8b8e1c62316ec5a7ef3690f2a7b091aa3219881759cf1ec0772776178ff7f2
5ef827d95b62ad2c254e487fe0c1d351a28ea6236a04054ae9629d4ce9a71b6a
6130aae15f052761ea8ce49016dac46e78d09d8d32b11e79145e3b81ef2f27c6
6176307a1b8bb254bdec6b717d2d6a4d87861897ab7c29a28216bd2891c136f7
6dd6bd3402a4697a4fa3f1e12baf38eae3871017a3a246ad1552b74d05eb91a5
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73377e72915c063734363ab60d37d5e582d4166a02f7d35cd3d431433bc7762c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80c9ffa0749050ca0bdc141c44d1b1e44f68442178a5835f621a6c3e1ad99994
83d437e56c8c71e30127f9d8236245585346d86ec987be399deca6f03bb3f4f6
8a35e78c2edcf540215d88afd1dfb8eeb7ac247932ed558b3335d78c607ce3b5
917cd441969c201fe537f3c3c47a825d2fd9b68535a5873358b630a5c6a25f0d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a52571e4a72ea32319a3cb3333e8d4348943062d8b681053b3d9908877216eff
a59d3caee1fab4ca496a0e5b1d0fcc86d13c1e0a3302e7a76c3f6c2b7f7f864e
a91f83b304c0892cc905d253b6decb202936a8707b160d0999f7d4ed003cf24a
ac025ac543fa538db58786395c4a7c678219a0c1b980e2b09ed18377ed16f35b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b52608eb90130f261d38507f7445e73f9c54fde9b481d23f1987bafd1ed5090a
ba7d7a290780caf6a3852a7a6f3d3141c306274ef35e158b0c76c53bc6a06100
bebea65962ba150ac0b1929afeb2ac96a4e2235b73fabf8a35f5b51b42f5af59
bfc8b608495da96bcf53a7d54059678a854eb2b7c76764e92e7360ea7059309a
c6820080d745330cbdf5cd69fefe10e954f65474dfbcd014e42adc4a31d51fcb
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9f9f802f91d1688751d66f0ca6b540b2eb1c3eb25688090beefd9a395043ea3
d0623677e2d909edd126f62389b93a4a59cfa9e06287efc2f8908b104b83a7c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63c15a04c4e74fbb1866b1e1deba0ca49374f7869ffe063a2a789d866e0def7
e63eeb10b77a8a949bd5b3eb9310b352142ea2ec69bec155017b765a67d05c3d
e739f3767df54de0125c3f08a25e8900a3283c016e584a6b6879b7ea22a80071
ea61bdd8d5fbdc8dce42bbad5d8b1a777fd0f80782f1564f5f727f22acf2b741
ed7aa8468ee1bc18bcefccaf522d12516356ac6742d0b64b5f382d3a2b98293b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40dc208825da365062ec1775302f152e86bbb77ecf2a7406d15b6c820795a35
fa348462b168188744092482c0d9841ef8a1f9f07d0f5036ea7c1ede88254456
fc2cfd3bdb4ece2e2ca4cfbfea4db01e35c148e07b19e3f846e67b89c0000517
fd78e0563ea4c30b77f53feb82baf48413db9a38e734a1d6fe7ae7989191f6fa

moments.marriottbonvoy.com Open in urlscan Pro 52.32.5.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

83 Requests

71 %HTTPS

25 %IPv6

35 Domains

40 Subdomains

23 IPs

7 Countries

2792 kBTransfer

7549 kBSize

49 Cookies

42 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

moments.marriottbonvoy.com Open in urlscan Pro
52.32.5.223 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

71 %
HTTPS

25 %
IPv6

35
Domains

40
Subdomains

23
IPs

7
Countries

2792 kB
Transfer

7549 kB
Size

49
Cookies

83 HTTP transactions
0 data transactions