thestregisbalharbourresort.247activities.com Open in urlscan Pro
174.129.206.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thestregisbalharbourresort.247activities.com/
Submission: On January 28 via api (January 28th 2024, 10:25:57 pm UTC) from US — Scanned from US

Summary HTTP 185 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 51 IPs in 4 countries across 53 domains to perform 185 HTTP transactions. The main IP is 174.129.206.94, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is thestregisbalharbourresort.247activities.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 5th 2023. Valid for: a year.

This is the only time thestregisbalharbourresort.247activities.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	174.129.206.94 174.129.206.94	14618 (AMAZON-AES) (AMAZON-AES)
23	2600:1418:a00... 2600:1418:a000:5af::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c0b::66	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
1 18	18.204.157.42 18.204.157.42	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.213.220.232 44.213.220.232	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5 9	68.67.161.182 68.67.161.182	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
7	23.39.184.114 23.39.184.114	16625 (AKAMAI-AS) (AKAMAI-AS)
7 11	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
2	63.140.38.225 63.140.38.225	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:440... 2606:4700:4400::ac40:97ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 8	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	52.216.38.73 52.216.38.73	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26a... 2600:9000:26a0:2c00:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f011:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	3.161.209.109 3.161.209.109	16509 (AMAZON-02) (AMAZON-02)
2	3.227.143.21 3.227.143.21	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1402:880... 2600:1402:8800::1728:cf18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:1408:540... 2600:1408:5400:38b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4998:1c:... 2001:4998:1c:800::1001	14779 (YAHOO) (YAHOO)
2	54.230.48.245 54.230.48.245	16509 (AMAZON-02) (AMAZON-02)
1 2	159.127.43.76 159.127.43.76	25751 (VALUECLICK) (VALUECLICK)
10	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.232.133.131 34.232.133.131	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.4.232.32 23.4.232.32	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.203.149.164 52.203.149.164	14618 (AMAZON-AES) (AMAZON-AES)
6 6	172.253.62.149 172.253.62.149	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::9c	15169 (GOOGLE) (GOOGLE)
2 4	2607:f8b0:400... 2607:f8b0:4004:c1d::66	15169 (GOOGLE) (GOOGLE)
3 3	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1 3	2606:ae80:145... 2606:ae80:1451:18::1720	25751 (VALUECLICK) (VALUECLICK)
1	2606:ae80:145... 2606:ae80:1451:20::1780	25751 (VALUECLICK) (VALUECLICK)
2	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:612... 2600:1f18:612b:4200:b14f:6477:d561:27b0	14618 (AMAZON-AES) (AMAZON-AES)
1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1	23.50.124.22 23.50.124.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.39.185.111 23.39.185.111	16625 (AKAMAI-AS) (AKAMAI-AS)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
7	23.202.153.6 23.202.153.6	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.199.251.212 34.199.251.212	14618 (AMAZON-AES) (AMAZON-AES)
1	18.214.41.71 18.214.41.71	14618 (AMAZON-AES) (AMAZON-AES)
3 5	35.190.52.204 35.190.52.204	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::6a	15169 (GOOGLE) (GOOGLE)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	2a03:2880:f11... 2a03:2880:f111:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2600:1f18:445... 2600:1f18:445b:903:779c:aace:8703:6d72	14618 (AMAZON-AES) (AMAZON-AES)
7 7	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	152.136.179.124 152.136.179.124	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
185	51

24 174.129.206.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-206-94.compute-1.amazonaws.com

thestregisbalharbourresort.247activities.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:1418:a000:5af::1e80 (Minneapolis, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c0b::66 (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 18.204.157.42 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-157-42.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marriottinternationa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.213.220.232 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-220-232.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o436887.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.67.161.182 (Jersey City, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.39.184.114 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-184-114.deploy.static.akamaitechnologies.com

cache.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.122.155 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.225 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-225.data.adobedc.net

smetrics.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:97ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idpix.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.33.220.150 (Seattle, United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.216.38.73 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ipoolside-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26a0:2c00:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f011:100:face:b00c:0:3 (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.161.209.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-209-109.yul62.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.227.143.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-143-21.compute-1.amazonaws.com

pxl.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1402:8800::1728:cf18 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:5400:38b::1931 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:1c:800::1001 (United States)

ASN14779 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.48.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-245.yul62.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.127.43.76 (United States) 1 redirects

ASN25751 (VALUECLICK, US)
PTR: iad13-nessy-float2.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.133.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-133-131.compute-1.amazonaws.com

jvxpxl.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.4.232.32 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-232-32.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.149.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-149-164.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.62.149 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bc-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::66 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.39 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:ae80:1451:18::1720 (United States) 1 redirects

ASN25751 (VALUECLICK, US)

adobe-sync.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yahoo-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login-ds.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1451:20::1780 (United States)

ASN25751 (VALUECLICK, US)

match.sync.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:b14f:6477:d561:27b0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.50.124.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-50-124-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.39.185.111 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-185-111.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.202.153.6 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-153-6.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.251.212 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-251-212.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.41.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-41-71.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.52.204 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f111:181:face:b00c:0:25de (Lithia Springs, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:903:779c:aace:8703:6d72 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.130.49 (United States) 7 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.136.179.124 (China) 1 redirects

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

cm.ipinyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	247activities.com thestregisbalharbourresort.247activities.com	4 MB
23	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 460	273 KB
18	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239 marriottinternationa.demdex.net — Cisco Umbrella Rank: 42166	17 KB
17	doubleclick.net 13 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	7 KB
11	sojern.com static.sojern.com — Cisco Umbrella Rank: 13605 beacon.sojern.com — Cisco Umbrella Rank: 6406 pixel.sojern.com — Cisco Umbrella Rank: 8511	14 KB
10	amazonaws.com ipoolside-media.s3.amazonaws.com — Cisco Umbrella Rank: 601197	3 MB
10	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 357 js.adsrvr.org — Cisco Umbrella Rank: 1465 insight.adsrvr.org — Cisco Umbrella Rank: 637	8 KB
10	marriott.com cache.marriott.com — Cisco Umbrella Rank: 15152 smetrics.marriott.com — Cisco Umbrella Rank: 18898 jvxpxl.marriott.com — Cisco Umbrella Rank: 26263	330 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	708 KB
9	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	10 KB
8	everesttech.net 8 redirects cm.everesttech.net — Cisco Umbrella Rank: 1278 sync-tm.everesttech.net — Cisco Umbrella Rank: 716	1 KB
7	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	5 KB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 922 tr6.snapchat.com — Cisco Umbrella Rank: 1368	2 KB
6	yahoo.com 4 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1451 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	2 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 www.linkedin.com — Cisco Umbrella Rank: 632 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	5 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 98 fcmatch.google.com — Cisco Umbrella Rank: 3365 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	dotomi.com 2 redirects login.dotomi.com — Cisco Umbrella Rank: 2502 adobe-sync.dotomi.com — Cisco Umbrella Rank: 91543 match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 1725 yahoo-match.dotomi.com — Cisco Umbrella Rank: 7852 login-ds.dotomi.com — Cisco Umbrella Rank: 6088	10 KB
5	yieldoptimizer.com 3 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 5253	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 376 c.bing.com — Cisco Umbrella Rank: 247	14 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
3	krxd.net 2 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1811 beacon.krxd.net — Cisco Umbrella Rank: 784	402 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 583	2 KB
3	tvpixel.com c.tvpixel.com — Cisco Umbrella Rank: 10412 p.tvpixel.com — Cisco Umbrella Rank: 1846	32 KB
2	ipinyou.com 1 redirects cm.ipinyou.com — Cisco Umbrella Rank: 88677	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 524	490 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	2 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 423	758 B
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	932 B
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870 image2.pubmatic.com — Cisco Umbrella Rank: 912	844 B
2	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 3354	477 B
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1260	36 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 673	7 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	jivox.com pxl.jivox.com — Cisco Umbrella Rank: 5757	454 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	71 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 451	836 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	935 B
1	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 2226	247 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	455 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	652 B
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 523	860 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1311	175 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 954	552 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 567	305 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	media6degrees.com 1 redirects idpix.media6degrees.com — Cisco Umbrella Rank: 1921	553 B
1	sentry.io o436887.ingest.sentry.io — Cisco Umbrella Rank: 640076	324 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
0	yahoo.net Failed hb.yahoo.net Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	rundsp.com Failed match.rundsp.com Failed
185	53

	Domain	Requested by
24	thestregisbalharbourresort.247activities.com	thestregisbalharbourresort.247activities.com
23	assets.adobedtm.com	thestregisbalharbourresort.247activities.com assets.adobedtm.com
17	dpm.demdex.net	1 redirects assets.adobedtm.com thestregisbalharbourresort.247activities.com
10	ipoolside-media.s3.amazonaws.com
10	cm.g.doubleclick.net	7 redirects login.dotomi.com js.adsrvr.org
10	www.googletagmanager.com	www.google-analytics.com assets.adobedtm.com www.googletagmanager.com beacon.sojern.com
8	pixel.sojern.com	static.sojern.com
7	sync-tm.everesttech.net	7 redirects
7	ct.pinterest.com	thestregisbalharbourresort.247activities.com s.pinimg.com
7	match.adsrvr.org	7 redirects
7	cache.marriott.com	thestregisbalharbourresort.247activities.com cache.marriott.com
7	ib.adnxs.com	5 redirects js.adsrvr.org
6	tr.snapchat.com	1 redirects sc-static.net
6	ad.doubleclick.net	6 redirects
5	tag.yieldoptimizer.com	3 redirects
4	px.ads.linkedin.com	3 redirects thestregisbalharbourresort.247activities.com
4	www.google-analytics.com	thestregisbalharbourresort.247activities.com www.google-analytics.com www.googletagmanager.com
3	c1.adform.net	3 redirects
3	adservice.google.com
3	bat.bing.com	assets.adobedtm.com bat.bing.com
2	cm.ipinyou.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	www.facebook.com
2	gum.criteo.com	2 redirects
2	pixel.tapad.com	2 redirects
2	usermatch.krxd.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	cms.analytics.yahoo.com	2 redirects
2	sp.analytics.yahoo.com
2	fcmatch.youtube.com	static.sojern.com
2	fcmatch.google.com	2 redirects
2	secure.adnxs.com
2	p.tvpixel.com	thestregisbalharbourresort.247activities.com
2	beacon.sojern.com	thestregisbalharbourresort.247activities.com static.sojern.com
2	login.dotomi.com	1 redirects thestregisbalharbourresort.247activities.com
2	sc-static.net	thestregisbalharbourresort.247activities.com tr.snapchat.com
2	s.yimg.com	thestregisbalharbourresort.247activities.com
2	s.pinimg.com	thestregisbalharbourresort.247activities.com s.pinimg.com
2	pxl.jivox.com
2	js.adsrvr.org	thestregisbalharbourresort.247activities.com insight.adsrvr.org
2	connect.facebook.net	thestregisbalharbourresort.247activities.com connect.facebook.net
2	smetrics.marriott.com	assets.adobedtm.com
2	idsync.rlcdn.com	2 redirects
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	login-ds.dotomi.com	login.dotomi.com
1	ag.innovid.com	1 redirects
1	tr6.snapchat.com	sc-static.net
1	www.google.com	static.sojern.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	beacon.krxd.net	js.adsrvr.org
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	tags.bluekai.com	login.dotomi.com
1	contextual.media.net	login.dotomi.com
1	bh.contextweb.com	login.dotomi.com
1	partners.tremorhub.com	login.dotomi.com
1	yahoo-match.dotomi.com	login.dotomi.com
1	simage2.pubmatic.com	login.dotomi.com
1	match.sync.ad.cpe.dotomi.com	login.dotomi.com
1	adobe-sync.dotomi.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	insight.adsrvr.org	js.adsrvr.org
1	servedby.flashtalking.com	1 redirects
1	geolocation.onetrust.com	thestregisbalharbourresort.247activities.com
1	jvxpxl.marriott.com
1	snap.licdn.com	thestregisbalharbourresort.247activities.com
1	static.sojern.com	thestregisbalharbourresort.247activities.com
1	c.tvpixel.com	thestregisbalharbourresort.247activities.com
1	c.bing.com	1 redirects
1	idpix.media6degrees.com	1 redirects
1	o436887.ingest.sentry.io	thestregisbalharbourresort.247activities.com
1	cm.everesttech.net	1 redirects
1	marriottinternationa.demdex.net	assets.adobedtm.com
1	fonts.googleapis.com	thestregisbalharbourresort.247activities.com
0	hb.yahoo.net Failed
0	sync.search.spotxchange.com Failed
0	match.rundsp.com Failed
185	80

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.marriott.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.247activities.com Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
www.marriott.com Entrust Certification Authority - L1K	`2023-12-19` - `2024-11-09`	a year	crt.sh
smetrics.marriott.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2024-04-25`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.tvpixel.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.jivox.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-06-16`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-01-22` - `2024-03-13`	2 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
jvxas.marriott.com Entrust Certification Authority - L1K	`2023-12-11` - `2024-12-10`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2025-01-14`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://thestregisbalharbourresort.247activities.com/
Frame ID: DD800A8474C3A8B9C45305EEB4AAF058
Requests: 129 HTTP requests in this frame

Frame: https://marriottinternationa.demdex.net/dest5.html?d_nsid=0
Frame ID: 9C875AD1C488B9A681BAB027BF1AB23B
Requests: 26 HTTP requests in this frame

Frame: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Frame ID: EAD21D43A4C0B7F17F0B0548416E2191
Requests: 10 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Frame ID: A1E8348F162A6F293E06E033BFF7E469
Requests: 10 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&upid=byw7ch4&upv=1.1.0
Frame ID: 7F23B32538F7063D9E6283A47D6C2FE3
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=48e47728-2638-4b56-a7b0-2baca331f435&u_sclid=461d7601-0595-497b-971f-166081bece65
Frame ID: D769C034B6DC6162C311A6728AD74C6A
Requests: 2 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
Frame ID: A4B4E7AB0529E01B85A280A801D353A2
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdkOTMzMWEtMjdkYS00MmEzLTg0YTctMGQyNGJkN2FjMGM0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
Frame ID: 86A002A305E6B6CA15D126E097AB95DC
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/setuid?entity=82&code=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=
Frame ID: A86C68D3CB80941C4E7487B03DDE50E9
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1706035369688&pnid=140&pcid=3f1bcfe3-361c-47f7-bae8-263b25feb6eb
Frame ID: 039810518E6EFF325CAAE80487570F5B
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 65EFE45F2CC40D5AEA0BF0A73C3209FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The St. Regis Bal Harbour ResortBack ButtonFilter Button

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

185
Requests

76 %
HTTPS

37 %
IPv6

53
Domains

80
Subdomains

51
IPs

4
Countries

8600 kB
Transfer

22536 kB
Size

103
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/place/The+St.+Regis+Bal+Harbour+Resort/@25.8890203,-80.122839,20.25z/data=!4m8!3m7!1s0x88d9b29f218c4fd1:0xc2e75682941eeb1b!5m2!4m1!1i2!8m2!3d25.8890934!4d-80.1224107
Title: 9703 Collins Avenue, Bal Harbour - Miami Beach, Florida, 33154, USA

Search URL Search Domain Scan URL

URL: https://www.marriott.com/en-us/hotels/miaxr-the-st-regis-bal-harbour-resort/overview/
Title: Visit hotel website >

Search URL Search Domain Scan URL

URL: https://www.marriott.com/default.mi

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/terms-of-use.mi
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/your-privacy-rights.mi
Title: Your Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/privacy.mi
Title: Privacy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cm.everesttech.net/cm/dd?d_uuid=90749123238939382902171924092200732151 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbbUawAAAIdWiAN-

Request Chain 23

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8222142341378785510

Request Chain 26

https://idsync.rlcdn.com/365868.gif?partner_uid=90749123238939382902171924092200732151 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomOTA3NDkxMjMyMzg5MzkzODI5MDIxNzE5MjQwOTIyMDA3MzIxNTEQABoNCOuo260GEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a413bf81bb709991c1bb52e24d39cc1529edc78f80e762b0930d509720ca8943b0da87c991749652

Request Chain 28

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=OTA3NDkxMjMyMzg5MzkzODI5MDIxNzE5MjQwOTIyMDA3MzIxNTE= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=OTA3NDkxMjMyMzg5MzkzODI5MDIxNzE5MjQwOTIyMDA3MzIxNTE=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENYyesAklnhUiLuH0GHXAnQ&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 33

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=90749123238939382902171924092200732151 HTTP 302
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1sxsxklb8xl76

Request Chain 34

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

Request Chain 65

https://c.bing.com/c.gif?uid=90749123238939382902171924092200732151&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=11E303C3FD116E2D052617D7FC9E6FD8

Request Chain 90

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5871766A08EAF0&gdpr=0&gdpr_consent=

Request Chain 98

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CN-B35aQgYQDFbUXrQYd_asFjQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CN-B35aQgYQDFbUXrQYd_asFjQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=nhNSqumvYnzD9ir8dMIh8g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT&sjrn_ula=673976618 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT&sjrn_ula=673976618&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_hm=nhNSqumvYnzD9ir8dMIh8g&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoqnZ0kB9eeSkXuf-iCU3xiKPQkCw2xRbA7OORij1wuWYWce_GosmnCmMcxv-JDcZVXu2fUxPuudozWMAT2M4tKCYEzAlY6FXbkWopoBSIbZR3SJtsM HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqnZ0kB9eeSkXuf-iCU3xiKPQkCw2xRbA7OORij1wuWYWce_GosmnCmMcxv-JDcZVXu2fUxPuudozWMAT2M4tKCYEzAlY6FXbkWopoBSIbZR3SJtsM

Request Chain 103

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT HTTP 302
https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT

Request Chain 104

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT

Request Chain 105

https://c1.adform.net/serving/cookie/match?cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=7760922319652954788&cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2

Request Chain 106

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1706480748584%26url%3Dhttps%253A%252F%252Fthestregisbalharbourresort.247activities.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJNvQAatzWOtgAAAY1SLcloobtNzgvw3y4udh2VBZjspVJ9H8TvsV0G0jrJGJkkub9WceM

Request Chain 108

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CK7j3ZaQgYQDFe0TigMdFaALzQ;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CK7j3ZaQgYQDFe0TigMdFaALzQ;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F

Request Chain 109

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CMng3ZaQgYQDFX4wigMd8CIO0w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CMng3ZaQgYQDFX4wigMd8CIO0w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=iDQs-8q7wxFzHnGgM04lzg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_hm=iDQs-8q7wxFzHnGgM04lzg&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoofCLMCFb3ziM9InhwPh182pHA4M4YyogaC-yQ0PmE8V8At-0i5_c-vwRMxjoxDLIMUtuE0Ive3ZdzhQdFhE8qjl8SOWIilH_-a-djN_IqfDxM1c6w HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofCLMCFb3ziM9InhwPh182pHA4M4YyogaC-yQ0PmE8V8At-0i5_c-vwRMxjoxDLIMUtuE0Ive3ZdzhQdFhE8qjl8SOWIilH_-a-djN_IqfDxM1c6w

Request Chain 114

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW HTTP 302
https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW

Request Chain 115

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW

Request Chain 116

https://c1.adform.net/serving/cookie/match?cid=88342cfb-cabb-c311-731e-71a0334e25ce&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=9151410024127054043&cid=88342cfb-cabb-c311-731e-71a0334e25ce

Request Chain 120

https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=90749123238939382902171924092200732151&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=19360&dpuuid=90749123238939382902171924092200732151&expiration=1706567149&nuid=90749123238939382902171924092200732151&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=

Request Chain 130

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

Request Chain 132

https://login.dotomi.com/match/bounce/current?networkId=41440&version=1&nuid=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRTBuV2VMYVZoaUFFd0thSE5BUUVMX3dF&expiration=1706567148&nuid=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=

Request Chain 133

https://cms.analytics.yahoo.com/cms?partner_id=PCLOUD&_hosted_id=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58678/cms?partner_id=PCLOUD&_hosted_id=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent= HTTP 302
https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-c.GPLcFE2oAoi3dOkEIs176fcQazPb7Ujzg7~A

Request Chain 145

https://a.tribalfusion.com/i.match?p=b13&u=90749123238939382902171924092200732151&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=90749123238939382902171924092200732151&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 146

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OTdkOTMzMWEtMjdkYS00MmEzLTg0YTctMGQyNGJkN2FjMGM0&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&google_gid=CAESEDkorH7cuLk5BJBDHhUz8lQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdkOTMzMWEtMjdkYS00MmEzLTg0YTctMGQyNGJkN2FjMGM0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

Request Chain 148

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8222142341378785510&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4 HTTP 302
https://ib.adnxs.com/setuid?entity=82&code=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=

Request Chain 150

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233&gdpr=0&gdpr_consent= HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=412503521&t=i&p=2233&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2031391870330&gdpr=0&gdprconsent=

Request Chain 155

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1706480749273&u_scsid=a36ed244-caa7-4d27-adde-b18a58be49c6&u_sclid=de4ca9c0-9ad3-47aa-84e4-79cee58b4ef3 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706035369688%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706035369688%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1706035369688&pnid=140&pcid=3f1bcfe3-361c-47f7-bae8-263b25feb6eb

Request Chain 159

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O0ye6DeJWP9GgVwv6ywoHg3c0NJ0I5me&gdpr=0&gdpr_consent=

Request Chain 163

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=935079469&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm

Request Chain 165

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=90749123238939382902171924092200732151&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=90749123238939382902171924092200732151&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RHE7P7dE2pElpQtPDwRm0_JKDiu_xI0Ek4g-~A

Request Chain 168

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=58ad4ae8-e2cc-4666-a9ae-ec04c594f912

Request Chain 172

https://usermatch.krxd.net/um/v2?partner=adobe&id=90749123238939382902171924092200732151 HTTP 302
https://dpm.demdex.net/ibs:dpid=66757?id=90749123238939382902171924092200732151&dpuuid=QEEJaX6b

Request Chain 173

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJiVWF3QUFBSWRXaUFOLQ==

Request Chain 174

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbbUawAAAIdWiAN-&expires=90

Request Chain 175

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbbUawAAAIdWiAN- HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbbUawAAAIdWiAN-&C=1

Request Chain 176

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZbbUawAAAIdWiAN-

Request Chain 177

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbbUawAAAIdWiAN- HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZbbUawAAAIdWiAN-

Request Chain 178

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbbUawAAAIdWiAN-

Request Chain 179

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbbUawAAAIdWiAN-&img=1

Request Chain 180

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbbUawAAAIdWiAN-&t=2592000&o=0

Request Chain 181

https://cm.ipinyou.com/xcmr/aam/r.gif HTTP 302
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=O1T6Po3CcrWe&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D HTTP 302
https://cm.ipinyou.com/xcms/aam/s.gif?tid=90749123238939382902171924092200732151

Request Chain 183

https://insight.adsrvr.org/track/pxl/?adv=hbq9bjg&ct=0:uti0uav&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://tags.bluekai.com/site/5386?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HTWlGVko1RTJ1RXRXSzFfVV9HcHVvRWc4elhGVmR0RX5B&gdpr=0&ovsid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&dpid=55953

185 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thestregisbalharbourresort.247activities.com/ 3 KB
2 KB 227ms
88ms Document
text/html 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

575b1c14355c153f170c5dc528fcb944f535db28a0877306c2754839ad867e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 22:25:44 GMT
expires: Sun, 28 Jan 2024 22:05:44 GMT
pragma: no-cache
referrer-policy: same-origin
server: nginx/1.24.0
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Language, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-version: 1703363396
x-xss-protection: 1; mode=block

GET
H2 200 vendor.css
thestregisbalharbourresort.247activities.com/css/ 396 KB
116 KB 83ms
79ms Stylesheet
text/css 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

108b17ab5acbd555020aef05770b5a766e02e7d19a72737b39c7b2881a64b6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 09:34:41 GMT
server: nginx/1.24.0
etag: W/"658163b1-62e92"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 theming.css
thestregisbalharbourresort.247activities.com/css/ 466 KB
114 KB 159ms
156ms Stylesheet
text/css 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/theming.css?v=1703363396

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

3518646dfb1571293466295fa5b694ee1c9e0923135212d783d195cb0cb2b899

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 10:42:44 GMT
server: nginx/1.24.0
etag: W/"6582c524-747c4"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 theme.css
thestregisbalharbourresort.247activities.com/api/css/ 3 KB
1 KB 160ms
157ms Stylesheet
text/css 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/css/theme.css

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

0cc996f6248901846ff22c1b3c70f4889b957876b6f581f1d56fba6dacca1038

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: text/css
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:44 GMT

GET
H2 200 boot.css
thestregisbalharbourresort.247activities.com/css/ 370 KB
74 KB 159ms
157ms Stylesheet
text/css 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/boot.css

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

a59039a55b5e6a55c9917b177cea541aed2109727aeb088de6d1c08d2dc66a70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 09:34:41 GMT
server: nginx/1.24.0
etag: W/"658163b1-5c8be"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 vendor.js Show response
thestregisbalharbourresort.247activities.com/js/ 4 MB
1 MB 157ms
155ms Script
application/javascript 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/js/vendor.js?v=1703363396

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

ed19c592446d5125b179129f6d35ff5385bdc161ef90016ce77765f0af177bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 09:34:41 GMT
server: nginx/1.24.0
etag: W/"658163b1-3891b2"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 launch-EN3963523be4674e5591a9c4d516697352.min.js Show response
assets.adobedtm.com/ 467 KB
118 KB 184ms
57ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a414645044a3dee233d1fd534ae4b33249eeed8f8d7ae79ce0152e8e2cd65d7f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:44 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:33 GMT
server: AkamaiNetStorage
etag: "bf5a7da8eac0825ebb185634f0e5da7e:1706212653.381136"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 120100
expires: Sun, 28 Jan 2024 23:25:44 GMT

GET
H2 200 main.js Show response
thestregisbalharbourresort.247activities.com/js/ 9 MB
2 MB 158ms
156ms Script
application/javascript 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

3b0c7d63f9f5c675ab4ac69a1998aa9537e6e358e88e3918a58fb574a906e230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:44 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 10:42:44 GMT
server: nginx/1.24.0
etag: W/"6582c524-88166b"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 159ms
41ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 22:25:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:43:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 22:25:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 100ms
31ms Script
text/javascript 2607:f8b0:4004:c0b::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Jan 2024 21:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2251
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 28 Jan 2024 23:48:14 GMT

GET
H2 200 3cd4c80ccba0a4fb3e5d.png
thestregisbalharbourresort.247activities.com/css/assets/ 22 KB
22 KB 171ms
170ms Image
image/png 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thestregisbalharbourresort.247activities.com/css/assets/3cd4c80ccba0a4fb3e5d.png

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

e392b7a34034b4389cb95c6a572e85e577e633b92e737ffb03cd03880bb3c97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:02:50 GMT
server: nginx/1.24.0
etag: "6215ea2a-5848"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 22600
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
240 B 40ms
39ms XHR
text/plain 2607:f8b0:4004:c0b::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=942602579&t=pageview&_s=1&dl=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&ul=en-us&de=UTF-8&dt=The%20St.%20Regis%20Bal%20Harbour%20Resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=340668800&gjid=810715960&cid=111355709.1706480745&tid=UA-162569320-1&_gid=386350075.1706480745&_r=1&_slc=1&z=1987138120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

68f4d44b056db178a4a5683da873a2c3754afb055d3cea217afdd297b6162bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
82 KB 118ms
49ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F655SMQDS2&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54b90ef60b76cca302d0d35939fa25bba91eb9723e3c3884a300a503fb418bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83558
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 22:25:45 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 5 KB
2 KB 135ms
45ms XHR
application/json 18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1706480746604

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

4badc8f2cc8cc29176727f1cdd27b07f5032cedbbd2e82952ffed205b96b91be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-va6-1-v053-0f3d0f65a.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: oP4Tu0pOQoE=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 1722
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 34 KB
13 KB 53ms
53ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:46 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: AkamaiNetStorage
etag: "72404253c27255247028f0ba11022cf8:1559603012"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12916
expires: Sun, 28 Jan 2024 23:25:46 GMT

GET
H2 200 dest5.html Show response
marriottinternationa.demdex.net/ Frame 9C87 7 KB
3 KB 49ms
45ms Document
text/html 18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://marriottinternationa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 28 Jan 2024 22:25:47 GMT
dcs: dcs-prod-va6-1-v053-039eb15ae.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Nov 2023 15:29:24 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: CO4GX/uKR5c=

GET
H2

200

ibs:dpid=411&dpuuid=ZbbUawAAAIdWiAN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=90749123238939382902171924092200732151
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbbUawAAAIdWiAN-

42 B
714 B

46ms
45ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbbUawAAAIdWiAN-

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0bd4383af.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: bdyIoF9wTeQ=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZbbUawAAAIdWiAN-
Date: Sun, 28 Jan 2024 22:25:47 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 RC998a74cdbfb34e4eb70533b7acc285a2-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 573 B
571 B 107ms
107ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC998a74cdbfb34e4eb70533b7acc285a2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 822b177f983f951507f9331ca1849c6a8a7601b3dc449de022c2dac66ddb37bd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 334
expires: Sun, 28 Jan 2024 23:25:47 GMT

GET
H2 200 RCbbd572812c1d4d6381764b660217f8cb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 2 KB
1 KB 56ms
56ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCbbd572812c1d4d6381764b660217f8cb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e249c54cecc4bdf6bcfde6507106d8d5eadecc3a83c38d8cad369a78f1eb2f71

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 876
expires: Sun, 28 Jan 2024 23:25:47 GMT

POST
H2 200 / Show response
o436887.ingest.sentry.io/api/5398649/envelope/ 2 B
324 B 138ms
60ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o436887.ingest.sentry.io/api/5398649/envelope/?sentry_key=6ececa1dc2674f34a9478fb7271f037f&sentry_version=7

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 translations Show response
thestregisbalharbourresort.247activities.com/api/translations/ 416 KB
122 KB 68ms
67ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/translations/translations?language=en&return_as=dict

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

0cc625c72fb08b7280cfc629f356a38e8d00d813f563896c6ce8f6cd2e4d8335

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Cookie, Accept-Language
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:47 GMT

GET
H2 200 562987601d52e1b1fe6e.otf
thestregisbalharbourresort.247activities.com/css/assets/ 59 KB
60 KB 41ms
40ms Font
application/octet-stream 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/assets/562987601d52e1b1fe6e.otf

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

f77901460c4fe09d055e1f32a52d72b19b5eac2d387addc04082759d3055aba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396
Origin: https://thestregisbalharbourresort.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:02:50 GMT
server: nginx/1.24.0
etag: "6215ea2a-ed74"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 60788
x-xss-protection: 1; mode=block

GET
H2 200 6768c1976c2ad78da163.png
thestregisbalharbourresort.247activities.com/css/assets/ 538 B
788 B 40ms
39ms Image
image/png 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thestregisbalharbourresort.247activities.com/css/assets/6768c1976c2ad78da163.png

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:02:50 GMT
server: nginx/1.24.0
etag: "6215ea2a-21a"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 538
x-xss-protection: 1; mode=block

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 25 KB
9 KB 56ms
55ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: AkamaiNetStorage
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8640
expires: Sun, 28 Jan 2024 23:25:47 GMT

GET
H2

200

ibs:dpid=358&dpuuid=8222142341378785510
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8222142341378785510

42 B
714 B

44ms
43ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=8222142341378785510

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0df4d05c3.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: X5dPOfW8SNA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
an-x-request-uuid: 540695fa-50d7-4fe8-ac55-0f1176d0124c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=8222142341378785510
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sites-session Show response
thestregisbalharbourresort.247activities.com/api/auth/ 36 KB
10 KB 120ms
120ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/auth/sites-session

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

4fd96f96cad91054e5fc49db5d95628b922db61c1bd0f6b5025a3991e562946a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Cookie, Accept-Language
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:47 GMT

GET
H2 200 9c33516aab48c61e3081.woff2
thestregisbalharbourresort.247activities.com/css/assets/ 525 KB
526 KB 41ms
40ms Font
font/woff2 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/assets/9c33516aab48c61e3081.woff2

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396
Origin: https://thestregisbalharbourresort.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:02:50 GMT
server: nginx/1.24.0
etag: "6215ea2a-8350c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 537868
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=477&dpuuid=a413bf81bb709991c1bb52e24d39cc1529edc78f80e762b0930d509720ca8943b0da87c991749652
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=90749123238939382902171924092200732151
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomOTA3NDkxMjMyMzg5MzkzODI5MDIxNzE5MjQwOTIyMDA3MzIxNTEQABoNCOuo260GEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=a413bf81bb709991c1bb52e24d39cc1529edc78f80e762b0930d509720ca8943b0da87c991749652

42 B
714 B

353ms
352ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=a413bf81bb709991c1bb52e24d39cc1529edc78f80e762b0930d509720ca8943b0da87c991749652

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0df904793.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: YCx0BHT2ReY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 28 Jan 2024 22:25:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=a413bf81bb709991c1bb52e24d39cc1529edc78f80e762b0930d509720ca8943b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 otSDKStub.js Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/ 20 KB
7 KB 545ms
401ms Script
application/x-javascript 23.39.184.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?3237481164707729.5
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.184.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-184-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:38:47 GMT
server: AkamaiNetStorage
etag: "67b989d4e95276950bf7da56f7c0598d:1654544327.296254"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1074606
accept-ranges: bytes
content-length: 6886
expires: Sat, 10 Feb 2024 08:55:53 GMT

GET
H2

200

ibs:dpid=771&dpuuid=CAESENYyesAklnhUiLuH0GHXAnQ&google_cver=1
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=OTA3NDkxMjMyMzg5MzkzODI5MDIxNzE5MjQwOTIyMDA3MzIxNTE=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=OTA3NDkxMjMyMzg5MzkzODI5MDIxNzE5MjQwOTIyMDA3MzIxNTE=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENYyesAklnhUiLuH0GHXAnQ&google_cver=1?gdpr=0&gdpr_consent=

42 B
714 B

47ms
44ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENYyesAklnhUiLuH0GHXAnQ&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-078a7c853.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: nL9dYoVIRG8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENYyesAklnhUiLuH0GHXAnQ&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launch-EN3963523be4674e5591a9c4d516697352.min.js Show response
assets.adobedtm.com/ 467 KB
118 KB 57ms
56ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a414645044a3dee233d1fd534ae4b33249eeed8f8d7ae79ce0152e8e2cd65d7f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:47 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:33 GMT
server: AkamaiNetStorage
etag: "bf5a7da8eac0825ebb185634f0e5da7e:1706212653.381136"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 120100
expires: Sun, 28 Jan 2024 23:25:47 GMT

GET
H2 200 login-session Show response
thestregisbalharbourresort.247activities.com/api/auth/ 82 B
583 B 52ms
52ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/auth/login-session

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

6e10b223ebaea986dbeef75b614e2d0d277f5b28ff6cb58bdfe1ac3ab2289687

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:47 GMT

GET
H2 200 s7222740564732 Show response
smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/ 5 KB
6 KB 422ms
340ms Script
application/x-javascript 63.140.38.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/s7222740564732?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=28%2F0%2F2024%2012%3A25%3A47%200%20600&d.&nsid=0&jsonv=1&.d&mid=90494342403771612432180487309513690014&aamlh=7&ce=UTF-8&pageName=thestregisbalharbourresort.247activities.com%2F&g=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cc=USD&v0=Unpaid%20Referrals%3A%20Typed%2FBookmarked&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=Real%20Time%20Reservation&c8=D%3Dv15&c26=Launch&v41=Real%20Time%20Reservation&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=thestregisbalharbourresort.247activities.com%2F&v237=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.225 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-225.data.adobedc.net

Software

jag /

Resource Hash

54cc336ea82cecc3ea5dc85bc44039601b5445253c4397d2fc8941394bf9054a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-aam-tid: T1M9sOpzR1E=
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5441
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-1-v053-0fcf4785f.edge-va6.demdex.com 6 ms
pragma: no-cache
last-modified: Mon, 29 Jan 2024 22:25:47 GMT
server: jag
etag: 3664639501592526848-4617982855579601139
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 27 Jan 2024 22:25:47 GMT

GET
H2 200 1 Show response
thestregisbalharbourresort.247activities.com/api/hotel/get-hotel/ 35 KB
9 KB 63ms
63ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/hotel/get-hotel/1

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

48dfb69f3a9d71ad74bd7be783be49a2a377b487497017c5d1c6b1da797bbaf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:47 GMT

GET
H2

200

ibs:dpid=992&dpuuid=1sxsxklb8xl76
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=90749123238939382902171924092200732151
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1sxsxklb8xl76

42 B
715 B

49ms
37ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=992&dpuuid=1sxsxklb8xl76

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-07861c496.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: BWDQnYAESWk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://dpm.demdex.net/ibs:dpid=992&dpuuid=1sxsxklb8xl76
cache-control: no-cache
cf-ray: 84cca744d8306aed-BUF
content-length: 0

GET
H2

200

ibs:dpid=903&dpuuid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

42 B
714 B

45ms
45ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0ea3889d2.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: VdWvEWSoSRo=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
date: Sun, 28 Jan 2024 22:25:48 GMT
server: Kestrel
content-length: 189

GET
H2 200 disablefood.css
thestregisbalharbourresort.247activities.com/css/ 881 B
662 B 48ms
38ms Stylesheet
text/css 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/disablefood.css?v=2_1

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/vendor.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

78791edc61c96a5ec8159e033473108958108c66296abe6a5b6896040dff9645

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:02:50 GMT
server: nginx/1.24.0
etag: W/"6215ea2a-371"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 1 Show response
thestregisbalharbourresort.247activities.com/api/palapa/booking/get-booking-values/ 10 KB
3 KB 76ms
68ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/palapa/booking/get-booking-values/1

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

dfde55c26a76fe96455cf5e3c40c54749fbc219f7e34a932e97caff50cd236e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:48 GMT

GET
H2 200 b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/ 4 KB
5 KB 229ms
131ms XHR
application/json 23.39.184.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.184.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-184-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7316c1dfbc9f061b2280befce5285d9576624d84376031f96583df11d82ea916

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
last-modified: Mon, 06 Jun 2022 19:54:53 GMT
server: AkamaiNetStorage
etag: "2f1c841426300bd3781a1752ab891f7c:1654545293.924385"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=115963
accept-ranges: bytes
content-length: 4006
expires: Tue, 30 Jan 2024 06:38:31 GMT

GET
H2 200 RCab7ed3322be74aa0aec2b321a13ac9ff-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 2 KB
845 B 54ms
53ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCab7ed3322be74aa0aec2b321a13ac9ff-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9b8dcfbdc40c9caabf0e4ddeff043c4af3d7af4689fc4130f7fd3651b95f0968

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 608
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 422 B
506 B 54ms
54ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fcad0bb59b53fdb301a56e0fe35f44227271e38c5ad1bd227a30bfd3b96ef723

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 270
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 48ms
47ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae0a93a19431ff887e8ce6e05a2bca8b09f6b3bd79412ce02e6bc2609ffd66bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75862
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H2 200 RCd27fea974d354655821709a78f4b1dd2-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 2 KB
872 B 54ms
54ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCd27fea974d354655821709a78f4b1dd2-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e354718dba42dbc4681e5323f82866b1274611f00bcf30eb7f7156cf1a71f3e7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 635
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC9cb1ec8ecf2a461187113443b47b5896-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 1 KB
954 B 53ms
53ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fe7b6c830b69342bd253c70ab4bbbf14a59ac4b5667dfc08f66f59f7131a420d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 717
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC7397178f0a1540d798c3f1a3d2c85c1b-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 1 KB
882 B 53ms
53ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC7397178f0a1540d798c3f1a3d2c85c1b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 19ffd0fbe97ec8c7d6985c3b41e45e1c3a80052911f605f990cd19717f3bde34

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 645
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 110ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 28 Jan 2024 22:25:47 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BDCD0ED18F8644FC91FDF34F48E46E7E Ref B: NYCEDGE1712 Ref C: 2024-01-28T22:25:48Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 RCb6c3578477864b5583591694fb0c7548-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 4 KB
1 KB 55ms
54ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCb6c3578477864b5583591694fb0c7548-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: def471f0480adeb3b47924f6684d105b52ea0d86b407baee37f1f2cf2fa7b5ef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1130
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC69b12fc347724763b4d1d6b2bbb7bc67-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 1 KB
855 B 53ms
53ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC69b12fc347724763b4d1d6b2bbb7bc67-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a93b70f93f8d734b9cef5d25826cd8496dcee4a619a04ea78cfdee9f6462c3b8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 618
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 2 KB
965 B 58ms
58ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: cfd1437fcf5e1e5bc504d0a4366d0a2facdf81ed3edf0eb34734c8103a2f94c5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 728
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RCc37891c0d65e4f2581d609fc16498257-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 548 B
534 B 56ms
55ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCc37891c0d65e4f2581d609fc16498257-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 52ea1861699ecf8fe7d164567df73a73c43ac85253e32658e0f022842b3eebea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 297
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RCb70d7bef713543b09b57afbc6f9e056a-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 3 KB
1 KB 63ms
61ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCb70d7bef713543b09b57afbc6f9e056a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 470ded9ff828e85600726be723a6c46d8b13aad3921038dd94d291e3884132d8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1098
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 776 B
734 B 87ms
86ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0a37f4264a9cf03b723507f6c31a0a25c44ecf96528cfd798c22e88c99e7c93b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 497
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC1b12bbad598c4c1380765438bb0467a9-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 718 B
691 B 85ms
84ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC1b12bbad598c4c1380765438bb0467a9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 84b16390f1972a710b482ed0f21ba9f8fad7b1fac9b9fca835777994262e6d1c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 454
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 2 KB
1 KB 86ms
85ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f938286168b563d30b432e1d814cee4ed5841bae8a1cb78047dc5bf1b6f30034

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 905
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 648 B
646 B 83ms
83ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 40dc35bd17d41c0cf151637f57f080c0472db5c8351b62ff9daf298a55324b9a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 410
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RC5144740cc710431e95a7dd7c05b8b386-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 1 KB
916 B 83ms
83ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC5144740cc710431e95a7dd7c05b8b386-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 52f1ee340c477bdd91fa327c2cd5eea9c4e2c762a593197f4cd669e823f54de7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 679
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 RCc3f4828f094d492b8356f158534742f5-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 3 KB
1 KB 72ms
72ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RCc3f4828f094d492b8356f158534742f5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 79ab5769acebae5b9387031c48ae715d2f85c10ea62bbab124564bdba68aae99

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 990
expires: Sun, 28 Jan 2024 23:25:48 GMT

GET
H2 200 get-services Show response
thestregisbalharbourresort.247activities.com/api/service/ 129 KB
13 KB 183ms
182ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/service/get-services?serviceparent_id=&active=1&include_service_type=true&for_home=true&simple_menu=true

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

3747d4c2017769b3277bc3ccad631bf7d97c8c27b613facf124a006690715ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:48 GMT

POST
H2 200 user-cart Show response
thestregisbalharbourresort.247activities.com/api/cart/ 202 B
508 B 205ms
203ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/cart/user-cart

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

8054f4e3fe5af937cdc5d795f555dae2c1489ce993935b2c0da1ddb9bb8ce183

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:48 GMT

GET
H/1.1 200
OK xr_logo_L_1.png
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/dashboard_logo/ 7 KB
7 KB 199ms
113ms Image
image/png 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/dashboard_logo/xr_logo_L_1.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b7806820a321ae142a12d51708677e3c2f255cce1aa86958e96c77028f7237a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: 2IXRJOAfafov6HTMfy0PCDxqjgYFt5fQ
Last-Modified: Fri, 30 Sep 2022 13:44:13 GMT
Server: AmazonS3
x-amz-request-id: WY51SNE9RSSE0XW5
ETag: "e4882fe31470948fa20290c956f05d7f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6890
x-amz-id-2: hhsThSy87fuXlWdXG77ael5VaDgBpUHVrOWALLxzg8cad3kXI9ccNDiSIWt6dyvj7KcgZi3E5yA=

GET
H/1.1 200
OK bonvoy-dark.jpg
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/dashboard_right_logo/ 75 KB
75 KB 178ms
92ms Image
image/jpeg 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/dashboard_right_logo/bonvoy-dark.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 228b1d6634abc2d6314f0591e07c5cd246a7fc071e4c9a592a2bf0e11fe6cd27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: 3BctEzkvh27zvWCtoVj_mKxj34SDX2Pf
Last-Modified: Fri, 30 Sep 2022 13:45:39 GMT
Server: AmazonS3
x-amz-request-id: WY5E7QTGZ1B7KH2B
ETag: "f1eb4e69941bc7d8fca19b56707d3e49"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 76498
x-amz-id-2: +fDAfeekilEflJtV2us4ovu4b/bIPe6B4NLqKPD7Zphsk7R+4aVtrjhogC14k9/S/dFmrcYJCWM=

GET
H2 200 6d63d0501e5ed7b79dab.woff2
thestregisbalharbourresort.247activities.com/css/assets/ 118 KB
119 KB 48ms
46ms Font
font/woff2 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/assets/6d63d0501e5ed7b79dab.woff2

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/boot.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/css/boot.css
Origin: https://thestregisbalharbourresort.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 08 Jun 2023 09:10:37 GMT
server: nginx/1.24.0
etag: "64819b0d-1d9fc"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 121340
x-xss-protection: 1; mode=block

GET
H2 200 fcd209aede98542498a0.woff2
thestregisbalharbourresort.247activities.com/css/assets/ 36 KB
36 KB 51ms
50ms Font
font/woff2 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/assets/fcd209aede98542498a0.woff2

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

cea49dea7db546aed2c518c65bda981239e74fba3d69ffc2e81197110d79b876

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396
Origin: https://thestregisbalharbourresort.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:02:50 GMT
server: nginx/1.24.0
etag: "6215ea2a-8f84"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 36740
x-xss-protection: 1; mode=block

GET
H2 200 reserve Show response
thestregisbalharbourresort.247activities.com/api/palapa/booking/ 52 B
440 B 240ms
240ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/palapa/booking/reserve?booking_id=0&keep_price=1

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

4dbae8b3d2a71b182f3aab701a08fc3c5f2bf734f9e09605c650b1c6506e9097

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:48 GMT

GET
H2 200 get-services Show response
thestregisbalharbourresort.247activities.com/api/service/ 129 KB
13 KB 368ms
363ms XHR
application/json 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/api/service/get-services?serviceparent_id=&active=1&include_service_type=true&for_home=true&simple_menu=true

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

3747d4c2017769b3277bc3ccad631bf7d97c8c27b613facf124a006690715ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
referrer-policy: same-origin
content-encoding: gzip
server: nginx/1.24.0
x-version: 1703363396
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store
x-xss-protection: 1; mode=block
expires: Sun, 28 Jan 2024 22:05:48 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
35ms Image
image/gif 2607:f8b0:4004:c0b::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=942602579&t=pageview&_s=2&dl=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20St.%20Regis%20Bal%20Harbour%20Resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=111355709.1706480745&tid=UA-162569320-1&_gid=386350075.1706480745&cd1=&cd2=The%20St.%20Regis%20Bal%20Harbour%20Resort&z=869698293

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 13:53:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30737
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ibs:dpid=1957&dpuuid=11E303C3FD116E2D052617D7FC9E6FD8
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://c.bing.com/c.gif?uid=90749123238939382902171924092200732151&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=11E303C3FD116E2D052617D7FC9E6FD8

42 B
714 B

46ms
46ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=11E303C3FD116E2D052617D7FC9E6FD8

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0e893f715.edge-va6.demdex.com 4 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: rRW8iMdxTbc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C65F59306074D35B56F83ED447410F9 Ref B: NYCEDGE1712 Ref C: 2024-01-28T22:25:48Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=11E303C3FD116E2D052617D7FC9E6FD8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK xr-miaxr-resort-pool-70456-39658_Classic-Hor.jfif
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/dashboard_hotel/ 222 KB
223 KB 211ms
132ms Image
application/octet-stream 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/dashboard_hotel/xr-miaxr-resort-pool-70456-39658_Classic-Hor.jfif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 09316d88a817b1268d8de745b267de01618507d4094b205ed3281bce1bc6a98f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: G9a.FgqqACYCgxAfC4wqMtkM.2JfguRZ
Last-Modified: Fri, 30 Sep 2022 13:44:43 GMT
Server: AmazonS3
x-amz-request-id: WY52S3ZPF9B9AQ7Z
ETag: "82066814cdb25a5c1112283c36d1931f"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 227527
x-amz-id-2: VrQ0+Icop/nr0Th04MZJWQmY3JxTshM3dS74/b2lflymNixuQntg2T/DpGl1ZVKqDiKACrAFNy8=

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
31 KB 127ms
36ms Script
application/javascript 2600:9000:26a0:2c00:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26a0:2c00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
via: 1.1 07e5e07e8e5ea126f260c9aec11f0d3a.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 13:55:49 GMT
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P2
age: 30600
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gpVhk-wfG-TFdK8mNoVM2eBp3ldqlvYKS9NxfEmk9J7rO-OGDSCFMA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 161ms
49ms Script
application/x-javascript 2a03:2880:f011:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:100:face:b00c:0:3 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 22:25:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: YS3QiI0iPo1PIREfH1oiJTAB6brqb+O+nuLWBlJrVryys5yu8YHJo3m5d1Mg0yUPyjmA6OzJthShVXxlBJxLwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 106ms
27ms Script
application/x-javascript 3.161.209.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.209.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-209-109.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 00:45:09 GMT
Content-Encoding: gzip
Via: 1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 78040
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: jMCVE00VjQvtSXDkvMpaQuHTKej8Dtw8Qw3OmKAIld9-6cY0kSAt0Q==

GET
H2 200 pxrc.php
pxl.jivox.com/tags/re/ 43 B
454 B 159ms
68ms Image
image/gif 3.227.143.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=MIAXR&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=thestregisbalharbourresort.247activities.com/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.143.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-143-21.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: Jetty(9.4.39.v20210325)
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
access-control-allow-origin: *
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mhotels.html Show response
static.sojern.com/marriott/ Frame EAD2 9 KB
10 KB 96ms
29ms Document
text/html 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2cac89100642acb92e8c705a639a012b32de7eb32db954a31890da8a091610c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3227
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 9706
content-type: text/html
date: Sun, 28 Jan 2024 21:32:01 GMT
etag: "61166aab6d850b40153da0ce87a22993"
expires: Sun, 28 Jan 2024 22:32:01 GMT
last-modified: Fri, 03 Feb 2023 17:26:13 GMT
server: UploadServer
x-goog-generation: 1675445173923779
x-goog-hash: crc32c=9DJkug== md5=YRZqq22FC0AVPaDOh6Ipkw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9706
x-guploader-uploadid: ABPtcPr8XPJdnzLL27P3mtkUxebjzhNGTuR3zTik2pA9YooGQ3ygRJB6OoBP3RL6xpqpE07vwOQ

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 180ms
50ms Script
application/javascript 2600:1402:8800::1728:cf18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1402:8800::1728:cf18 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=16343
accept-ranges: bytes
content-length: 15732

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 139ms
33ms Script
application/javascript 2600:1408:5400:38b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:38b::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 005fdfd3685a6dea398449f326f814f2e6de5e7133107b981a90b4e95584f72f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "ad1325c16ccac3a8f0f92f032d33fe3c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1864

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
66 KB 43ms
42ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-1359549&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f121d95565b381320903334d51fff37bf01848517dc87fab137ed738712c1e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67813
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
57 KB 101ms
100ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

913c7db2e1be22538c52c3b3dd4bdabdc56c90354308c34ebcfeba72f44f8e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58218
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 51ms
51ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

732210efb3d890b3bcdcc6cf653a6681aa2dfad07b335dc132d28658a907b15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78189
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
66 KB 74ms
73ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9035495&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb4dfbf7b3a5944380b3cfc3a199ed0d4ccab65d0025fd420a56cfb230060034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67807
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 95ms
94ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-366134444&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d259a9cbc262ea4e3e8ecd34910e86354de457dc752541007d4daa6c57cb9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74437
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
64 KB 61ms
60ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5633c25b04fe937b1b104fd6234f9e4d54cb8a5da7026ab781b8d8585f7f6778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65416
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 85ms
85ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LXTBF5X2V&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97610a3d40dd001fa3c35207f814dc41af50908b11e4a56ad9114e0e34baa59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79975
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 104ms
32ms Script
application/javascript 2001:4998:1c:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 28 Jan 2024 22:16:17 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: QXSD48FYH32KD206
age: 572
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: 0kedcUx6LuiJp7AXRwkl7jQ5XXV4YjJcOBbfU9A6n8IOweG9mc33SUIoxhjbK0OYazmtNpqM+ZE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 152ms
69ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
via: 1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: m1zL9bcCQ7n1d7jqL9ANnZfAxV3kbXLfOVKv6Lc_kVXgfSs1cozFZQ==

GET
H2 200 UCMController Show response
login.dotomi.com/ucm/ Frame A1E8 29 KB
8 KB 241ms
33ms Document
text/html 159.127.43.76
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.127.43.76 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS: iad13-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: f214a9516e340262dd3d34ecea805eb9aac325fce8520f966f66b746075321ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private, max-age=0, no-store
content-encoding: gzip
content-length: 7642
content-type: text/html
date: Sun, 28 Jan 2024 22:25:48 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 140436 Show response
beacon.sojern.com/pixel/p/ 5 KB
1 KB 109ms
48ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cid=
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e172b2e98564a9fcc9b25bbf4b21b08acb823c94cd2aca8c6670525ef8a29760

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 916

GET
H2 200 pxrc.php
jvxpxl.marriott.com/tags/re/ 43 B
454 B 366ms
66ms Image
image/gif 34.232.133.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jvxpxl.marriott.com/tags/re/pxrc.php?px=nmqnUipTo43by7&ret=img&cData=MIAXR&px_gA2V6weHmbE0kX=N/A&px_VN9UYLBnPmZRT3=Placeholder_1&px_RfhvJOfVi0k0ib=N/A%20&px_dHFTxmPEkfwIqC=1&px_QM6nmyio6tmtv7=thestregisbalharbourresort.247activities.com/&px_nKN36pA0Ug7YPn=N/A&px_SZFcf8KiSk0A2R=1&px_5Dt68OUOhPgTvZ=1&px_NlnQNfcLkGTbTv=N/A&px_owu8FfhO0SEcKu=N/A&px_8Rr6pIQc4nSUJz=N/A&px_gmHzp9o9vaI22h=%27%27&px_t9htmmuRzKANGT=N/A&px_kLwVqUWkEmbpIL=N/A&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.133.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-133-131.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: Jetty(9.4.39.v20210325)
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
access-control-allow-origin: *
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 5140893.js Show response
bat.bing.com/p/action/ 0
118 B 42ms
42ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5140893.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 28 Jan 2024 22:25:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D23EC72EB7BD4082BBEFBE32A94B8752 Ref B: NYCEDGE1712 Ref C: 2024-01-28T22:25:48Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
356 B 113ms
113ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5140893&tm=al001&Ver=2&mid=32bc4fac-a909-4b95-9077-059f3eb65fea&sid=2fc62540be2c11eebfdb971b4cdf05d0&vid=2fc66300be2c11eea7194762e018d9a3&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20St.%20Regis%20Bal%20Harbour%20Resort&p=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&r=&lt=3736&pt=1706480744575,,,,,0,52,52,52,134,90,139,228,228,231,2869,2869,2901,3686,3686,3736&pn=0,0&evt=pageLoad&sv=1&rn=881399

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 22:25:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8FADEDE2C84F441796BC525E0D7D3396 Ref B: NYCEDGE1712 Ref C: 2024-01-28T22:25:48Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s73965580761083 Show response
smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/ 5 KB
6 KB 50ms
49ms Script
application/x-javascript 63.140.38.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LDQM/s73965580761083?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=28%2F0%2F2024%2012%3A25%3A48%200%20600&d.&nsid=0&jsonv=1&.d&mid=90494342403771612432180487309513690014&aamlh=7&ce=UTF-8&pageName=thestregisbalharbourresort.247activities.com%2F&g=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cc=USD&events=event1%2CprodView&products=%3BMIAXR%3B%3B&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=Real%20Time%20Reservation&c8=D%3Dv15&c26=Launch&v41=Real%20Time%20Reservation&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=thestregisbalharbourresort.247activities.com%2F&v237=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&lrt=440&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.225 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-225.data.adobedc.net

Software

jag /

Resource Hash

4253a0991868a34d3912bc915def432623f098c9178d52470622658959006cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-aam-tid: eKUuvq5jQSk=
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5441
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-2-v053-06b07475c.edge-va6.demdex.com 8 ms
pragma: no-cache
last-modified: Mon, 29 Jan 2024 22:25:48 GMT
server: jag
etag: 3664639502687240192-4617777007940231438
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 27 Jan 2024 22:25:48 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
305 B 120ms
47ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 84cca7465aad4bcc-BUF
access-control-allow-headers: Content-Type

GET
H2

200

ibs:dpid=3047&dpuuid=5871766A08EAF0&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5871766A08EAF0&gdpr=0&gdpr_consent=

42 B
714 B

54ms
40ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5871766A08EAF0&gdpr=0&gdpr_consent=

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-03389adaa.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: /WylcEkNSN8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 22:25:48 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app41.ash11
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5871766A08EAF0&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H2 200 1144 Show response
beacon.sojern.com/pixel/p/ Frame EAD2 4 KB
1 KB 54ms
45ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/1144?cid=MGP_201904%7Cundefined%7C%7CERR%3ACannot%20read%20properties%20of%20undefined%20(reading%20%27split%27)&p=undefined&hprid=MIAXR&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&hpid=MIAXR&
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: da8c562abc1ab29de420402d185fe5c0647d6d235d6171469b2566c59a67c528

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 897

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
347 B 112ms
38ms XHR
text/plain 52.203.149.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.149.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-149-164.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
date: Sun, 28 Jan 2024 22:25:48 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 121ms
38ms Preflight 52.203.149.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.149.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-149-164.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://thestregisbalharbourresort.247activities.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
access-control-max-age: 600
content-length: 0
date: Sun, 28 Jan 2024 22:25:48 GMT
server: nginx

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 7F23 876 B
938 B 56ms
34ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&upid=byw7ch4&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 133b639f99eafe781578740a1daf1ec63ae934103560809ae9634268b3eee8be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 28 Jan 2024 22:25:48 GMT
server: Kestrel
vary: Accept-Encoding

GET match.gif
match.rundsp.com/ Frame 9C87 0
0

GET
H2 200 main.a6d15c2a.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 49ms
28ms Script
application/javascript 2600:1408:5400:38b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:5400:38b::1931 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f2966780d964488ce801cd252ec0fcfc01281842f3b8302a6efa22d9ef308d10

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "d95b98c078431d7b6709ad96c5145472"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19184

GET
H2 200 405909.json Show response
s.yimg.com/wi/config/ 2 B
488 B 107ms
43ms XHR
application/json 2001:4998:1c:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405909.json

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:800::1001 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: WY5CBVHEQQBXM2YG
age: 0
content-length: 22
x-amz-id-2: MG2ZeBpiXQgX+ji6YEU6vJKaNbWZOjk+XkURN4RYA+kSk8GjDJobUMDiSb9AMoo8ywc7PZMamLw=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2

200

src=4810757;dc_pre=CN-B35aQgYQDFbUXrQYd_asFjQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_lat=;dc_rdid=;tag_for_child_directe...
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CN-B35aQgYQDFbUXrQYd_asFjQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_l...
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CN-B35aQgYQDFbUXrQYd_asFjQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_la...

42 B
401 B

162ms
90ms

Image
image/gif

2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CN-B35aQgYQDFbUXrQYd_asFjQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Protocol

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 28 Jan 2024 22:25:48 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"4296750985822091959"}],"aggregatable_trigger_data":[{"filters":{"14":["7697247"]},"key_piece":"0x2ed3e6238face784","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x505180fe8fa944e8","not_filters":{"14":["7697247"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["7697247"]},"key_piece":"0xc648693042c76fd0","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xc63ed59984d7dbea","not_filters":{"14":["7697247"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"2417039989564976044","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4296750985822091959","filters":{"14":["7697247"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"4296750985822091959","filters":{"14":["7697247"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"4296750985822091959","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"4296750985822091959","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["4810757"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CN-B35aQgYQDFbUXrQYd_asFjQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px
secure.adnxs.com/ 0
1 KB 54ms
35ms Image
application/javascript 68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1565798&t=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
an-x-request-uuid: 6f562fa1-4b7d-46ff-a165-3304eb62d0ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 seg
secure.adnxs.com/ 0
1 KB 54ms
36ms Image
application/javascript 68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=29464183&t=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
an-x-request-uuid: 511ec343-9c83-4d8d-a6f0-2ba1f848f137
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=nhNSqumvYnzD9ir8dMIh8g&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT&sjrn_ula=673976618&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1

42 B
262 B

48ms
47ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT&sjrn_ula=673976618&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT&sjrn_ula=673976618&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=nhNSqumvYnzD9ir8dMIh8g&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDoqnZ0kB9eeSkXuf-iCU3xiKPQkCw2xRbA7OORij1wuWYWce_GosmnCmMcxv-JDcZVXu2fUxPuudozWMAT2M4tKCYEzAlY6FXbkWopoBSIbZR3SJtsM
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqnZ0kB9eeSkXuf-iCU3xiKPQkCw2xRbA7OORij1wuWYWce_GosmnCmMcxv-JDcZVXu2fUxPuudozWMAT2M4tKCYEzAlY6FXbkWopoBSIbZR3SJtsM

170 B
244 B

137ms
129ms

Image
image/png

2607:f8b0:4004:c1d::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqnZ0kB9eeSkXuf-iCU3xiKPQkCw2xRbA7OORij1wuWYWce_GosmnCmMcxv-JDcZVXu2fUxPuudozWMAT2M4tKCYEzAlY6FXbkWopoBSIbZR3SJtsM

Protocol

Server

2607:f8b0:4004:c1d::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqnZ0kB9eeSkXuf-iCU3xiKPQkCw2xRbA7OORij1wuWYWce_GosmnCmMcxv-JDcZVXu2fUxPuudozWMAT2M4tKCYEzAlY6FXbkWopoBSIbZR3SJtsM
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT
https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT

42 B
254 B

48ms
48ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
an-x-request-uuid: c9b30a7e-082f-43f1-9217-b65571aeae60
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT

42 B
277 B

59ms
46ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=BlVXEMJT7OH2nga2pEhQxo87CI6O6Zd8RmZl6aD3F7cjKpEPRT3RgNy6mTeXVoTT
date: Sun, 28 Jan 2024 22:25:48 GMT
server: Kestrel
content-length: 327

GET
H2

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2&party=1296
https://pixel.sojern.com/idsync/adf?adfid=7760922319652954788&cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2

0
208 B

46ms
45ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=7760922319652954788&cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=7760922319652954788&cid=9e1352aa-e9af-627c-c3f6-2afc74c221f2
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1706480748584%26url%3Dhttps%253A%252F%252Fthestregisbalharbourres...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJNvQAatzWOtgAAA...

0
489 B

313ms
244ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJNvQAatzWOtgAAAY1SLcloobtNzgvw3y4udh2VBZjspVJ9H8TvsV0G0jrJGJkkub9WceM
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E1C513FC604B4B4CB4F485D70F11E2CC Ref B: YTO01EDGE0820 Ref C: 2024-01-28T22:25:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQCQLchgqUWH2pvkZu4Q==

Redirect headers

date: Sun, 28 Jan 2024 22:25:48 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1AFD0D6598644AE9AF41997D1C885FFD Ref B: EWR311000101045 Ref C: 2024-01-28T22:25:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1706480748584&url=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJNvQAatzWOtgAAAY1SLcloobtNzgvw3y4udh2VBZjspVJ9H8TvsV0G0jrJGJkkub9WceM
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQCQLapcmiQclw86GsBQ==

GET
H2 200 otBannerSdk.js Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/ 319 KB
76 KB 88ms
79ms Script
application/x-javascript 23.39.184.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?3237481164707729.5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.184.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-184-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:39:17 GMT
server: AkamaiNetStorage
etag: "aa2e3ff705d27b77a2480d446a15e46b:1654544357.83096"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=765987
accept-ranges: bytes
content-length: 77784
expires: Tue, 06 Feb 2024 19:12:15 GMT

GET
H2

200

dc_pre=CK7j3ZaQgYQDFe0TigMdFaALzQ;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;u...
https://ad.doubleclick.net/activity;dc_pre=CK7j3ZaQgYQDFe0TigMdFaALzQ;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=1...
https://adservice.google.com/ddm/fls/z/dc_pre=CK7j3ZaQgYQDFe0TigMdFaALzQ;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;u...

42 B
107 B

426ms
279ms

Image
image/gif

2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK7j3ZaQgYQDFe0TigMdFaALzQ;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F

Protocol

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CK7j3ZaQgYQDFe0TigMdFaALzQ;src=1359549;type=marri003;cat=m1m_m0;ord=1535435123529;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dc_pre=CMng3ZaQgYQDFX4wigMd8CIO0w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;ua...
https://ad.doubleclick.net/activity;dc_pre=CMng3ZaQgYQDFX4wigMd8CIO0w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=1418573475.1706480748;u7=%2F;pscdl=noapi;gtm=45fe41o0...
https://adservice.google.com/ddm/fls/z/dc_pre=CMng3ZaQgYQDFX4wigMd8CIO0w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;d...

42 B
107 B

238ms
90ms

Image
image/gif

2607:f8b0:4004:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMng3ZaQgYQDFX4wigMd8CIO0w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F

Protocol

Server

2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CMng3ZaQgYQDFX4wigMd8CIO0w;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=1176928255473;npa=1;auiddc=*;u7=%2F;pscdl=noapi;gtm=45fe41o0;gcd=11l1l1l1l3;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 31ms
31ms Script
text/javascript 2607:f8b0:4004:c0b::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::66 Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 28 Jan 2024 21:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2254
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 28 Jan 2024 23:48:14 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EAD2 197 KB
71 KB 42ms
42ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-14242

Requested by

Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/p/1144?cid=MGP_201904%7Cundefined%7C%7CERR%3ACannot%20read%20properties%20of%20undefined%20(reading%20%27split%27)&p=undefined&hprid=MIAXR&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&hpid=MIAXR&

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fceb5b9898c8ea5434022e07b3250d6a1605e82bab80e3efae375449b4a90e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72865
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame EAD2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=iDQs-8q7wxFzHnGgM04lzg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDY...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1

42 B
262 B

47ms
47ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW&google_gid=CAESEDuf_JHclEYcTnQm1a5KWsw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame EAD2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=iDQs-8q7wxFzHnGgM04lzg&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDoofCLMCFb3ziM9InhwPh182pHA4M4YyogaC-yQ0PmE8V8At-0i5_c-vwRMxjoxDLIMUtuE0Ive3ZdzhQdFhE8qjl8SOWIilH_-a-djN_IqfDxM1c6w
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofCLMCFb3ziM9InhwPh182pHA4M4YyogaC-yQ0PmE8V8At-0i5_c-vwRMxjoxDLIMUtuE0Ive3ZdzhQdFhE8qjl8SOWIilH_-a-djN_IqfDxM1c6w

170 B
233 B

48ms
48ms

Image
image/png

2607:f8b0:4004:c1d::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofCLMCFb3ziM9InhwPh182pHA4M4YyogaC-yQ0PmE8V8At-0i5_c-vwRMxjoxDLIMUtuE0Ive3ZdzhQdFhE8qjl8SOWIilH_-a-djN_IqfDxM1c6w

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=

Protocol

Server

2607:f8b0:4004:c1d::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoofCLMCFb3ziM9InhwPh182pHA4M4YyogaC-yQ0PmE8V8At-0i5_c-vwRMxjoxDLIMUtuE0Ive3ZdzhQdFhE8qjl8SOWIilH_-a-djN_IqfDxM1c6w
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/ Frame EAD2
Redirect Chain

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW
https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW

42 B
254 B

47ms
46ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
an-x-request-uuid: a43911cc-beca-474e-9218-f3b661fcfeed
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=8222142341378785510&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/ Frame EAD2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW

42 B
266 B

47ms
46ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://pixel.sojern.com/idsync/ttd?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&sjrn_id=uUTQKich4MY724itE-RsBMr_jUhD_y2feEEdcQAKXo5onpGOqDYQBgkwMi7s1IOW
date: Sun, 28 Jan 2024 22:25:48 GMT
server: Kestrel
content-length: 327

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame EAD2
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=88342cfb-cabb-c311-731e-71a0334e25ce&party=1296
https://pixel.sojern.com/idsync/adf?adfid=9151410024127054043&cid=88342cfb-cabb-c311-731e-71a0334e25ce

0
206 B

48ms
47ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=9151410024127054043&cid=88342cfb-cabb-c311-731e-71a0334e25ce
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=MIAXR&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=9151410024127054043&cid=88342cfb-cabb-c311-731e-71a0334e25ce
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 7F23 488 B
1 KB 31ms
31ms Script
application/x-javascript 3.161.209.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&upid=byw7ch4&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.209.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-209-109.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 20:59:45 GMT
Via: 1.1 cedddf018b0456d4e84e339e4b25cc2e.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P1
Age: 5164
x-amz-server-side-encryption: AES256
ETag: "2775054c068b37509e0798448f7fd32c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: Gz1cuE0Q_tA6M8YyEM6SF5nO5XGx25kjKkKOT12jWHzcFFSTdPBd7Q==

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 148ms
36ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2028%20Jan%202024%2022%3A25%3A48%20GMT&n=10&b=The%20St.%20Regis%20Bal%20Harbour%20Resort&.yp=405909&f=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm%2Cadobe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 149ms
36ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20St.%20Regis%20Bal%20Harbour%20Resort&.yp=405909&f=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&enc=UTF-8&yv=1.15.1&hsr=&et=custom&ea=ViewProduct&cc=&cio=%7C&cid=&tagmgr=gtm%2Cadobe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 28 Jan 2024 22:25:48 GMT

GET
H2

200

ibs:dpid=19360&dpuuid=
dpm.demdex.net/ibs:dpid=19360&dpuuid=90749123238939382902171924092200732151&expiration=1706567149&nuid=90749123238939382902171924092200732151&rurl=https://dpm.demdex.net/ Frame 9C87
Redirect Chain

https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=90749123238939382902171924092200732151&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=19360&dpuuid=90749123238939382902171924092200732151&expiration=1706567149&nuid=90749123238939382902171924092200732151&rurl=https://dpm.demdex.net/ibs:dpid=19360&...

42 B
729 B

43ms
43ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=19360&dpuuid=90749123238939382902171924092200732151&expiration=1706567149&nuid=90749123238939382902171924092200732151&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0036234de.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: VvR4pBzvTww=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dpm.demdex.net/ibs:dpid=19360&dpuuid=90749123238939382902171924092200732151&expiration=1706567149&nuid=90749123238939382902171924092200732151&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H/1.1 200
OK NYE_Celebration_Dinner_-.jpg
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/ 486 KB
487 KB 98ms
96ms Image
image/jpeg 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/NYE_Celebration_Dinner_-.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 68ba856727e49d16ea40ed6c8194f24d210369d098ddc53ac4792e91a8c6a1e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: iY70V8WyhTVZC9TfhbzYrklsQAVAwUu3
Last-Modified: Mon, 28 Nov 2022 21:49:25 GMT
Server: AmazonS3
x-amz-request-id: WY53BRXXJ1XA9MBV
ETag: "11a1fc7f0c43be73349b9969394f0972"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 497892
x-amz-id-2: 1g0WyFOq2hB6AAcA7npRy7/LgE5oVJDGFEbwaVN9Cm21uX2HJuDAfYILCJrCmamNdrzl8QqMpks=

GET
H/1.1 200
OK Oceanfront_Day_Villas.jpg
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/ 494 KB
495 KB 129ms
127ms Image
image/jpeg 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/Oceanfront_Day_Villas.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 526eb717dad4c19e2f555330c942acfd66e22d44bd11597f2ccc4a4219d8bc2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: mp_2q2kPPoigizW71ou3xyvXYTeVj1LH
Last-Modified: Thu, 17 Nov 2022 17:00:18 GMT
Server: AmazonS3
x-amz-request-id: WY55567H52TNJ422
ETag: "5c555114e4addb18eaf7e78776a3fb09"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 505982
x-amz-id-2: QHZpoYYpGuYsmXXeOwNPH6QT7Vx4U1g31qylYB4p58FBmMC56B/FQWpXGlOC3PgoXTwdR2Zy5Js=

GET
H/1.1 200
OK SR_BALHARBOUR_GW_SELECTS_042.jpg
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/ 743 KB
744 KB 99ms
97ms Image
image/jpeg 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/SR_BALHARBOUR_GW_SELECTS_042.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d8575fc91bafe2e8ec1bf5cbc1b13091362173e4856559c3e6e41a839285e5a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: PvmkjklrGfK6.cc0ZuZVs_kF3.wrm9az
Last-Modified: Mon, 28 Nov 2022 22:03:02 GMT
Server: AmazonS3
x-amz-request-id: WY59ER69VXSJRZSH
ETag: "458df131f1e9d6d9382318af0649c1a7"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 761226
x-amz-id-2: L0xLuspb3baDgOlUCfITNjWa7yrRckS3SxRAsVepmgzRCeWEkV3JG6ScyLA3Ac5Mw9BIM1rNxo8=

GET
H/1.1 200
OK 9aa69ffc-7052-405e-a3c5-a8bcbb0cac8c.png
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/service_image/ 172 KB
173 KB 165ms
103ms Image
image/png 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/service_image/9aa69ffc-7052-405e-a3c5-a8bcbb0cac8c.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5471c6c3defc3274753615107ad860b9c74613aa31fb8731c6bf6f43e9333378

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: YDFeBbgJrwGRLDmCVauCXlZinfA8Ncik
Last-Modified: Thu, 22 Dec 2022 05:27:45 GMT
Server: AmazonS3
x-amz-request-id: WY5FVF7TZXJWZM4H
ETag: "3e81f484fe3152f0089947a79293054b"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 176593
x-amz-id-2: 2Sdrh0pkoEY1utMUjvb1NDfzHdWEVKBaLoSk9MfTEtOEZRddNKKfw/p23+9PQxzHNiA8Lz5jAfM=

GET
H/1.1 200
OK DSC09839.jpg
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/ 559 KB
559 KB 151ms
88ms Image
image/jpeg 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/DSC09839.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ed3ec5754878418d53700a992cf435dd4f17b22262398a4936d62d706e96986

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: CkkYakT7eTMEb_PikkY5f5xmki3Sryup
Last-Modified: Mon, 28 Nov 2022 22:15:54 GMT
Server: AmazonS3
x-amz-request-id: WY5BZBWEB9K0Z6YD
ETag: "374a5e38be146813ddb4a1bacd3f4df0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 572142
x-amz-id-2: sokFIB1bbQCET4WsF0BRX43hPvnHxBt/qGWHfRASuduKiZtx06+p7OeHNBikSwPpQkzasjuXjRU=

GET
H/1.1 200
OK 2a551cad-8ffa-4cf2-9b7d-08f5676769d4.png
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/service_image/ 141 KB
141 KB 350ms
287ms Image
image/png 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/service_image/2a551cad-8ffa-4cf2-9b7d-08f5676769d4.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5dd189cea36b3e2cde3a78d07402b32003ab4904516d295545c1c4d5aec0657e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:49 GMT
x-amz-version-id: 9DCw9bcgVL449Dq44DRL0Nmn2UnXtSt2
Last-Modified: Wed, 02 Nov 2022 21:09:19 GMT
Server: AmazonS3
x-amz-request-id: WY566WMPR5FRHW6B
ETag: "89705e62e93e54e491f8dfd864416963"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 144369
x-amz-id-2: JPsS7R3OOKOhOtUnVvWHqVK0fP451hLzFmqAPfS40bNQTtdbr4nkohm2bKcVVESrvoub000trDg=

GET
H/1.1 200
OK 2de0311a-d504-4c9e-b7d8-ffd9f1444e09.png
ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/service_image/ 140 KB
141 KB 115ms
113ms Image
image/png 52.216.38.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/theregisharbourresort/images/service_image/2de0311a-d504-4c9e-b7d8-ffd9f1444e09.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.38.73 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc81f0a04a5d562031e11f36abf197a5d3cae124a62c3a79927397b82337e683

Request headers

accept-language: en-US,en;q=0.9
Referer: https://thestregisbalharbourresort.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 22:25:50 GMT
x-amz-version-id: 02EdI4NdJW7f3WklQYEzgHe1n9PSeTVH
Last-Modified: Thu, 27 Jul 2023 17:15:40 GMT
Server: AmazonS3
x-amz-request-id: A430Y45CEB0RPGQX
ETag: "60c0a54300290e5822e494a91a4d2b00"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 143467
x-amz-id-2: DYb1iQX8EITQdENgDA0awWA2hm++KdXf5oM5euX42EewE0XHrkZiNqeFaJrAt7BqxorLCoGpWOs=

GET
H2 200 295183786cd8a1389865.woff
thestregisbalharbourresort.247activities.com/css/assets/ 1 KB
2 KB 40ms
39ms Font
font/woff 174.129.206.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://thestregisbalharbourresort.247activities.com/css/assets/295183786cd8a1389865.woff

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

174.129.206.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-174-129-206-94.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thestregisbalharbourresort.247activities.com/css/vendor.css?v=1703363396
Origin: https://thestregisbalharbourresort.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:02:50 GMT
server: nginx/1.24.0
etag: "6215ea2a-564"
x-frame-options: SAMEORIGIN
content-type: font/woff
accept-ranges: bytes
content-length: 1380
x-xss-protection: 1; mode=block

GET
H2 200 836072006419889 Show response
connect.facebook.net/signals/config/ 63 KB
13 KB 445ms
444ms Script
application/x-javascript 2a03:2880:f011:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836072006419889?v=2.9.143&r=stable&domain=thestregisbalharbourresort.247activities.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f011:100:face:b00c:0:3 Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4472846aafcee961f45e09809c3f4a96f1df5495241a44dc87a6ab4ed8c0c5d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 22:25:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 33EISgmY7Ay3LXJnbnN3Inm/u0M/F4Yb7GZpb8B/1a/+FvLYLTByXEn6t2faGyGeEXqoQtaOh2kK9JF1PrL0og==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame A1E8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6szhitj&ttd_tpi=1&gdpr_consent=
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

43 B
572 B

418ms
35ms

Image
image/gif

2606:ae80:1451:20::1780
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1451:20::1780 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type: image/gif
cache-control: no-cache
content-length: 43
expires: 0

Redirect headers

location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=13&gdpr=0&userid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
date: Sun, 28 Jan 2024 22:25:48 GMT
server: Kestrel
content-length: 247

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A1E8 42 B
526 B 578ms
77ms Image
image/gif 104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xNTc2ODAw&piggybackCookie=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 28 Jan 2024 22:25:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A1E8
Redirect Chain

https://login.dotomi.com/match/bounce/current?networkId=41440&version=1&nuid=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRTBuV2VMYVZoaUFFd0thSE5BUUVMX3dF&expiration=1706567148&nuid=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=

170 B
188 B

49ms
48ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRTBuV2VMYVZoaUFFd0thSE5BUUVMX3dF&expiration=1706567148&nuid=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=

Requested by

Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon-ddp&google_hm=QVFFRTBuV2VMYVZoaUFFd0thSE5BUUVMX3dF&expiration=1706567148&nuid=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

current
yahoo-match.dotomi.com/match/pixel/ Frame A1E8
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=PCLOUD&_hosted_id=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58678/cms?partner_id=PCLOUD&_hosted_id=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=
https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-c.GPLcFE2oAoi3dOkEIs176fcQazPb7Ujzg7~A

43 B
225 B

94ms
33ms

Image
image/gif

2606:ae80:1451:18::1720
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-c.GPLcFE2oAoi3dOkEIs176fcQazPb7Ujzg7~A
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1451:18::1720 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: image/gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 43
expires: 0

Redirect headers

location: https://yahoo-match.dotomi.com/match/pixel/current?networkId=67215&version=1&nuid=y-c.GPLcFE2oAoi3dOkEIs176fcQazPb7Ujzg7~A
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
partners.tremorhub.com/ Frame A1E8 43 B
175 B 100ms
32ms Image
image/gif 2600:1f18:612b:4200:b14f:6477:d561:27b0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIDT=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:b14f:6477:d561:27b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 28 Jan 2024 22:25:48 GMT
server: nginx
content-type: image/gif

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame A1E8 49 B
860 B 295ms
229ms Image
image/gif 198.148.27.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6658dc8946-t7v78
expires: -1

GET
H2 200 cksync.php
contextual.media.net/ Frame A1E8 57 B
652 B 450ms
384ms Image
image/gif 23.50.124.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=con&ovsid=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.50.124.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-50-124-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 22:25:49 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Sun, 28 Jan 2024 22:25:49 GMT

GET
H2 200 27205
tags.bluekai.com/site/ Frame A1E8 62 B
455 B 586ms
499ms Image
image/gif 23.39.185.111
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/27205?id=AQEE0nWeLaVhiAEwKaHNAQEL_wE&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.185.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-185-111.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 28 Jan 2024 22:25:49 GMT
content-length: 62
content-type: image/gif

GET
H2 200 fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.js Show response
tr.snapchat.com/config/com/ 2 KB
926 B 444ms
383ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.js?v=3.8.0-2401042024

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

8e3a64611d4ed90b06a740474f4196a39293fc4d947191e2a5f9ec86f1c9b5af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
Origin: https://thestregisbalharbourresort.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
x-envoy-upstream-service-time: 34
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame D769 672 B
1 KB 280ms
224ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=48e47728-2638-4b56-a7b0-2baca331f435&u_sclid=461d7601-0595-497b-971f-166081bece65

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sun, 28 Jan 2024 22:25:49 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 8

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
734 B 369ms
73ms XHR
application/json 23.202.153.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613977086519&pd=%7B%7D&cb=1706480748917&dep=2%2CPAGE_LOAD

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.153.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-153-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.68c83017.1706480749.e49083c3
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=600
content-length: 175
x-pinterest-rid: 8350748257835930
pin-unauth: dWlkPU1USmtNakF6TXpZdE9UYzVZUzAwWWpkaUxUazFOakF0WlRVME56QmpOR00zWlRKbA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
711 B 369ms
73ms XHR
application/json 23.202.153.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&tid=2613977086519&cb=1706480748918&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.153.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-153-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.68c83017.1706480749.e49083c6
x-envoy-upstream-service-time: 1
content-length: 175
x-pinterest-rid: 1279601766677002
pin-unauth: dWlkPVpUbG1PR1prT1RVdE1qQmpaUzAwWkdRNExXRTJOR0l0WkRSak4ySm1OamcxTWpReQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
711 B 368ms
73ms XHR
application/json 23.202.153.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1706480748919&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.153.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-153-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.68c83017.1706480749.e49083c4
x-envoy-upstream-service-time: 1
content-length: 175
x-pinterest-rid: 3189833328219385
pin-unauth: dWlkPVpqVXlaREE1TmpndFpURXdaQzAwWXpjeUxUaGlOVFV0TnpneFlUSXdOemd5WVRkbQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 77402c9e4d1f7e934ea489ab352fe7749a337196
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 en.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/54b25d98-3111-4bb0-813b-8594b0ad9115/ 165 KB
166 KB 301ms
301ms Fetch
application/json 23.39.184.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/54b25d98-3111-4bb0-813b-8594b0ad9115/en.json
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.184.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-184-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c7a5ac7699a044df2a6cb702caf1616b7fafe5dee0dcfb9448c21b46a6373034

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
last-modified: Thu, 10 Nov 2022 20:04:49 GMT
server: AkamaiNetStorage
etag: "b58b15cb2700bf67606f461bde78e511:1668110689.500815"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=149716
accept-ranges: bytes
content-length: 168616
expires: Tue, 30 Jan 2024 16:01:05 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
457 B 338ms
74ms Image
image/gif 23.202.153.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613977086519&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22a6d15c2a%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1706480748949

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.153.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-153-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.68c83017.1706480749.e49083c7
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1742818622355979
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ibs:dpid=22054
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=90749123238939382902171924092200732151&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=90749123238939382902171924092200732151&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
725 B

42ms
42ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0bd4383af.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: fWvTs4qfSjE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 300
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 755
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84cca74b5bb64bc9-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A4B4
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

0
0

121ms
39ms

Document
text/plain

18.214.41.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.41.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-41-71.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store
date: Sun, 28 Jan 2024 22:25:49 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time: D=39 t=1706480749
x-served-by: beacon-n027-ash-prod.krxd.net

Redirect headers

content-length: 0
date: Sun, 28 Jan 2024 22:25:49 GMT
location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
x-age: 0
x-cache: MISS
x-cache-hits: 0
x-served-by: usermatch-a018-ash-prod.krxd.net

GET
H3

200

pixel Show response
cm.g.doubleclick.net/ Frame 86A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OTdkOTMzMWEtMjdkYS00MmEzLTg0YTctMGQyNGJkN2FjMGM0&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24b...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&google_gid=CAESEDkorH7cuLk5BJBDHhUz8lQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdkOTMzMWEtMjdkYS00MmEzLTg0YTctMGQyNGJkN2FjMGM0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

170 B
188 B

52ms
51ms

Document
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdkOTMzMWEtMjdkYS00MmEzLTg0YTctMGQyNGJkN2FjMGM0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 22:25:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

content-length: 423
date: Sun, 28 Jan 2024 22:25:49 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTdkOTMzMWEtMjdkYS00MmEzLTg0YTctMGQyNGJkN2FjMGM0&google_push&gdpr=0&gdpr_consent=&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
server: Kestrel

GET
H2

200

setuid Show response
ib.adnxs.com/ Frame A86C
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8222142341378785510&ttd_tdid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4
https://ib.adnxs.com/setuid?entity=82&code=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=

43 B
1 KB

35ms
35ms

Document
image/gif

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/setuid?entity=82&code=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: b7968dcd-2fdb-4748-9b12-2c3f18fe2cee
cache-control: no-store, no-cache, private
content-length: 43
content-type: image/gif
date: Sun, 28 Jan 2024 22:25:49 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

Redirect headers

content-length: 231
date: Sun, 28 Jan 2024 22:25:49 GMT
location: https://ib.adnxs.com/setuid?entity=82&code=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=
server: Kestrel

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/14242/ Frame EAD2 2 KB
1 KB 212ms
211ms Script
text/javascript 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/14242/?random=1706480748975&cv=11&fst=1706480748975&bg=ffffff&guid=ON&async=1&gtm=45be41o0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstatic.sojern.com%2Fmarriott%2Fmhotels.html%3Fp%3Dundefined%26hprid%3DMIAXR%26hpr%3D%26hb%3Dundefined%26hc1%3Dundefined%26hn1%3Dundefined%26hs1%3Dundefined%26ffl%3Dundefined%26hl%3D%26t%3Dundefined%26hr%3Dundefined%26hd1%3D%26hd2%3D%26hconfno%3D%26hp%3Dundefined%26hcu%3D%26hrp%3Dundefined%26hdc%3Dundefined%26rew%3Dundefined%26l%3Dundefined%26vid%3Dhot%26cid%3D&top=https%3A%2F%2Fthestregisbalharbourresort.247activities.com&hn=www.googleadservices.com&frm=2&tiba=Marriott%20Hotels&pscdl=noapi&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-14242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

603de02c4b99c31138b5c6b0d97e2182d79be092b8de6cf9b8d3a56f6f256958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ibs:dpid=22069&dpuuid=2031391870330&gdpr=0&gdprconsent=
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233&gdpr=0&gdpr_consent=
https://tag.yieldoptimizer.com/ps/ps?tc=412503521&t=i&p=2233&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2031391870330&gdpr=0&gdprconsent=

42 B
714 B

49ms
49ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2031391870330&gdpr=0&gdprconsent=

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0e5653e14.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: FiczEwdwQPY=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2031391870330&gdpr=0&gdprconsent=
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ 0
120 B 70ms
69ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/14242/ Frame EAD2 42 B
455 B 109ms
45ms Image
image/gif 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/14242/?random=1706480748975&cv=11&fst=1706479200000&bg=ffffff&guid=ON&async=1&gtm=45be41o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fstatic.sojern.com%2Fmarriott%2Fmhotels.html%3Fp%3Dundefined%26hprid%3DMIAXR%26hpr%3D%26hb%3Dundefined%26hc1%3Dundefined%26hn1%3Dundefined%26hs1%3Dundefined%26ffl%3Dundefined%26hl%3D%26t%3Dundefined%26hr%3Dundefined%26hd1%3D%26hd2%3D%26hconfno%3D%26hp%3Dundefined%26hcu%3D%26hrp%3Dundefined%26hdc%3Dundefined%26rew%3Dundefined%26l%3Dundefined%26vid%3Dhot%26cid%3D&frm=2&tiba=Marriott%20Hotels&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_EYVphm5CacuOQjaNUX7pCCFHrp-qK51ZaB28Il3PXwGUGrLk&random=660533435&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame D769 41 KB
18 KB 37ms
37ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=48e47728-2638-4b56-a7b0-2baca331f435&u_sclid=461d7601-0595-497b-971f-166081bece65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:48:42 GMT
content-encoding: gzip
via: 1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
age: 5827
etag: dc4e3509882e40c68a170453af779220
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: G7VVTRDxGADbV10XTPV2OI-iwzBq29PQDVwKRqpOzR-GABC6Jrk9dA==

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
216 B 52ms
52ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 22:25:48 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CC6DE77980CD437B80B49A934086CA20 Ref B: EWR311000101045 Ref C: 2024-01-28T22:25:49Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQCQLgWXZnDpi+wuo9Og==

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 0398
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1706480749273&u_scsid=a36ed244-caa7-4d27-adde-b18a58be49c6&u_sclid=de4ca9c0-9ad3-47aa-84e4-79cee58b4ef3
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706035369688%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1706035369688%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1706035369688&pnid=140&pcid=3f1bcfe3-361c-47f7-bae8-263b25feb6eb

0
18 B

74ms
74ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1706035369688&pnid=140&pcid=3f1bcfe3-361c-47f7-bae8-263b25feb6eb

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Sun, 28 Jan 2024 22:25:49 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 10

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 28 Jan 2024 22:25:49 GMT
location: https://tr.snapchat.com/cm/p?rand=1706035369688&pnid=140&pcid=3f1bcfe3-361c-47f7-bae8-263b25feb6eb
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 65EF 565 B
626 B 77ms
76ms Document
text/html 23.202.153.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.153.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-153-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.68c83017.1706480749.e490879b
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 22:25:49 GMT
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 4519871045721384

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
704 B 65ms
65ms Image
image/gif 23.202.153.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&tid=2613977086519&cb=1706480749295&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22a6d15c2a%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.153.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-153-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.68c83017.1706480749.e490879c
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 1636183283052116
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
702 B 64ms
64ms Image
image/gif 23.202.153.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1706480749297&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22pin_unauth%22%3A%22dWlkPU1USmtNakF6TXpZdE9UYzVZUzAwWWpkaUxUazFOakF0WlRVME56QmpOR00zWlRKbA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22a6d15c2a%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.153.6 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-202-153-6.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.68c83017.1706480749.e490879d
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 531b9cd0463f023a295955d14cd84d005b70b1e1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1473301446290365
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ibs:dpid=28645&dpuuid=O0ye6DeJWP9GgVwv6ywoHg3c0NJ0I5me&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O0ye6DeJWP9GgVwv6ywoHg3c0NJ0I5me&gdpr=0&gdpr_consent=

42 B
714 B

44ms
43ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O0ye6DeJWP9GgVwv6ywoHg3c0NJ0I5me&gdpr=0&gdpr_consent=

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-07a6ce7c0.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 3dbrvKmdRQk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O0ye6DeJWP9GgVwv6ywoHg3c0NJ0I5me&gdpr=0&gdpr_consent=
date: Sun, 28 Jan 2024 22:25:48 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1329071
content-length: 0

GET
H2 200 otFloatingRounded.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/ 10 KB
11 KB 117ms
116ms Fetch
application/json 23.39.184.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otFloatingRounded.json
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.184.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-184-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
etag: "becf963d0b2b5f4544a5ec243252794c:1654544379.603934"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=179205
accept-ranges: bytes
content-length: 9894
expires: Wed, 31 Jan 2024 00:12:34 GMT

GET
H2 200 otPcTab.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/ 47 KB
48 KB 66ms
64ms Fetch
application/json 23.39.184.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/otPcTab.json
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.184.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-184-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
last-modified: Mon, 06 Jun 2022 19:40:07 GMT
server: AkamaiNetStorage
etag: "398ef3d808c735374c8e1b4d3984d51a:1654544407.4634"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=133326
accept-ranges: bytes
content-length: 47745
expires: Tue, 30 Jan 2024 11:27:55 GMT

GET
H2 200 otCommonStyles.css Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/ 20 KB
4 KB 73ms
72ms Fetch
text/css 23.39.184.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otCommonStyles.css
Requested by: Host: thestregisbalharbourresort.247activities.com
URL: https://thestregisbalharbourresort.247activities.com/js/main.js?v=1703363396
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.184.114 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-184-114.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
etag: "61ee8e79970dcae1685a883b098b34d0:1654544379.290447"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=558596
accept-ranges: bytes
content-length: 4130
expires: Sun, 04 Feb 2024 09:35:45 GMT

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm
https://tag.yieldoptimizer.com/ps/ps?tc=935079469&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm

675 B
675 B

46ms
45ms

Image
text/javascript

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=935079469&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm
Protocol: H3
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 675
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=935079469&t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ps
tag.yieldoptimizer.com/ps/ 675 B
675 B 49ms
48ms Image
text/javascript 35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mhcy=&mhcr=&mhcd=MIAXR&mhst=&mhnm=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 675
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ibs:dpid=30646
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=90749123238939382902171924092200732151&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=90749123238939382902171924092200732151&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RHE7P7dE2pElpQtPDwRm0_JKDiu_xI0Ek4g-~A

42 B
714 B

43ms
42ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RHE7P7dE2pElpQtPDwRm0_JKDiu_xI0Ek4g-~A

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0444370bd.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 3TCnNvzzQvg=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RHE7P7dE2pElpQtPDwRm0_JKDiu_xI0Ek4g-~A
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 144ms
47ms Image
text/plain 2a03:2880:f111:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&rl=&if=false&ts=1706480749449&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706480749447.1117652161&cs_est=true&ler=empty&cdl=API_unavailable&it=1706480748896&coo=false&exp=d1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f111:181:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Jan 2024 22:25:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 p
tr6.snapchat.com/ 0
46 B 68ms
64ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

ibs:dpid=80742&dpuuid=58ad4ae8-e2cc-4666-a9ae-ec04c594f912
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=58ad4ae8-e2cc-4666-a9ae-ec04c594f912

42 B
714 B

43ms
43ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=58ad4ae8-e2cc-4666-a9ae-ec04c594f912

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0f5c2c728.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: IAc3dig+Rgw=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=58ad4ae8-e2cc-4666-a9ae-ec04c594f912
date: Sun, 28 Jan 2024 22:25:49 GMT
content-length: 0
request-time: 0

GET
H2 404 usync.php
pxl.jivox.com/tags/sync/ Frame 9C87 0
0 38ms
37ms Image
text/html 3.227.143.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.143.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-143-21.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 DMCSuccessLogger
login-ds.dotomi.com/ucm/ Frame A1E8 43 B
140 B 43ms
32ms Image
image/gif 2606:ae80:1451:18::1720
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login-ds.dotomi.com/ucm/DMCSuccessLogger?dtmid=419807417273180297&sessionid=1706480748660&comId=2814&dtm_command_op_date=1706480748659&uniqueid=419807417266200286&px_timeout=1500&px_latencies=%5B%7B%22px_id%22%3A%2228109%22%2C%22px_latency%22%3A456%7D%2C%7B%22px_id%22%3A%2228149%22%2C%22px_latency%22%3A587%7D%2C%7B%22px_id%22%3A%2228229%22%2C%22px_latency%22%3A91%7D%2C%7B%22px_id%22%3A%2228309%22%2C%22px_latency%22%3A757%7D%2C%7B%22px_id%22%3A%2228589%22%2C%22px_latency%22%3A104%7D%2C%7B%22px_id%22%3A%2228789%22%2C%22px_latency%22%3A311%7D%2C%7B%22px_id%22%3A%2228869%22%2C%22px_latency%22%3A469%7D%2C%7B%22px_id%22%3A%2228909%22%2C%22px_latency%22%3A589%7D%5D
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=MIAXR&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1451:18::1720 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.dotomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
cache-control: max-age=0, no-store
server: nginx
content-length: 43
content-type: image/gif

POST
H3 200 p
tr.snapchat.com/ 0
17 B 65ms
64ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://thestregisbalharbourresort.247activities.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

ibs:dpid=66757
dpm.demdex.net/ Frame 9C87
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=90749123238939382902171924092200732151
https://dpm.demdex.net/ibs:dpid=66757?id=90749123238939382902171924092200732151&dpuuid=QEEJaX6b

42 B
714 B

44ms
44ms

Image
image/gif

18.204.157.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=66757?id=90749123238939382902171924092200732151&dpuuid=QEEJaX6b

Protocol

Server

18.204.157.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-204-157-42.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0ccb464a8.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Tbp8+3ioR2A=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: //dpm.demdex.net/ibs:dpid=66757?id=90749123238939382902171924092200732151&dpuuid=QEEJaX6b
date: Sun, 28 Jan 2024 22:25:49 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a015-ash-prod.krxd.net

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJiVWF3QUFBSWRXaUFOLQ==

170 B
188 B

44ms
44ms

Image
image/png

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJiVWF3QUFBSWRXaUFOLQ==

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-yyz4520-YYZ
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706480750.897937,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WmJiVWF3QUFBSWRXaUFOLQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbbUawAAAIdWiAN-&expires=90

42 B
935 B

256ms
39ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbbUawAAAIdWiAN-&expires=90
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08c627b67f10e75995ce6908d3f9f7b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-yyz4520-YYZ
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706480750.932661,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZbbUawAAAIdWiAN-&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbbUawAAAIdWiAN-
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbbUawAAAIdWiAN-&C=1

43 B
339 B

55ms
54ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZbbUawAAAIdWiAN-&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNqfZ9uFynQrr2YkkZ3yEogOCSr1qlIod1q7xH8zHk%2F7EGG1omIo%2BptUvK6i3fi08FVSdp5I0yWq6Z%2BarUQBPAFQs2yxftHOgB1%2B7AAyAoPNEvDAC2nLi6kksgh1%2F1aGKihaIEc267YPkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84cca750db6d3739-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaqYUHAQ7whzC9ejoBbW7l6w%2FfTrjKyOesQTMQO9hjGgM5dZCXV2B6m9mbf0%2BtJbEjkHsrwEjUGSmdMTQPt1TOPJjkhcIy1iBH%2F8yKbDQTgzrWacP5rRH5G2gkVwtQVD4%2BfM3P4bygoDbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=ZbbUawAAAIdWiAN-&C=1
cache-control: no-cache
cf-ray: 84cca7505a6a3739-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

setuid
ib.adnxs.com/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZbbUawAAAIdWiAN-

43 B
1 KB

79ms
78ms

Image
image/gif

68.67.161.182
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZbbUawAAAIdWiAN-

Protocol

Server

68.67.161.182 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:50 GMT
an-x-request-uuid: 91d66e59-5dcd-444e-ac10-71b2862ef05c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-yyz4520-YYZ
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:50 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706480750.134686,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZbbUawAAAIdWiAN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZbbUawAAAIdWiAN-
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZbbUawAAAIdWiAN-

43 B
171 B

50ms
49ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZbbUawAAAIdWiAN-
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 22:25:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZbbUawAAAIdWiAN-
date: Sun, 28 Jan 2024 22:25:50 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbbUawAAAIdWiAN-

1 B
318 B

78ms
77ms

Image
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbbUawAAAIdWiAN-
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 22:25:49 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-yyz4520-YYZ
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:50 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706480750.342506,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZbbUawAAAIdWiAN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET

partner
sync.search.spotxchange.com/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbbUawAAAIdWiAN-&img=1

0
0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 9C87
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbbUawAAAIdWiAN-&t=2592000&o=0

43 B
1 KB

91ms
91ms

Image
image/gif

2a03:2880:f111:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbbUawAAAIdWiAN-&t=2592000&o=0

Protocol

Server

2a03:2880:f111:181:face:b00c:0:25de Lithia Springs, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
date: Sun, 28 Jan 2024 14:25:50 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: public
x-fb-debug: uZQ8xn4Cf9L6AMN02aH46JNbZz7t44s0yq3XognHIGngsGBfeKVY4BK2vL+qxzlTAjrB/jko+00igy7EIge7Yg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sun, 28 Jan 2024 14:25:50 PST

Redirect headers

x-served-by: cache-yyz4520-YYZ
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:50 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706480751.537128,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZbbUawAAAIdWiAN-&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

s.gif
cm.ipinyou.com/xcms/aam/ Frame 9C87
Redirect Chain

https://cm.ipinyou.com/xcmr/aam/r.gif
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=O1T6Po3CcrWe&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D
https://cm.ipinyou.com/xcms/aam/s.gif?tid=90749123238939382902171924092200732151

43 B
485 B

228ms
227ms

Image
image/gif

152.136.179.124
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/xcms/aam/s.gif?tid=90749123238939382902171924092200732151
Protocol: HTTP/1.1
Server: 152.136.179.124 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jan 2024 22:25:51 GMT
Server: nginx/1.21.6
Transfer-Encoding: chunked
Content-Type: image/gif
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

dcs: dcs-prod-va6-2-v053-053936ea8.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 28 Jan 2024 22:25:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: +DYILtBLS3c=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://cm.ipinyou.com/xcms/aam/s.gif?tid=90749123238939382902171924092200732151
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 RC5f6ce8aca7344b4f8959f212ee5399a8-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/ 390 B
495 B 53ms
53ms Script
application/x-javascript 2600:1418:a000:5af::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/209df743d684/RC5f6ce8aca7344b4f8959f212ee5399a8-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:5af::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 43cf829ce77a9d60607211a5331d2d6212801941698296ea0496be67792a0a95

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 22:25:56 GMT
content-encoding: gzip
last-modified: Thu, 25 Jan 2024 19:57:35 GMT
server: AkamaiNetStorage
etag: "699c2629d4fc006c364f43a6a4042620:1706212655.266221"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 258
expires: Sun, 28 Jan 2024 23:25:56 GMT

GET

cksync
hb.yahoo.net/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=hbq9bjg&ct=0:uti0uav&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://tags.bluekai.com/site/5386?id=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://ups.analytics.yahoo.com/ups/55953/sync?uid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HTWlGVko1RTJ1RXRXSzFfVV9HcHVvRWc4elhGVmR0RX5B&gdpr=0&ovsid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&dpid=55953

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.rundsp.com
URL: https://match.rundsp.com/match.gif?id=90749123238939382902171924092200732151&partner=adobe

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbbUawAAAIdWiAN-&img=1

Domain: hb.yahoo.net
URL: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1HTWlGVko1RTJ1RXRXSzFfVV9HcHVvRWc4elhGVmR0RX5B&gdpr=0&ovsid=97d9331a-27da-42a3-84a7-0d24bd7ac0c4&dpid=55953

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 18:02:47	Name: X-AB Value: dc4e3509882e40c68a170453af779220
.247activities.com/	1970-01-21 03:37:20	Name: _ga Value: GA1.2.111355709.1706480745
.247activities.com/	1970-01-20 18:02:47	Name: _gid Value: GA1.2.386350075.1706480745
.247activities.com/	1970-01-20 18:01:20	Name: _gat Value: 1
.demdex.net/	1970-01-20 22:20:32	Name: demdex Value: 90749123238939382902171924092200732151
.247activities.com/	1969-12-31 23:59:59	Name: AMCVS_664516D751E565010A490D4C%40AdobeOrg Value: 1
thestregisbalharbourresort.247activities.com/	1970-01-21 02:45:30	Name: csrftoken Value: d5yNxAUJUifUHI3jw1Q9V2PMmQccREMvnOagYgyTHknILRfkco3ICTmLN9Hn4Nii
thestregisbalharbourresort.247activities.com/	1970-01-20 18:01:56	Name: sessionid Value: mdjbr0zmcem4mkifh01znw3u5zc6llfi
.adnxs.com/	1970-01-20 20:10:56	Name: XANDR_PANID Value: ctjlVqbfi_o2wrQIEno-HJysXQ1Wj_tgFW2WSutO9bPx5stHI7f5lN0ghdVqJVj1Ik8sToul42mnd4UWg4vL3TJo_307Ze4LyHOdbzk_Euk.
.adnxs.com/	1970-01-21 03:37:20	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:10:56	Name: uuid2 Value: 8222142341378785510
.everesttech.net/	1970-01-21 02:46:56	Name: everest_g_v2 Value: g_surferid~ZbbUawAAAIdWiAN-
.dpm.demdex.net/	1970-01-20 22:20:32	Name: dpm Value: 90749123238939382902171924092200732151
.247activities.com/	1970-01-20 18:01:22	Name: s_tbm Value: true
.247activities.com/	1969-12-31 23:59:59	Name: s_campaign Value: Unpaid%20Referrals%3A%20Typed%2FBookmarked
.247activities.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.247activities.com/	1970-01-21 03:37:20	Name: AMCV_664516D751E565010A490D4C%40AdobeOrg Value: -1712354808%7CMCIDTS%7C19751%7CMCMID%7C90494342403771612432180487309513690014%7CMCAAMLH-1707085547%7C7%7CMCAAMB-1707085547%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1706487947s%7CNONE%7CMCSYNCSOP%7C411-19758%7CvVersion%7C4.3.0
.rlcdn.com/	1970-01-21 02:46:56	Name: rlas3 Value: u5MhtFsPj/BXV1Wsn5ZNbCC2Lv8EbKE+PqwTxs5xBnQ=
.rlcdn.com/	1970-01-20 19:27:44	Name: pxrc Value: COuo260GEgUI6AcQABIGCPHrARAA
.doubleclick.net/	1970-01-21 03:37:20	Name: IDE Value: AHWqTUmKV7SZsEnHp4WvoUSrzwE_74FdUXSVPGzuCvLxLBs5Sol61Zw3YJAo3rTVnoE
.adsrvr.org/	1970-01-21 02:48:23	Name: TDID Value: 97d9331a-27da-42a3-84a7-0d24bd7ac0c4
.247activities.com/	1970-01-20 20:10:56	Name: _gcl_au Value: 1.1.1418573475.1706480748
.bing.com/	1970-01-21 03:22:56	Name: MUID Value: 11E303C3FD116E2D052617D7FC9E6FD8
.c.bing.com/	1970-01-20 18:11:25	Name: MR Value: 0
.247activities.com/	1970-01-20 18:02:47	Name: _uetsid Value: 2fc62540be2c11eebfdb971b4cdf05d0
.247activities.com/	1970-01-21 03:22:56	Name: _uetvid Value: 2fc66300be2c11eea7194762e018d9a3
.jivox.com/	1970-01-20 20:10:56	Name: jvxsync Value: u2Hpjq6VCMPM
.247activities.com/	1970-01-20 18:01:22	Name: _dpm_ses.58f9 Value: *
.247activities.com/	1970-01-21 02:46:56	Name: _dpm_id.58f9 Value: 5b0ad743-7b19-417c-8a79-3bfd45dcec0d.1706480749.1.1706480749.1706480749.b2349dfc-41e3-45af-815a-5823e314e237
.bing.com/	1970-01-21 03:22:56	Name: MSPTC Value: kwd2mt8uNVR79SkNPj_hfcqTPDsj5_XcAKPa3TmJYTI
.bat.bing.com/	1970-01-20 18:11:25	Name: MR Value: 0
.flashtalking.com/	1970-01-21 03:30:44	Name: flashtalkingad1 Value: "GUID=5871766A08EAF0"
.media6degrees.com/	1970-01-20 22:20:32	Name: clid Value: 2s7zsz001171sxsxklb8xl76000000010s010501101
.media6degrees.com/	1970-01-20 22:20:32	Name: acs Value: 012020k1s7zsz0xzt10
.dotomi.com/	1969-12-31 23:59:59	Name: DotomiSession_2814 Value: 2_1706480748660$419807417273180297$824746188$1706480748661
.dotomi.com/	1970-01-21 02:48:23	Name: DotomiSync Value: 0$19750$19750$41440-0#41026-0#16164-0#57734-0#14200-0#17100-0#67215-0#1103-0#
.dotomi.com/	1970-01-21 03:27:15	Name: DotomiUser Value: 419807417273180297$0$824746188$$1
.sojern.com/	1970-01-21 02:46:56	Name: cid Value: 88342cfb-cabb-c311-731e-71a0334e25ce#1706400000000
.sojern.com/	1970-01-20 18:44:32	Name: ttdid Value: 97d9331a-27da-42a3-84a7-0d24bd7ac0c4
.sojern.com/	1970-01-21 02:46:56	Name: gid Value: CAESEDuf_JHclEYcTnQm1a5KWsw
.sojern.com/	1970-01-20 20:10:56	Name: apnid Value: 8222142341378785510
.thestregisbalharbourresort.247activities.com/	1969-12-31 23:59:59	Name: Value: GA1.3.111355709.1706480745
.thestregisbalharbourresort.247activities.com/	1970-01-20 18:02:47	Name: _gid Value: GA1.3.1511643472.1706480749
.linkedin.com/	1970-01-20 20:10:56	Name: li_sugr Value: 45483631-4bf2-4870-8e90-71aab52d5d9e
.linkedin.com/	1970-01-21 02:46:56	Name: bcookie Value: "v=2&4de64452-9045-4aca-89a1-20ef70637290"
.linkedin.com/	1970-01-20 18:02:47	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3116:u=1:x=1:i=1706480748:t=1706567148:v=2:sig=AQG02GTA7hReT-d50PiNNk2YyFbuevzD"
.adform.net/	1970-01-20 18:45:59	Name: C Value: 1
.doubleclick.net/	1970-01-20 22:20:32	Name: receive-cookie-deprecation Value: 1
.linkedin.com/	1970-01-20 18:44:32	Name: UserMatchHistory Value: AQI92p4aDUdWYQAAAY1SLcjWf1JmwLNvPrCKILuC6ZCEGvKuLUPrMK7JTrZQzYhrIB4rxhdTdF4vEQ
.linkedin.com/	1970-01-20 18:44:32	Name: AnalyticsSyncHistory Value: AQJebwyEfd0angAAAY1SLcjW3JkBqBAlrvICFnrZxVNIXwXzR9oWY1kj6HtH4VZvZOOaDPdq6WaEAFkcy7Iclg
.tvpixel.com/	1970-01-21 02:46:56	Name: sp Value: 30ab4de1-7191-431c-8e52-be49edc05659
.marriott.com/	1970-01-20 20:10:56	Name: jvxsync Value: u2HpjuwHHMMK
.adform.net/	1970-01-20 19:27:44	Name: uid Value: 9151410024127054043
.doubleclick.net/	1970-01-20 18:44:32	Name: ar_debug Value: 1
.www.linkedin.com/	1970-01-21 02:46:56	Name: bscookie Value: "v=1&20240128222548ab357c07-c2d8-4c21-887f-40d229e388fbAQEQX5GkX8JCUjF1mM_FK1nx8DZKo_Zu"
.247activities.com/	1970-01-21 03:31:07	Name: _scid Value: e9107d30-098e-49cf-8ef5-91a792c099bf
.247activities.com/	1970-01-21 03:31:07	Name: _scid_r Value: e9107d30-098e-49cf-8ef5-91a792c099bf
.sojern.com/	1970-01-21 02:46:56	Name: adfid Value: 9151410024127054043
.contextweb.com/	1970-01-21 02:39:44	Name: V Value: LqZrR0RXf1UC
.contextweb.com/	1970-01-21 02:46:56	Name: pb_rtb_ev Value: 3-1pdt\|2N.0.AQEE0nWeLaVhiAEwKaHNAQEL_wE
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 15828cf1c24a9b30
.pinterest.com/	1970-01-21 02:46:56	Name: ar_debug Value: 1
.thestregisbalharbourresort.247activities.com/	1970-01-21 02:46:56	Name: _pin_unauth Value: dWlkPU1USmtNakF6TXpZdE9UYzVZUzAwWWpkaUxUazFOakF0WlRVME56QmpOR00zWlRKbA
.yieldoptimizer.com/	1970-01-21 02:46:56	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-21 02:46:56	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 02:46:56	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.snapchat.com/	1970-01-21 03:22:56	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ0AIQgEwIpIFlhBrhujoQqL93vzmtqrWT3Egim0rVKlLdN9mfdBjHOV+DQRnEjW/RUPa29bEkAAAAA=
.adsrvr.org/	1970-01-21 02:48:23	Name: TDCPM Value: CAESEgoDYWFtEgsInLzPw8OW0DwQBRITCgRrcnV4EgsI0Oz-xcOW0DwQBRIVCgZnb29nbGUSCwjEjv_Fw5bQPBAFEhcKCGFwcG5leHVzEgsIrvr4ycOW0DwQBRIWCgc2c3poaXRqEgsIuLH3yMOW0DwQBRgBIAIoAjILCPyn-vXZltA8EAU4AVoHNnN6aGl0amAC
.media.net/	1970-01-21 02:46:56	Name: visitor-id Value: 3494823496634274000V10
.media.net/	1970-01-21 02:45:30	Name: data-co Value: AQEE0nWeLaVhiAEwKaHNAQEL_wE~~3
.dotomi.com/	1970-01-21 03:27:15	Name: UP Value: 419807417273180297$0$824746188$$1
.dotomi.com/	1970-01-21 03:27:15	Name: receive-cookie-deprecation Value: 1
.ct.pinterest.com/	1970-01-21 02:46:56	Name: _pinterest_ct_ua Value: "TWc9PSZaZ3dBL2JLYmhnR3U5TlNvdDJ0a0FlR2ZMOVErNVJUSFU2UlZOSXI5NEhheU1FeW1wRUJlMCtKa0pjWE5ZR0ZRVEoxSE1hNmdEODhVOXNWNTgrMVRtd0dKbmsxY09IZStYREFoU215dUlpZz0mRU5IdFU3MCt5T3N0SGovQ2ovNEZkMlkvZGpNPQ=="
.yieldoptimizer.com/	1970-01-21 02:46:56	Name: ckid Value: 2031391870330
.criteo.com/	1970-01-21 03:22:56	Name: uid Value: 1065abfb-b1ea-4db1-ac40-c2e5055b174b
.yieldoptimizer.com/	1970-01-21 02:46:56	Name: cktst Value: 935079469
.tribalfusion.com/	1970-01-20 20:10:56	Name: ANON_ID Value: acnsmAr2PKdFuYnRXqnA89ZcMI4ZcdrLXfgdnYiN0nZbwZdGTZc3mEZaZc2YLu3dy9rfJPWseGEkbhLCA5X
.247activities.com/	1970-01-20 20:10:56	Name: _fbp Value: fb.1.1706480749447.1117652161
.tapad.com/	1970-01-20 19:27:44	Name: TapAd_TS Value: 1706480749431
.tapad.com/	1970-01-20 19:27:44	Name: TapAd_DID Value: 3f1bcfe3-361c-47f7-bae8-263b25feb6eb
.yieldoptimizer.com/	1970-01-21 02:46:56	Name: dph Value: %7B%22t%22%3A%5B132142%5D%2C%22dp%22%3A%5B1057%5D%7D
.yieldoptimizer.com/	1970-01-21 02:46:56	Name: ph Value: %7B%22p%22%3A%5B1490%2C39%2C1032%2C1022%5D%2C%22t%22%3A%5B132142%2C132142%2C132142%2C132142%5D%7D
.pubmatic.com/	1970-01-20 20:10:56	Name: KRTBCOOKIE_32 Value: 11175-AQEE0nWeLaVhiAEwKaHNAQEL_wE&KRTB&22713-AQEE0nWeLaVhiAEwKaHNAQEL_wE&KRTB&22715-AQEE0nWeLaVhiAEwKaHNAQEL_wE&KRTB&23519-AQEE0nWeLaVhiAEwKaHNAQEL_wE
thestregisbalharbourresort.247activities.com/	1970-01-21 02:46:56	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Jan+28+2024+12%3A25%3A49+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=6.26.0&isIABGlobal=false&hosts=&consentId=8a5d5812-5bbb-448f-b9c8-88c899fc7937&interactionCount=0&landingPath=https%3A%2F%2Fthestregisbalharbourresort.247activities.com%2F&groups=1%3A1%2C3%3A1%2C4%3A1%2C6%3A1
.bluekai.com/	1970-01-20 22:23:25	Name: bku Value: HVG99slD+ZDma9z9
.bluekai.com/	1970-01-20 22:23:25	Name: bkpa Value: KJy9m9ecd02pSUHknp/l1M9NwtkAwDaHHDDyqk5kEsaVSskOHU5nRDCmxPaaEa2lHuj7jcO0UtBFq7Bkq7x29ye0FOvB
.analytics.yahoo.com/	1970-01-21 02:46:56	Name: IDSYNC Value: 19cu~2gfy
.yahoo.com/	1970-01-21 02:47:18	Name: A3 Value: d=AQABBGzUtmUCEF0b7Td9Fh5i2Bhe4vuY_GgFEgEBAQEluGXAZdxH0iMA_eMAAA&S=AQAAAhtS55gvKDvNsIRHWcB9-OM
.tapad.com/	1970-01-20 19:27:44	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 22:20:32	Name: _kuid_ Value: QEEJaX6b
.innovid.com/	1970-01-20 20:10:56	Name: uuid Value: 58ad4ae8-e2cc-4666-a9ae-ec04c594f912-20240128 17:25:49
.casalemedia.com/	1970-01-21 02:46:56	Name: CMID Value: ZbbUbr3RwfqPjW4rIB1uzwAA
.casalemedia.com/	1970-01-20 20:10:56	Name: CMPS Value: 1309
.casalemedia.com/	1970-01-20 20:10:56	Name: CMPRO Value: 1309
.rubiconproject.com/	1970-01-21 02:46:56	Name: khaos Value: LRY2KTWF-2-ENT8
.rubiconproject.com/	1970-01-21 02:46:56	Name: audit Value: 1\|IAkbZZt5WO6IMuKSiIhgPgCnp/wOORs9Uy7wOlBUgkx+xL8LlrcUaNevUmaYkeo2dry2uVCke/CM1KxoLazIt8oW2SgbbjsrEOjxxX8e+bOyC8q2pGEee2+yA/13kfqkhzKdlJ1kP0p/6K+MJaMXAo76/Gy8ewrDCOeqF/Dn4Co=
.rubiconproject.com/	1970-01-20 20:10:56	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:10:56	Name: anj Value: dTM7k!M41$CxrEQF']wIg2E?`noVX*!]tbh8i_j5eyGno7^DMFt.]n0E(GbC/T10kBsez%DuON.9zz]i)M2l?)dF:VO7K]L`ozD#E[uR.T6>O</YPHY(A(MtVXX#EpnjIMX)BM>2.A'G.JpZjXm)zyobcmx5FjFe5zZ3(R!wA?%q)3RGGmn<
.openx.net/	1970-01-21 02:46:56	Name: i Value: 2ed3629d-dbf1-47db-9bc0-810d26f90510\|1706480750
.pubmatic.com/	1970-01-20 20:10:56	Name: KRTBCOOKIE_218 Value: 4056-ZbbUawAAAIdWiAN-&KRTB&22978-ZbbUawAAAIdWiAN-&KRTB&23194-ZbbUawAAAIdWiAN-&KRTB&23209-ZbbUawAAAIdWiAN-
.pubmatic.com/	1970-01-20 18:44:32	Name: PugT Value: 1706480749
.demdex.net/	1970-01-20 22:20:32	Name: dextp Value: 358-1-1706480747512\|477-1-1706480747643\|771-1-1706480747753\|992-1-1706480747864\|903-1-1706480748200\|1957-1-1706480748349\|3047-1-1706480748455\|13870-1-1706480748569\|19360-1-1706480748818\|22054-1-1706480748951\|22069-1-1706480749214\|28645-1-1706480749315\|30646-1-1706480749415\|80742-1-1706480749516\|96420-1-1706480749617\|66757-1-1706480749718\|144230-1-1706480749819\|144231-1-1706480749920\|144232-1-1706480750021\|144233-1-1706480750122\|144234-1-1706480750223\|144235-1-1706480750324\|144236-1-1706480750425\|144237-1-1706480750525\|134084-1-1706480750626
.ipinyou.com/	1970-01-21 03:27:15	Name: PYID Value: O1T6Po3CcrWe

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://match.rundsp.com/match.gif?id=90749123238939382902171924092200732151&partner=adobe Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://connect.facebook.net/signals/config/836072006419889?v=2.9.143&r=stable&domain=thestregisbalharbourresort.247activities.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZbbUawAAAIdWiAN-&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
adobe-sync.dotomi.com
adservice.google.com
ag.innovid.com
assets.adobedtm.com
bat.bing.com
beacon.krxd.net
beacon.sojern.com
bh.contextweb.com
c.bing.com
c.tvpixel.com
c1.adform.net
cache.marriott.com
cm.everesttech.net
cm.g.doubleclick.net
cm.ipinyou.com
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
ct.pinterest.com
dpm.demdex.net
dsum-sec.casalemedia.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
idpix.media6degrees.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
ipoolside-media.s3.amazonaws.com
js.adsrvr.org
jvxpxl.marriott.com
login-ds.dotomi.com
login.dotomi.com
marriottinternationa.demdex.net
match.adsrvr.org
match.rundsp.com
match.sync.ad.cpe.dotomi.com
o436887.ingest.sentry.io
p.tvpixel.com
partners.tremorhub.com
pixel.rubiconproject.com
pixel.sojern.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.jivox.com
s.pinimg.com
s.tribalfusion.com
s.yimg.com
sc-static.net
secure.adnxs.com
servedby.flashtalking.com
simage2.pubmatic.com
smetrics.marriott.com
snap.licdn.com
sp.analytics.yahoo.com
static.sojern.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
tags.bluekai.com
thestregisbalharbourresort.247activities.com
tr.snapchat.com
tr6.snapchat.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
yahoo-match.dotomi.com
hb.yahoo.net
match.rundsp.com
sync.search.spotxchange.com
104.18.36.155
104.36.113.107
107.178.244.119
13.107.42.14
151.101.130.49
152.136.179.124
159.127.43.76
172.253.122.155
172.253.62.149
174.129.206.94
18.204.157.42
18.214.41.71
185.167.164.39
198.148.27.131
2001:4998:1c:800::1001
23.202.153.6
23.39.184.114
23.39.185.111
23.4.232.32
23.50.124.22
2600:1402:8800::1728:cf18
2600:1408:5400:38b::1931
2600:1418:a000:5af::1e80
2600:1f18:445b:903:779c:aace:8703:6d72
2600:1f18:612b:4200:b14f:6477:d561:27b0
2600:9000:26a0:2c00:1d:bf0a:0:93a1
2606:4700:4400::ac40:97ee
2606:4700:4400::ac40:9b77
2606:4700::6812:18ad
2606:ae80:1451:18::1720
2606:ae80:1451:20::1780
2607:f8b0:4004:c06::61
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c08::9c
2607:f8b0:4004:c0b::66
2607:f8b0:4004:c1d::66
2607:f8b0:4004:c1d::6a
2620:100:a001::c
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f011:100:face:b00c:0:3
2a03:2880:f111:181:face:b00c:0:25de
3.161.209.109
3.227.143.21
3.33.220.150
34.111.113.62
34.120.195.249
34.199.251.212
34.200.65.202
34.232.133.131
35.190.43.134
35.190.52.204
35.244.154.8
35.244.159.8
35.244.188.9
44.213.220.232
52.203.149.164
52.216.38.73
54.230.48.245
63.140.38.225
68.67.161.182
69.173.151.100
76.13.32.146
005fdfd3685a6dea398449f326f814f2e6de5e7133107b981a90b4e95584f72f
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
09316d88a817b1268d8de745b267de01618507d4094b205ed3281bce1bc6a98f
0a37f4264a9cf03b723507f6c31a0a25c44ecf96528cfd798c22e88c99e7c93b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc625c72fb08b7280cfc629f356a38e8d00d813f563896c6ce8f6cd2e4d8335
0cc996f6248901846ff22c1b3c70f4889b957876b6f581f1d56fba6dacca1038
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
108b17ab5acbd555020aef05770b5a766e02e7d19a72737b39c7b2881a64b6cd
133b639f99eafe781578740a1daf1ec63ae934103560809ae9634268b3eee8be
19ffd0fbe97ec8c7d6985c3b41e45e1c3a80052911f605f990cd19717f3bde34
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
228b1d6634abc2d6314f0591e07c5cd246a7fc071e4c9a592a2bf0e11fe6cd27
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cac89100642acb92e8c705a639a012b32de7eb32db954a31890da8a091610c3
2ed3ec5754878418d53700a992cf435dd4f17b22262398a4936d62d706e96986
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
3518646dfb1571293466295fa5b694ee1c9e0923135212d783d195cb0cb2b899
3747d4c2017769b3277bc3ccad631bf7d97c8c27b613facf124a006690715ffb
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3b0c7d63f9f5c675ab4ac69a1998aa9537e6e358e88e3918a58fb574a906e230
3d259a9cbc262ea4e3e8ecd34910e86354de457dc752541007d4daa6c57cb9e8
40dc35bd17d41c0cf151637f57f080c0472db5c8351b62ff9daf298a55324b9a
4253a0991868a34d3912bc915def432623f098c9178d52470622658959006cbb
43cf829ce77a9d60607211a5331d2d6212801941698296ea0496be67792a0a95
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4472846aafcee961f45e09809c3f4a96f1df5495241a44dc87a6ab4ed8c0c5d3
470ded9ff828e85600726be723a6c46d8b13aad3921038dd94d291e3884132d8
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
484ef4268f1d679c1ae88c06fc2388d39afc441465732617e5e2cdc2e3d418e2
48dfb69f3a9d71ad74bd7be783be49a2a377b487497017c5d1c6b1da797bbaf6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4badc8f2cc8cc29176727f1cdd27b07f5032cedbbd2e82952ffed205b96b91be
4dbae8b3d2a71b182f3aab701a08fc3c5f2bf734f9e09605c650b1c6506e9097
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
4fd96f96cad91054e5fc49db5d95628b922db61c1bd0f6b5025a3991e562946a
526eb717dad4c19e2f555330c942acfd66e22d44bd11597f2ccc4a4219d8bc2d
52ea1861699ecf8fe7d164567df73a73c43ac85253e32658e0f022842b3eebea
52f1ee340c477bdd91fa327c2cd5eea9c4e2c762a593197f4cd669e823f54de7
5471c6c3defc3274753615107ad860b9c74613aa31fb8731c6bf6f43e9333378
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b90ef60b76cca302d0d35939fa25bba91eb9723e3c3884a300a503fb418bc8
54cc336ea82cecc3ea5dc85bc44039601b5445253c4397d2fc8941394bf9054a
5633c25b04fe937b1b104fd6234f9e4d54cb8a5da7026ab781b8d8585f7f6778
575b1c14355c153f170c5dc528fcb944f535db28a0877306c2754839ad867e9a
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5dd189cea36b3e2cde3a78d07402b32003ab4904516d295545c1c4d5aec0657e
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
603de02c4b99c31138b5c6b0d97e2182d79be092b8de6cf9b8d3a56f6f256958
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
68ba856727e49d16ea40ed6c8194f24d210369d098ddc53ac4792e91a8c6a1e0
68f4d44b056db178a4a5683da873a2c3754afb055d3cea217afdd297b6162bee
6e10b223ebaea986dbeef75b614e2d0d277f5b28ff6cb58bdfe1ac3ab2289687
7316c1dfbc9f061b2280befce5285d9576624d84376031f96583df11d82ea916
732210efb3d890b3bcdcc6cf653a6681aa2dfad07b335dc132d28658a907b15a
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
78791edc61c96a5ec8159e033473108958108c66296abe6a5b6896040dff9645
79ab5769acebae5b9387031c48ae715d2f85c10ea62bbab124564bdba68aae99
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8054f4e3fe5af937cdc5d795f555dae2c1489ce993935b2c0da1ddb9bb8ce183
822b177f983f951507f9331ca1849c6a8a7601b3dc449de022c2dac66ddb37bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b16390f1972a710b482ed0f21ba9f8fad7b1fac9b9fca835777994262e6d1c
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a
8e3a64611d4ed90b06a740474f4196a39293fc4d947191e2a5f9ec86f1c9b5af
913c7db2e1be22538c52c3b3dd4bdabdc56c90354308c34ebcfeba72f44f8e0c
972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432
97610a3d40dd001fa3c35207f814dc41af50908b11e4a56ad9114e0e34baa59b
9b8dcfbdc40c9caabf0e4ddeff043c4af3d7af4689fc4130f7fd3651b95f0968
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a414645044a3dee233d1fd534ae4b33249eeed8f8d7ae79ce0152e8e2cd65d7f
a59039a55b5e6a55c9917b177cea541aed2109727aeb088de6d1c08d2dc66a70
a93b70f93f8d734b9cef5d25826cd8496dcee4a619a04ea78cfdee9f6462c3b8
ae0a93a19431ff887e8ce6e05a2bca8b09f6b3bd79412ce02e6bc2609ffd66bd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b7806820a321ae142a12d51708677e3c2f255cce1aa86958e96c77028f7237a3
c7a5ac7699a044df2a6cb702caf1616b7fafe5dee0dcfb9448c21b46a6373034
cc81f0a04a5d562031e11f36abf197a5d3cae124a62c3a79927397b82337e683
cea49dea7db546aed2c518c65bda981239e74fba3d69ffc2e81197110d79b876
cfd1437fcf5e1e5bc504d0a4366d0a2facdf81ed3edf0eb34734c8103a2f94c5
cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d8575fc91bafe2e8ec1bf5cbc1b13091362173e4856559c3e6e41a839285e5a8
da8c562abc1ab29de420402d185fe5c0647d6d235d6171469b2566c59a67c528
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7
def471f0480adeb3b47924f6684d105b52ea0d86b407baee37f1f2cf2fa7b5ef
dfde55c26a76fe96455cf5e3c40c54749fbc219f7e34a932e97caff50cd236e0
e172b2e98564a9fcc9b25bbf4b21b08acb823c94cd2aca8c6670525ef8a29760
e249c54cecc4bdf6bcfde6507106d8d5eadecc3a83c38d8cad369a78f1eb2f71
e354718dba42dbc4681e5323f82866b1274611f00bcf30eb7f7156cf1a71f3e7
e392b7a34034b4389cb95c6a572e85e577e633b92e737ffb03cd03880bb3c97c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
eb4dfbf7b3a5944380b3cfc3a199ed0d4ccab65d0025fd420a56cfb230060034
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed19c592446d5125b179129f6d35ff5385bdc161ef90016ce77765f0af177bfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f121d95565b381320903334d51fff37bf01848517dc87fab137ed738712c1e2c
f214a9516e340262dd3d34ecea805eb9aac325fce8520f966f66b746075321ce
f2966780d964488ce801cd252ec0fcfc01281842f3b8302a6efa22d9ef308d10
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca
f77901460c4fe09d055e1f32a52d72b19b5eac2d387addc04082759d3055aba4
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f938286168b563d30b432e1d814cee4ed5841bae8a1cb78047dc5bf1b6f30034
fcad0bb59b53fdb301a56e0fe35f44227271e38c5ad1bd227a30bfd3b96ef723
fceb5b9898c8ea5434022e07b3250d6a1605e82bab80e3efae375449b4a90e65
fe7b6c830b69342bd253c70ab4bbbf14a59ac4b5667dfc08f66f59f7131a420d

thestregisbalharbourresort.247activities.com Open in urlscan Pro 174.129.206.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

185 Requests

76 %HTTPS

37 %IPv6

53 Domains

80 Subdomains

51 IPs

4 Countries

8600 kBTransfer

22536 kBSize

103 Cookies

7 Outgoing links

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

thestregisbalharbourresort.247activities.com Open in urlscan Pro
174.129.206.94 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

76 %
HTTPS

37 %
IPv6

53
Domains

80
Subdomains

51
IPs

4
Countries

8600 kB
Transfer

22536 kB
Size

103
Cookies

185 HTTP transactions
0 data transactions