go.marriott-promotions.com Open in urlscan Pro
3.215.172.219  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Show response go.marriott-promotions.com/webmail/534842/1269275289/	63 KB 9 KB	556ms 282ms	Document text/html	3.215.172.219 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-172-219.compute-1.amazonaws.com Software PardotServer / Resource Hash 0358403213e70aa2d3d7d02c6e82c49ffdddbf9e139f1460d0d94dc3fa00c9ce Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 8560 Content-Type text/html; charset=utf-8 Date Thu, 28 Sep 2023 06:01:34 GMT Server PardotServer X-Pardot-Route e8229a0ff18ebffc83a98010d2521dd5 cache-control no-store, no-cache, must-revalidate content-encoding gzip expires Thu, 19 Nov 1981 08:52:00 GMT p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" pragma no-cache referrer-policy no-referrer vary Accept-Encoding,User-Agent x-pardot-rsp 0/0/1 x-robots-tag nofollow, noindex
GET H2	200	REF_Events_2C_Coral_400.jpg storage.pardot.com/534842/1643277160zT55nQFZ/	42 KB 42 KB	170ms 46ms	Image image/jpeg	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1643277160zT55nQFZ/REF_Events_2C_Coral_400.jpg Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b6bcbd1367d6f9881790ef8cb5b493aacbd7f5a9ad11e7bd90b1fd7b7119fc4e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 01:39:48 GMT x-amz-version-id mk73IuCAml2WW2Mj8Fof6Jsqm19VFJZY via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Thu, 27 Jan 2022 09:52:41 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 15707 etag "394d2e812b8b68148b660dbbc7ae0df1" x-cache Hit from cloudfront content-type image/jpeg; charset=binary x-amz-replication-status COMPLETED accept-ranges bytes x-robots-tag none content-length 42606 x-amz-cf-id OnVTd3ijh30dTEv3fSn7GvScp0NDMU2Myadn2MptBnHOP2YPOgb8Mg==
GET H2	200	autoDPSAVex.1290302.jpg storage.pardot.com/534842/1693478035DkCjeYPD/	563 KB 564 KB	212ms 88ms	Image image/jpeg	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1693478035DkCjeYPD/autoDPSAVex.1290302.jpg Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f51828aa87e689ba8fa6742bf4ed5d4a0a047cc8f5262cc7ced5caf4b9bd5515 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 04:07:00 GMT x-amz-version-id qpzwyEHgKVFdgUlors7CECOATAXcznP0 via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 6875 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 576148 last-modified Thu, 31 Aug 2023 10:33:56 GMT server AmazonS3 etag "21b31619224c0829f02ebd85c51d9ba9" content-type image/jpeg; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id qLAKQ7NcJ1aH1AfVFsHdsqywEHer6-oIWtrTsXj2TAAOkbvqMCwUXA==
GET H2	200	50_thai.png storage.pardot.com/534842/1693552534l8b7ZvKg/	2 MB 2 MB	320ms 196ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1693552534l8b7ZvKg/50_thai.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 48f944c3197a862c54e4eec202f4027dcdc450e499dea2e5d2a72f525a7b1b82 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 04:08:16 GMT x-amz-version-id qoHfzZO8gpoSPRXKcXwAU9FPFOXHsCJw via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 6799 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 2158706 last-modified Fri, 01 Sep 2023 07:15:35 GMT server AmazonS3 etag "fa33deb92b476e88ab2dc3f080ff11e0" content-type image/png; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id AszMcrKQERjN4aRaeXGduo9D-ZgodRXyLt3qA4khIb_Zh6FCJjfmOg==
GET H2	200	the_dali_edition_1.jpg storage.pardot.com/534842/1693479402Nhp37izf/	558 KB 559 KB	211ms 88ms	Image image/jpeg	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1693479402Nhp37izf/the_dali_edition_1.jpg Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5f88d35882aa84af3b073106d7e823dd021db72958f8646db0396e49baed210f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 04:07:00 GMT x-amz-version-id J.dceDFQtXI4fBF4dMEZKqj1hrIxWJhU via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 6875 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 571549 last-modified Thu, 31 Aug 2023 10:56:43 GMT server AmazonS3 etag "fb2382b0917b3c8516348c04440eaf6d" content-type image/jpeg; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id pv99ZBb2Dv22MymKWqenza2DvaAqmFV8xSlmFdSVLINTUae1kd_GFg==
GET H2	200	LUX_OSANL_Main_Dining_Garden_1.jpg storage.pardot.com/534842/1693553377NIWKnpYh/	7 MB 7 MB	364ms 241ms	Image image/jpeg	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1693553377NIWKnpYh/LUX_OSANL_Main_Dining_Garden_1.jpg Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 83b778890f6aae898f2952df11b27fd20b90a5b800409ad058de6b03fe5cfd85 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 04:08:48 GMT x-amz-version-id t1CtQZxqgdR71f2temACQMGKzFAN32sv via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 6767 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 6997500 last-modified Fri, 01 Sep 2023 07:29:38 GMT server AmazonS3 etag "a256713207d36480189d21d708c438d9" content-type image/jpeg; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id sqYS13Z1DhzaDWLS6GO1bvuDG06pTnVpFUpvEZmJRgszqqGznmVGFA==
GET H2	200	moxy.png storage.pardot.com/534842/1694593165WwhwZQcp/	1 MB 1 MB	211ms 88ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1694593165WwhwZQcp/moxy.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 58690a88479130b751067a946597309f896fa958e650df84df7b8e40e170e12d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 04:07:00 GMT x-amz-version-id OOlfTdkjKE3LTGDKrWImXWI7BTYQIv5G via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 6875 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 1257822 last-modified Wed, 13 Sep 2023 08:19:26 GMT server AmazonS3 etag "538611f6cf48598ad50bc7c350b2fa42" content-type image/png; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id -2lBjke1Elcj3wMTbDv5indqYuoQ6VmBMfmnRx1Vu_4PS6pbyJXC3A==
GET H2	200	2927263_Ed_StreetsOf_SKorea_1.jpg storage.pardot.com/534842/1695708712NbzTay3f/	320 KB 320 KB	161ms 160ms	Image image/jpeg	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1695708712NbzTay3f/2927263_Ed_StreetsOf_SKorea_1.jpg Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 676b2720831c46f6d62f50cb6bf47cded1c911bb78b0fb1b1a2d27ba1e5cf255 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 04:07:00 GMT x-amz-version-id zm3xjn.1pHEQrhV3r3108.TZ1DOqTTKg via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 6875 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 327226 last-modified Tue, 26 Sep 2023 06:11:53 GMT server AmazonS3 etag "50762be2d46ed708664bbea769328682" content-type image/jpeg; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id 48djreaSfcg-woNeI8pKU6aTWOio6Tv3daN1kEMxE_o97CVtofNdAg==
GET H2	200	india_cc.png storage.pardot.com/534842/1693552361jgHKvKJN/	47 KB 47 KB	160ms 159ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1693552361jgHKvKJN/india_cc.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 895c5e70dfbd104eb128f7ad481615b21493c6186ae0282032b6afa77afcb24a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 04:07:00 GMT x-amz-version-id epNkmw6xVWI44zqqrR7czz.gH_58SRRu via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 6875 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 47714 last-modified Fri, 01 Sep 2023 07:12:42 GMT server AmazonS3 etag "c673dd4e6007f4d8a972658d1123b3b0" content-type image/png; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id 7p5R6v-v7zKrRpMwcSbhMSDxN9DiAc9i-svs-pdS-BIrkR09ToBbNQ==
GET H2	200	marriott_bonvoy_events_spark_this_moment_kv_email_footer_banner_600x18.jpg storage.pardot.com/534842/1690947026dbJVgyUO/	141 KB 142 KB	160ms 159ms	Image image/jpeg	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1690947026dbJVgyUO/marriott_bonvoy_events_spark_this_moment_kv_email_footer_banner_600x18.jpg Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8dd7427cca1db1d8e266e727767820bbbb5443ac9a82aa8121200fc1e8d5965b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 01:39:48 GMT x-amz-version-id RMB7hfLY2r2EksIJbw4aduA3QguRtMVC via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 15706 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 144589 last-modified Wed, 02 Aug 2023 03:30:27 GMT server AmazonS3 etag "a160978e16a556401f6011b521aeff77" content-type image/jpeg; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id Z2zPsu2ao9_O7ts93XW0ljkGp-GBRl3CEGxogjLmcxYpG6gsoes5CA==
GET H2	200	facebook_logo_black.png storage.pardot.com/534842/1626749481YzRtnGQ4/	620 B 1 KB	161ms 160ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1626749481YzRtnGQ4/facebook_logo_black.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c9d8eecb903d3e6420e7e7f9422190c9422a8a9f5b5fe81dde78f3bb8833ba5e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 01:39:48 GMT x-amz-version-id CW8dH7qMPslnDQvoEGYJUChbm5sTTLwu via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Tue, 20 Jul 2021 02:51:22 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 15706 etag "6eb0002c51203421d7b6296c0991a86c" x-cache Hit from cloudfront content-type image/png; charset=binary x-amz-replication-status COMPLETED accept-ranges bytes x-robots-tag none content-length 620 x-amz-cf-id Erd8plorqJHgQbSudPCsqIPSHWFvMsm-nRiRbTCWfHIo23bAgc9wIQ==
GET H2	200	linkedin_logo_black.png storage.pardot.com/534842/16267495375g5K1cEZ/	404 B 826 B	161ms 160ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/16267495375g5K1cEZ/linkedin_logo_black.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9863010f506baca90965afb7549b28bea3ad7b0f9c865e9bd341a28eb75ff180 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 01:39:48 GMT x-amz-version-id Y9rWTNDr8GekMWAE1WFww4LW2BfN8Jvn via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Tue, 20 Jul 2021 02:52:18 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 15706 etag "f39cce716a799c29294ab93a8c9c9865" x-cache Hit from cloudfront content-type image/png; charset=binary x-amz-replication-status COMPLETED accept-ranges bytes x-robots-tag none content-length 404 x-amz-cf-id uZZVXw2X_ZzQERIrakofTwpNzwo6HOhjYbadxIkXNm046J3pqs99QQ==
GET H2	200	instagram_logo_black.png storage.pardot.com/534842/1637356848pkBUkJtG/	628 B 1 KB	161ms 161ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1637356848pkBUkJtG/instagram_logo_black.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 45aba3922d5ec90575913e0c29c98af0fd1ea52682196fa9431b002a37a971ad Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 01:39:48 GMT x-amz-version-id wPFTZ66Jx9MHCDeglJEJ26R4_UaafU4i via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) last-modified Fri, 19 Nov 2021 21:20:49 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 15706 etag "ad2265380fd7a28587dcad7d308d10f8" x-cache Hit from cloudfront content-type image/png; charset=binary x-amz-replication-status COMPLETED accept-ranges bytes x-robots-tag none content-length 628 x-amz-cf-id rNnjVNjvWtCpC3910INSswfoPzAT8o0wD0_9amY90VYXZSdZzYIfZw==
GET H2	200	ALT_B2B_BRAND_BAR_HORZ_RGB_BLACK.png storage.pardot.com/534842/1693997919Okt3Ua89/	45 KB 45 KB	161ms 160ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1693997919Okt3Ua89/ALT_B2B_BRAND_BAR_HORZ_RGB_BLACK.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4de36bcb1265d33a1e0453308fa95a0a22e53ccf8850565c1cea46e47a894a1c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:33:25 GMT x-amz-version-id Cy1nctl6lgaLktb8USLSfPk5iXPBqnAT via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 19690 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 45883 last-modified Wed, 06 Sep 2023 10:58:40 GMT server AmazonS3 etag "e59a82368d8dcdbd3591c5e4d14286f2" content-type image/png; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id 9TXQHPIkV6chIa9wWoqaf4oOcyaBjNRyrxb-9zia5dMbCwY7qO30ew==
GET H2	200	ALT_B2B_BRAND_BAR_VERT_RGB_BLACK2.png storage.pardot.com/534842/1694071985JgDUMyb1/	310 KB 311 KB	162ms 161ms	Image image/png	2600:9000:225b:8600:d:7e9b:1200:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://storage.pardot.com/534842/1694071985JgDUMyb1/ALT_B2B_BRAND_BAR_VERT_RGB_BLACK2.png Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8600:d:7e9b:1200:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ecf58a8805247d7b61ccf9352b8da064e7cab250dd8cecff59ef0ec8d2ed0993 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers date Thu, 28 Sep 2023 00:33:25 GMT x-amz-version-id u5C7nYEHKsVp2L9tTgfbl0S4w_TblrUJ via 1.1 f4c3162878591c5abd76f8ee1f873476.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P1 age 19690 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 317743 last-modified Thu, 07 Sep 2023 07:33:06 GMT server AmazonS3 etag "5927874bf00b24b43b31f1207679a232" content-type image/png; charset=binary accept-ranges bytes x-robots-tag none x-amz-cf-id fIJH4xJDg9m6j4Ak0b0RxduSWu8FMHGk_nVJG44HWsFhj3-xVQrZ8w==
GET H/1.1	200 OK	pd.js Show response pi.pardot.com/	5 KB 2 KB	361ms 120ms	Script application/javascript	34.237.219.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/pd.js Requested by Host: go.marriott-promotions.com URL: https://go.marriott-promotions.com/webmail/534842/1269275289/86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-219-119.compute-1.amazonaws.com Software PardotServer / Resource Hash 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Thu, 28 Sep 2023 06:01:35 GMT content-encoding gzip X-Pardot-Route 16b0ab393667a33fe86adedc3141e88c last-modified Wed, 27 Sep 2023 17:56:28 GMT Server PardotServer etag "15f4-gzip" vary Accept-Encoding,User-Agent Content-Type application/javascript cache-control max-age=63072000 Connection keep-alive accept-ranges bytes Content-Length 1988 expires Sat, 27 Sep 2025 06:01:35 GMT
GET H/1.1	200 OK	analytics Show response pi.pardot.com/	1 KB 2 KB	490ms 490ms	Script text/javascript	34.237.219.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=349237&account_id=535842&title=&url=https%3A%2F%2Fgo.marriott-promotions.com%2Fwebmail%2F534842%2F1269275289%2F86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993&referrer= Requested by Host: pi.pardot.com URL: https://pi.pardot.com/pd.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-219-119.compute-1.amazonaws.com Software PardotServer / Resource Hash 09b7d926cc6354dfbcec8b5c496dd40cfe9337c677e7b47e339651119fb2fd32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache Date Thu, 28 Sep 2023 06:01:36 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip X-Pardot-Route 9b06e8e2308c32c7bf9ba8adfb7be2e1 x-pardot-rsp 0/0/1 Server PardotServer vary Accept-Encoding,User-Agent Content-Type text/javascript; charset=utf-8 p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" cache-control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 557 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	analytics Show response go.marriott-promotions.com/	50 B 999 B	227ms 227ms	Script text/javascript	3.215.172.219 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://go.marriott-promotions.com/analytics?conly=true&visitor_id=563560266&visitor_id_sign=8fe7ec1d0c368b929e1b5a079b026420811767df81dd7a4ffb3b375de1f13d7c290d2a9b5661ad4125ea0493cebcebab0327321c&pi_opt_in=&campaign_id=349237&account_id=535842&title=&url=https%3A%2F%2Fgo.marriott-promotions.com%2Fwebmail%2F534842%2F1269275289%2F86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993&referrer= Requested by Host: pi.pardot.com URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=349237&account_id=535842&title=&url=https%3A%2F%2Fgo.marriott-promotions.com%2Fwebmail%2F534842%2F1269275289%2F86e2446e817c3ed2ad167d83cf0ed44579a7b0c7b76f6388da1d24bd8a22a993&referrer= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-172-219.compute-1.amazonaws.com Software PardotServer / Resource Hash dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers pragma no-cache Date Thu, 28 Sep 2023 06:01:36 GMT X-Pardot-Route 9b06e8e2308c32c7bf9ba8adfb7be2e1 x-pardot-rsp 0/0/1 Server PardotServer vary User-Agent Content-Type text/javascript; charset=utf-8 p3p CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" cache-control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 50 expires Thu, 19 Nov 1981 08:52:00 GMT

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| piAId string| piCId string| piHostname function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi string| property function| piResponse

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pardot.com/	1970-01-21 00:40:40	Name: visitor_id534842 Value: 563560266
			.pardot.com/	1970-01-21 00:40:40	Name: visitor_id534842-hash Value: 8fe7ec1d0c368b929e1b5a079b026420811767df81dd7a4ffb3b375de1f13d7c290d2a9b5661ad4125ea0493cebcebab0327321c
			pi.pardot.com/	1970-01-20 15:04:42	Name: lpv534842 Value: aHR0cHM6Ly9nby5tYXJyaW90dC1wcm9tb3Rpb25zLmNvbS93ZWJtYWlsLzUzNDg0Mi8xMjY5Mjc1Mjg5Lzg2ZTI0NDZlODE3YzNlZDJhZDE2N2Q4M2NmMGVkNDQ1NzlhN2IwYzdiNzZmNjM4OGRhMWQyNGJkOGEyMmE5OTM%3D
			go.marriott-promotions.com/	1970-01-21 00:40:40	Name: visitor_id534842 Value: 563560266
			go.marriott-promotions.com/	1970-01-21 00:40:40	Name: visitor_id534842-hash Value: 8fe7ec1d0c368b929e1b5a079b026420811767df81dd7a4ffb3b375de1f13d7c290d2a9b5661ad4125ea0493cebcebab0327321c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.marriott-promotions.com
pi.pardot.com
storage.pardot.com
2600:9000:225b:8600:d:7e9b:1200:93a1
3.215.172.219
34.237.219.119
0358403213e70aa2d3d7d02c6e82c49ffdddbf9e139f1460d0d94dc3fa00c9ce
09b7d926cc6354dfbcec8b5c496dd40cfe9337c677e7b47e339651119fb2fd32
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
45aba3922d5ec90575913e0c29c98af0fd1ea52682196fa9431b002a37a971ad
48f944c3197a862c54e4eec202f4027dcdc450e499dea2e5d2a72f525a7b1b82
4de36bcb1265d33a1e0453308fa95a0a22e53ccf8850565c1cea46e47a894a1c
58690a88479130b751067a946597309f896fa958e650df84df7b8e40e170e12d
5f88d35882aa84af3b073106d7e823dd021db72958f8646db0396e49baed210f
676b2720831c46f6d62f50cb6bf47cded1c911bb78b0fb1b1a2d27ba1e5cf255
83b778890f6aae898f2952df11b27fd20b90a5b800409ad058de6b03fe5cfd85
895c5e70dfbd104eb128f7ad481615b21493c6186ae0282032b6afa77afcb24a
8dd7427cca1db1d8e266e727767820bbbb5443ac9a82aa8121200fc1e8d5965b
9863010f506baca90965afb7549b28bea3ad7b0f9c865e9bd341a28eb75ff180
b6bcbd1367d6f9881790ef8cb5b493aacbd7f5a9ad11e7bd90b1fd7b7119fc4e
c9d8eecb903d3e6420e7e7f9422190c9422a8a9f5b5fe81dde78f3bb8833ba5e
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
ecf58a8805247d7b61ccf9352b8da064e7cab250dd8cecff59ef0ec8d2ed0993
f51828aa87e689ba8fa6742bf4ed5d4a0a047cc8f5262cc7ced5caf4b9bd5515