activities.marriott.com Open in urlscan Pro
13.225.78.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://res-marriott.com/T/v7100000182c6b44c18b047d4434b5c58d0/826988fe6cfb4fef0000021ef3a0bcd0/826988fe-6cfb-4fef-8fa6-7...
Effective URL:
https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=...
Submission: On August 22 via api (August 22nd 2022, 8:02:04 pm UTC) from BE — Scanned from DE

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 49 HTTP transactions. The main IP is 13.225.78.49, located in United States and belongs to AMAZON-02, US. The main domain is activities.marriott.com. The Cisco Umbrella rank of the primary domain is 502542.
TLS certificate: Issued by R3 on July 29th 2022. Valid for: 3 months.

This is the only time activities.marriott.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.127.198.243 159.127.198.243	19137 (EPSILON-I...) (EPSILON-INTERACTIVE)
1 7	13.225.78.49 13.225.78.49	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
23	151.101.194.38 151.101.194.38	54113 (FASTLY) (FASTLY)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	34.245.131.185 34.245.131.185	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	13.224.192.183 13.224.192.183	16509 (AMAZON-02) (AMAZON-02)
1	35.166.121.236 35.166.121.236	16509 (AMAZON-02) (AMAZON-02)
49	13

1 159.127.198.243 (United States) 1 redirects

ASN19137 (EPSILON-INTERACTIVE, US)

res-marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.78.49 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-49.fra2.r.cloudfront.net

activities.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 151.101.194.38 (United States)

ASN54113 (FASTLY, US)

media-cdn.tripadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o257508.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.245.131.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-131-185.eu-west-1.compute.amazonaws.com

widget.travelcurious.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.192.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-183.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.121.236 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-121-236.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	tripadvisor.com media-cdn.tripadvisor.com — Cisco Umbrella Rank: 9908	2 MB
7	marriott.com 1 redirects activities.marriott.com — Cisco Umbrella Rank: 502542	308 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	65 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5695 www.google.com — Cisco Umbrella Rank: 9	861 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	148 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 1396	27 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6076	564 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108	377 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 915	179 B
1	travelcurious.net widget.travelcurious.net	3 KB
1	sentry.io o257508.ingest.sentry.io — Cisco Umbrella Rank: 895319	282 B
1	res-marriott.com 1 redirects res-marriott.com — Cisco Umbrella Rank: 70630	284 B
49	12

	Domain	Requested by
23	media-cdn.tripadvisor.com	activities.marriott.com
7	activities.marriott.com	1 redirects activities.marriott.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com activities.marriott.com
3	www.googletagmanager.com	activities.marriott.com
2	cdn.segment.com	activities.marriott.com
2	www.google.de	activities.marriott.com
2	stats.g.doubleclick.net	www.googletagmanager.com activities.marriott.com
2	region1.analytics.google.com	www.googletagmanager.com
1	api.segment.io	activities.marriott.com
1	www.google.com	activities.marriott.com
1	widget.travelcurious.net	www.googletagmanager.com
1	o257508.ingest.sentry.io	activities.marriott.com
1	res-marriott.com	1 redirects
49	13

This site contains links to these domains. Also see Links.

Domain
moments.marriottbonvoy.com

Subject Issuer	Validity	Valid
activities.marriott.com R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
media.tacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-23` - `2023-04-22`	a year	crt.sh
*.ingest.sentry.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.travelcurious.net R3	`2022-06-10` - `2022-09-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Frame ID: 1492C456563C56B467D5E2158056DBA9
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Courtyard Ottawa East | Marriott

Page URL History Show full URLs

https://res-marriott.com/T/v7100000182c6b44c18b047d4434b5c58d0/826988fe6cfb4fef0000021ef3a0bcd0/82698... HTTP 302
https://activities.marriott.com/reservation?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsret... HTTP 302
https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vs... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

49
Requests

100 %
HTTPS

46 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

2311 kB
Transfer

3270 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://moments.marriottbonvoy.com/
Title: Member Exclusives

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://res-marriott.com/T/v7100000182c6b44c18b047d4434b5c58d0/826988fe6cfb4fef0000021ef3a0bcd0/826988fe-6cfb-4fef-8fa6-7dc3e5c17a32?__dU__=v0G4RBKTXg2GvMkOJesaYIzG4U7guhmTRE-pfbKSY7_EuYILBfkKy6fQ==&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0IA9a7wNY25rKk-_HJm1AQTzxqZ2c2TirNzRKY6_upFAY5FbT8nXbcA_j00fgcwme0lUZkdYmLO8AM7jHOmWFH2ukAOJqa2-PBD_XZChGGFvOMyUGhrzPNvackrwbsXSDzByW4WgyQPAKXK5e-OeWYKzwbds414YG76iuqvnnZ34eCTUmdCneX33XtHCkEX1nVtsNXtKnjsZ6usaHu_b83m8ZHf3jJ9qGtJQ1R5X3pdGnOwu5dXydUOac0CYFO_rCFdHBuQQogC3q6GSd5R8xHgASF_DqCgm9YpRQytSUs83OeaMRioRSuLgUuS1lmE6O8VZTlIINSrr4OkIzaLTHUESoPYcbWOBgyA3L2s6U27mrGlJWmeyAHCZxjURASL5SBms4IuQF8DSBtlADqKOSRe-S9RFzN2w_E9rAlXYYQG4EmdyFrPEBr HTTP 302
https://activities.marriott.com/reservation?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM~N HTTP 302
https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request YOWOE Show response
activities.marriott.com/property/
Redirect Chain

https://res-marriott.com/T/v7100000182c6b44c18b047d4434b5c58d0/826988fe6cfb4fef0000021ef3a0bcd0/826988fe-6cfb-4fef-8fa6-7dc3e5c17a32?__dU__=v0G4RBKTXg2GvMkOJesaYIzG4U7guhmTRE-pfbKSY7_EuYILBfkKy6fQ=...
https://activities.marriott.com/reservation?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM~N
https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN

150 KB
27 KB

515ms
514ms

Document
text/html

13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-49.fra2.r.cloudfront.net

Software

Resource Hash

55f20b4c1e80a7215baa637b53431572bd77dec166328d0c2772dc95117aa8c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width
cache-control: must-revalidate, private, max-age=0, stale-if-error=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 22 Aug 2022 20:01:57 GMT
pragma: no-cache
vary: Accept-Encoding
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-id: akT7XIgcJu7sLUm0TsnPApRs3cuquND23SZ89A5ChWfmsnzcQZ4Tjg==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

Redirect headers

age: 72
content-length: 164
content-type: text/plain; charset=utf-8
date: Mon, 22 Aug 2022 20:00:45 GMT
location: /property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-id: BsFlWc7xGQDCUg5e5BUzMcdY74s54EESeCSt6uE4EM0rGJ0yYOtbrw==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

GET
H2 200 main-8ee3e7b2ef.css
activities.marriott.com/a/theme/marriott/ 112 KB
15 KB 47ms
46ms Stylesheet
text/css 13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activities.marriott.com/a/theme/marriott/main-8ee3e7b2ef.css
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-49.fra2.r.cloudfront.net
Software: /
Resource Hash: dcc22cec00d1f77ff1b753f26f70f10786f9b39b1c185b47cfd651c9b7a75c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:00:46 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 17:46:47 GMT
age: 71
etag: "3b33-/YwWZD+0RsiGApM1qAAWrxlzpQU"
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 15155
x-amz-cf-id: VrTkbEUv7PfzIefHy0r4LoZbmuyPa5ob4--uNVvKMVsiVcWpa76MiQ==

GET
H2 200 proxima-nova-bold-3b90b7.woff2
activities.marriott.com/a/m/marriott/ 72 KB
72 KB 50ms
50ms Font
font/woff2 13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://activities.marriott.com/a/m/marriott/proxima-nova-bold-3b90b7.woff2

Requested by

Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-49.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d137f8e29131deffb0dcd3e079b019e94c82fdb6e8557efbf7346a1fe169c97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Origin: https://activities.marriott.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:00:47 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71
x-cache: Hit from cloudfront
content-length: 73624
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Aug 2021 21:27:09 GMT
server: AmazonS3
x-frame-options: DENY
etag: "1961faca206589225bff6899eef1657d"
strict-transport-security: max-age=63072000; preload
content-type: font/woff2
cache-control: max-age=31540000,immutable
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: tK1DuQvSLpF5H2tLc-el7kZSIseAtRP-2XjyIXiTRE9n_uXQH7prZw==

GET
H2 200 Swiss721BT-BlackCondensed-768bde.woff2
activities.marriott.com/a/m/marriott/ 19 KB
20 KB 98ms
98ms Font
font/woff2 13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://activities.marriott.com/a/m/marriott/Swiss721BT-BlackCondensed-768bde.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-49.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

380033ad7d869b35e783ec206d812cf6ef86abd343a230cc6746c7f29cecac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Origin: https://activities.marriott.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:00:47 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71
x-cache: Hit from cloudfront
content-length: 19632
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Aug 2021 21:27:09 GMT
server: AmazonS3
x-frame-options: DENY
etag: "4bfaf930973f9e40ec71775889adf62e"
strict-transport-security: max-age=63072000; preload
content-type: font/woff2
cache-control: max-age=31540000,immutable
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: NklNDyU8XfcpYxCDLyT8wflurwWglGQy4TyuemgKHHuzYP6n1GSsOA==

GET
H2 200 proxima-nova-regular-41e9cb.woff2
activities.marriott.com/a/m/marriott/ 70 KB
71 KB 118ms
118ms Font
font/woff2 13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://activities.marriott.com/a/m/marriott/proxima-nova-regular-41e9cb.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-49.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

55ed0af5931ea7cf068586ffd18cebefb5a7a82cb40d5de9b1c821194ed8dca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Origin: https://activities.marriott.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:00:47 GMT
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 71
x-cache: Hit from cloudfront
content-length: 71720
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Aug 2021 21:27:09 GMT
server: AmazonS3
x-frame-options: DENY
etag: "442bd71b24d07a862ffc09251ac4c6a5"
strict-transport-security: max-age=63072000; preload
content-type: font/woff2
cache-control: max-age=31540000,immutable
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: -mtFiiZyuXZzdP2YCym688JaU105km_RtNAl4BzbEr4NcmKYwJbmzQ==

GET
H2 200 experiences-d1f7e0e889.js Show response
activities.marriott.com/a/ 417 KB
103 KB 44ms
44ms Script
application/javascript 13.225.78.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://activities.marriott.com/a/experiences-d1f7e0e889.js
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-49.fra2.r.cloudfront.net
Software: /
Resource Hash: d131032fee1c41ce31a4b8ebde9aac9b69005984d4882c0254c4de6202bdcdaa

Request headers

Referer: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Origin: https://activities.marriott.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:00:46 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 17:47:15 GMT
age: 71
etag: "19908-hMa3n6GCeIOkTDwxHb0vwhwhNss"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 104712
x-amz-cf-id: L_YdophiT5bcfIas8I2Npx6tMT8AqYDoM6iLNTH5LnT-M-kVuJ6fzg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 190ms
93ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KS7BH8MC85&l=dataLayer&cx=c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e1cd726b7561fdce288b2c05d1f7bf67c447ee349310139dc2153ec09b2df9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69228
x-xss-protection: 0
expires: Mon, 22 Aug 2022 20:01:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 143ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-77434830-33&l=dataLayer&cx=c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

261eac35406103b157cca47ccd61f979e12c46da6017ce1f7a4c8306c607345f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41920
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 18:32:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 20:01:57 GMT

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c125ad4c4ad6f92ad43f4458102ea3ac83c17e0239ab1118b6a310fd5b92b07

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 74.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0d/f8/65/ 95 KB
95 KB 293ms
173ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0d/f8/65/74.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a5260ded1198aef5e30a3f8d1c9c28b70aeade6b6523776d6dd1f2131b6e5395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "ac9607aa04c4d727fb03c851bb518897"
x-media-cdn: 237935721
age: 1666590
x-cache: HIT, HIT
content-length: 97558
x-served-by: cache-iad-kiad7000165-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Thu, 17 Feb 2022 15:24:49 GMT
x-timer: S1661198518.918665,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 4b.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/75/ac/ 80 KB
80 KB 199ms
80ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/75/ac/4b.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 42fa15ffe72f76f2b3797d5881a48b9e16a8a1411bbe8bdb84669b4f4742586e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "2951e29e6c972dcb610602c325a0b625"
x-media-cdn: 32435013
age: 2091568
x-cache: HIT, HIT
content-length: 81864
x-served-by: cache-iad-kjyo7100110-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Thu, 13 Sep 2018 00:59:11 GMT
x-timer: S1661198518.918635,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 24.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/ab/ec/ 70 KB
71 KB 199ms
79ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/ab/ec/24.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9e9f97d504303a4d4a41a61c42ea766b1871d90bd4ca2f8b23e2bf1dd7d89b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "1bef8ddbd4ec56a365a9c4d6cc786ae0"
x-media-cdn: 568500742
age: 2263063
x-cache: HIT, HIT
content-length: 72071
x-served-by: cache-iad-kcgs7200170-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 03 Apr 2020 16:31:22 GMT
x-timer: S1661198518.918581,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 17.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/a5/c9/ 77 KB
77 KB 157ms
38ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/a5/c9/17.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4883745e42385a857567b91a3f9719d29e72170644a52ecd683126343950c4ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "345ff5a4d81def72f6943be340dd9e65"
x-media-cdn: 357811462
age: 819875
x-cache: HIT, HIT
content-length: 78592
x-served-by: cache-iad-kjyo7100145-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Sun, 22 Mar 2020 15:48:41 GMT
x-timer: S1661198518.918588,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 32.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/82/e5/ 104 KB
104 KB 292ms
173ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/82/e5/32.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d11472448828fc4ca24ecf5a2a3bf8f8864d1a6e4d6d36efef8f34bc7f4d2b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "c03f02ab6ce21be49d1b257c1ad1b8e8"
x-media-cdn: 279420251
age: 1086140
x-cache: HIT, HIT
content-length: 106547
x-served-by: cache-iad-kiad7000112-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 01 May 2019 02:03:51 GMT
x-timer: S1661198518.918645,VS0,VE2
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 3e.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/e6/b1/ 73 KB
73 KB 292ms
173ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/e6/b1/3e.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d20555708a060c74b2f6190791845922eeb6bf2048615785a52c747c6ac1b2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "9f3825d2f63701c98ec5f2193ec05931"
x-media-cdn: 166346020
age: 1645896
x-cache: HIT, HIT
content-length: 74669
x-served-by: cache-iad-kcgs7200131-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 21 Dec 2018 15:11:09 GMT
x-timer: S1661198518.918627,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 72.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0e/c0/aa/ 64 KB
64 KB 172ms
79ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0e/c0/aa/72.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0724f9b86707ae603911e0fe077a8c95708eb7daf903b7aeeac7308f7cc7ae8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "8f3e0345566d01faa7c5b694f301caeb"
x-media-cdn: 263578009
age: 1143931
x-cache: HIT, HIT
content-length: 65225
x-served-by: cache-iad-kiad7000020-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Tue, 10 May 2022 12:18:18 GMT
x-timer: S1661198518.918690,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 df.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/19/e7/ 74 KB
74 KB 132ms
38ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/19/e7/df.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9baf0aca1c12a5faf72eca4c734d29f9096b6e1dd7851e3cc7eaf6f4f0fea93f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "2f4c7f23a6aeb8d829eff1c83b07302f"
x-media-cdn: 338129941
age: 550144
x-cache: HIT, HIT
content-length: 75361
x-served-by: cache-iad-kjyo7100077-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 17 Jul 2020 08:50:40 GMT
x-timer: S1661198518.918088,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 43.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/70/46/ 78 KB
78 KB 173ms
172ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/70/46/43.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 42fae90bc5bcafeae46f8c5cfc28109b98e58697f9d43683415ccf90d2a14a70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "4df6d01ec7b28731cda02090cb4652f4"
x-media-cdn: 134706541
age: 562141
x-cache: HIT, HIT
content-length: 79417
x-served-by: cache-iad-kcgs7200034-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 05 Sep 2018 22:21:05 GMT
x-timer: S1661198518.954267,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 42.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/70/46/ 110 KB
110 KB 174ms
173ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/70/46/42.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83af5306988d3f694c93b1d269d633b03b9aaae5be4f92dd4b0b82b6c71db709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "7e217edce9bbd6f3cff328c0c056223f"
x-media-cdn: 187229144
age: 1928248
x-cache: HIT, HIT
content-length: 112692
x-served-by: cache-iad-kjyo7100154-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 05 Sep 2018 22:21:06 GMT
x-timer: S1661198518.954447,VS0,VE2
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 3b.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/70/46/ 110 KB
110 KB 173ms
172ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/06/70/46/3b.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5b747d5cf654f1be7de50d4be5ec28be7620fd2ebba0d84b731490514e9689a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "6b9ec05d634caac16fe113517635fc77"
x-media-cdn: 146240743
age: 1737536
x-cache: HIT, HIT
content-length: 112134
x-served-by: cache-iad-kjyo7100053-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 05 Sep 2018 22:20:51 GMT
x-timer: S1661198518.954249,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 da.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/5f/fb/ 107 KB
108 KB 173ms
171ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/5f/fb/da.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 54c73b979f6c648a2f081d34fdd3e54b55794a13bcabdec06d78643c1c88da76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "f17f0079a64d622c7926fff482ac194d"
x-media-cdn: 75478219
age: 1743470
x-cache: HIT, HIT
content-length: 110002
x-served-by: cache-iad-kiad7000031-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 07 Feb 2020 20:37:14 GMT
x-timer: S1661198518.954020,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 2c.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/69/9b/ 55 KB
55 KB 174ms
173ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/69/9b/2c.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fdcca7b1821a0271467dd170a6e883b3d24264302d1c96e0847b50fac999ec26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "37f42b51994dab5be7f81388c55ee26a"
x-media-cdn: 259426286
age: 1571455
x-cache: HIT, HIT
content-length: 56327
x-served-by: cache-iad-kcgs7200061-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 03 Apr 2019 03:19:54 GMT
x-timer: S1661198518.954003,VS0,VE3
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 92.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/70/2d/ 53 KB
53 KB 173ms
172ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/70/2d/92.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e279766d6adbaef8913ef2f675030f46e1556e3c50bd560e1e5a095d51c2e8a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "c0a8dfcf6ef6883b79a00104b91ed6ac"
x-media-cdn: 394737415
age: 615240
x-cache: HIT, HIT
content-length: 54182
x-served-by: cache-iad-kcgs7200119-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Tue, 09 Apr 2019 02:27:22 GMT
x-timer: S1661198518.953980,VS0,VE2
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 ec.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/5f/71/ 70 KB
70 KB 174ms
173ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/5f/71/ec.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c8631d7c315dd76c9fd49c59b69fdfa792caba93a980492f7bdd80d2593845ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "243160611c27f54b40e84a31cb2f3708"
x-media-cdn: 289200600
age: 1041665
x-cache: HIT, HIT
content-length: 71336
x-served-by: cache-iad-kcgs7200056-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Thu, 19 Nov 2020 22:59:25 GMT
x-timer: S1661198518.954116,VS0,VE2
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 8a.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/19/fa/ 69 KB
69 KB 172ms
171ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/19/fa/8a.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0591a572bd5d521d7329b3ddf2215351277bdb6ce9f9f6d39310484a96a4b2c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "f24675d2e06f71d707f9fd61520d75ef"
x-media-cdn: 68443967
age: 2098327
x-cache: HIT, HIT
content-length: 70289
x-served-by: cache-iad-kiad7000084-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 17 Jul 2020 13:50:01 GMT
x-timer: S1661198518.953992,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 e1.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0f/4d/7b/ 60 KB
60 KB 173ms
172ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0f/4d/7b/e1.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2004f18034f0289def97f4aebd300d4a750e3319a5521ccb8d8139302af4ddba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "9ed432caff0f8bac2e4b3a7796e187c9"
x-media-cdn: 38656944
age: 2079791
x-cache: HIT, HIT
content-length: 61539
x-served-by: cache-iad-kjyo7100064-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Mon, 11 Jul 2022 19:31:40 GMT
x-timer: S1661198518.953930,VS0,VE2
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 8c.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/0a/5d/ 36 KB
36 KB 171ms
170ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/0a/5d/8c.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cb09d70e1a930396978e18fa3471799ae3dcf16bea91ea2e418af8a3736a6628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "27bc51a3a40049ae98bbd41dc7297e60"
x-media-cdn: 105871229
age: 1772217
x-cache: HIT, HIT
content-length: 36449
x-served-by: cache-iad-kjyo7100049-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Sun, 05 Jul 2020 00:21:25 GMT
x-timer: S1661198518.953904,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 d1.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/0a/4a/ 62 KB
62 KB 172ms
171ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/0a/4a/d1.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f921ca124fd8ef9028c2cf29fa68fdd269e8a0e3cd3209c860f7b095604925aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "2739365325837fb40455ed0be8033970"
x-media-cdn: 364730051
age: 426226
x-cache: HIT, HIT
content-length: 63464
x-served-by: cache-iad-kiad7000064-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Sat, 04 Jul 2020 23:54:48 GMT
x-timer: S1661198518.953873,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 c9.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0e/a5/18/ 87 KB
88 KB 173ms
172ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0e/a5/18/c9.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 166ec549b2d66e6ffbf2796b037f318c6ea3ae0f88976dd2edc1e18288bd3828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "39c21955b7f9d135b3e3392cef8a0d6f"
x-media-cdn: 453362490
age: 1733098
x-cache: HIT, HIT
content-length: 89481
x-served-by: cache-iad-kiad7000065-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Fri, 22 Apr 2022 11:16:48 GMT
x-timer: S1661198518.953858,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 a4.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/c3/cf/ 64 KB
65 KB 172ms
171ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0b/c3/cf/a4.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d5c15dcd69f4bcb95cc846dabf0cb647a4cc67f14ad059877ffa16507e0e9896

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "3a555aee3ed3aefb35d86b8236254c5c"
x-media-cdn: 121781911
age: 1142019
x-cache: HIT, HIT
content-length: 65929
x-served-by: cache-iad-kcgs7200140-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Wed, 31 Mar 2021 16:43:34 GMT
x-timer: S1661198518.953835,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 48.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/af/ed/ 65 KB
65 KB 173ms
172ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/07/af/ed/48.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 751dd6e99160f4a8ace435b7f6f17109d95b61765bd1f6760591a79ddc4c60e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "80835c89b80a1182ed0faf51c247e16a"
x-media-cdn: 257979612
age: 1565660
x-cache: HIT, HIT
content-length: 66737
x-served-by: cache-iad-kcgs7200124-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Tue, 02 Jul 2019 18:34:18 GMT
x-timer: S1661198518.953824,VS0,VE2
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

GET
H2 200 de.jpg
media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/46/9c/ 92 KB
92 KB 172ms
171ms Image
image/jpeg 151.101.194.38
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media-cdn.tripadvisor.com/media/attractions-splice-spp-674x446/0a/46/9c/de.jpg
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.38 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c369f2215b69f4e78ae8f990264b31c486fdd50f4ee4be0841d1433bbb3da8f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 varnish, 1.1 varnish
etag: "484ab0c7065b45979ea8fac1e9c124c5"
x-media-cdn: 113231988
age: 1749831
x-cache: HIT, HIT
content-length: 93922
x-served-by: cache-iad-kjyo7100166-IAD, cache-hhn4043-HHN
timing-allow-origin: https://www.tripadvisor.com
last-modified: Mon, 27 Jan 2020 15:35:47 GMT
x-timer: S1661198518.953818,VS0,VE1
x-media-cdn-cache-hits: 0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-media-cdn-cache: PASS
x-cache-hits: 1, 1

POST
H2 200 / Show response
o257508.ingest.sentry.io/api/6036320/envelope/ 2 B
282 B 134ms
44ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o257508.ingest.sentry.io/api/6036320/envelope/?sentry_key=9e9cd07a9e19490eb071a22f26bec216&sentry_version=7

Requested by

Host: activities.marriott.com
URL: https://activities.marriott.com/a/experiences-d1f7e0e889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://activities.marriott.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://activities.marriott.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
38 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5TRC5G

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ae9c5303e7d8741d8dfa9b7e665dc4cddcd52287f64ce89baad50d1db4b38c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39308
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 18:32:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 20:01:57 GMT

GET
DATA 200
OK truncated
/ 119 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82629870a0ae10bc5c7497c06c54ac687a2ae2dcba9c1d7167923734c07ed6ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 355ms
34ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-77434830-33&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3598
date: Mon, 22 Aug 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Aug 2022 21:02:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
343 B 166ms
64ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KS7BH8MC85&gtm=2oe8h0&_p=1034436603&_gaz=1&cid=2001116087.1661198518&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661198517&sct=1&seg=0&cm=Email&cs=Marriott&cn=Confirmation%20Email&cc=Confirmation%20Email&dl=https%3A%2F%2Factivities.marriott.com%2Fproperty%2FYOWOE%3Fproperty%3DYOWOE%26end%3D2022-08-28%26start%3D2022-08-27%26program%3DMAR%26vsretype%3DCNF%26vsresect%3D1%26vsrelink%3DPlacePass%26vsrebrand%3DCY%26vsremarsha%3DNM%257EN&dt=Courtyard%20Ottawa%20East%20%7C%20Marriott&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.siteSpeedSampleRate=50&ep.transport_type=beacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS7BH8MC85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:01:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://activities.marriott.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
352 B 174ms
60ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KS7BH8MC85&cid=2001116087.1661198518&gtm=2oe8h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS7BH8MC85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:01:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://activities.marriott.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 197ms
81ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KS7BH8MC85&cid=2001116087.1661198518&gtm=2oe8h0&aip=1&z=1019602924

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget-loader.js Show response
widget.travelcurious.net/v2/assets/js/ 10 KB
3 KB 203ms
61ms Script
application/javascript 34.245.131.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.travelcurious.net/v2/assets/js/widget-loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5TRC5G
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.245.131.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-131-185.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: bca8cca32d065e300cc54105a31c0168548baf0844c0941eb486aa6a9d643166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 09:19:57 GMT
server: nginx/1.22.0
etag: W/"62fb613d-26ef"
content-type: application/javascript

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 112ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 19:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 Aug 2022 20:45:43 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 121 KB
44 KB 122ms
54ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WC4D3Z8&t=gtag_UA_77434830_33&cid=2001116087.1661198518

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3865c6a6037807d9dcdc9c15e1fb7b362879df7b2781085500084dc9dd83972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 20:01:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44799
x-xss-protection: 0
expires: Mon, 22 Aug 2022 20:01:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
48ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1034436603&t=pageview&_s=1&dl=https%3A%2F%2Factivities.marriott.com%2Fproperty%2FYOWOE%3Fproperty%3DYOWOE%26end%3D2022-08-28%26start%3D2022-08-27%26program%3DMAR%26vsretype%3DCNF%26vsresect%3D1%26vsrelink%3DPlacePass%26vsrebrand%3DCY%26vsremarsha%3DNM%257EN&ul=en-us&de=UTF-8&dt=Courtyard%20Ottawa%20East%20%7C%20Marriott&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=Confirmation%20Email&cs=Marriott&cm=Email&cc=Confirmation%20Email&_u=aCDAAUALQAAAAC~&jid=1276862302&gjid=920983188&cid=2001116087.1661198518&tid=UA-77434830-33&_gid=245988910.1661198518&_r=1&gtm=2ou8h0&z=196284772

Requested by

Host: activities.marriott.com
URL: https://activities.marriott.com/a/experiences-d1f7e0e889.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://activities.marriott.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:01:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://activities.marriott.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Ping
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://activities.marriott.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:01:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://activities.marriott.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 160ms
52ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-77434830-33&cid=2001116087.1661198518&jid=1276862302&gjid=920983188&_gid=245988910.1661198518&_u=aCDAAUAKQAAAAC~&z=263989994

Requested by

Host: activities.marriott.com
URL: https://activities.marriott.com/a/experiences-d1f7e0e889.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://activities.marriott.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Aug 2022 20:01:58 GMT
content-type: text/plain
access-control-allow-origin: https://activities.marriott.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 148ms
71ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-77434830-33&cid=2001116087.1661198518&jid=1276862302&_u=aCDAAUAKQAAAAC~&z=1791206566

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 175ms
82ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-77434830-33&cid=2001116087.1661198518&jid=1276862302&_u=aCDAAUAKQAAAAC~&z=1791206566

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:01:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/aBKRNTdTP4RHnPxcfHIYvGl4uFzLDcN6/ 95 KB
26 KB 679ms
618ms Script
text/javascript 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/aBKRNTdTP4RHnPxcfHIYvGl4uFzLDcN6/analytics.min.js
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/property/YOWOE?property=YOWOE&end=2022-08-28&start=2022-08-27&program=MAR&vsretype=CNF&vsresect=1&vsrelink=PlacePass&vsrebrand=CY&vsremarsha=NM%7EN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23038fab2a2fcc3c7f1d09bfa80d10bc623eec7e3fde8af538fbbef5eacfa7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: xFvPDlYnMiOvzjBRwyXEp0xPs_x3S8JW
content-encoding: br
etag: W/"7962cb392243ba44e38cecc58b8807cc"
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 04 Aug 2022 22:23:16 GMT
server: AmazonS3
date: Mon, 22 Aug 2022 20:02:01 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: E3rhq4d0_RrJnCFGtXps54lCCMc8Kw2evMdGg2cBhx6o8bUMijXCUw==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/aBKRNTdTP4RHnPxcfHIYvGl4uFzLDcN6/ 582 B
1 KB 55ms
18ms XHR
application/json 13.224.192.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/aBKRNTdTP4RHnPxcfHIYvGl4uFzLDcN6/settings
Requested by: Host: activities.marriott.com
URL: https://activities.marriott.com/a/experiences-d1f7e0e889.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-183.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8761eca0a11ad258bc932d0e685266f1d14e77487d4d50f9906315362ceec5ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://activities.marriott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: Qq6KH2Q6rxBl4k9quRIbE4drqt0dWEy8
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
etag: "e4b9ad112d2efa3ba856492079973871"
age: 10161
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 582
last-modified: Thu, 15 Jul 2021 00:26:51 GMT
server: AmazonS3
date: Mon, 22 Aug 2022 17:12:40 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: SgXeB7qYVLfygwjFEot043Ma5fkqJ77K7VgjmG3Yo-wWg_0yXAJV-A==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
179 B 528ms
173ms Fetch
application/json 35.166.121.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: activities.marriott.com
URL: https://activities.marriott.com/a/experiences-d1f7e0e889.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.121.236 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-121-236.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://activities.marriott.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://activities.marriott.com
date: Mon, 22 Aug 2022 20:02:00 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 93ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KS7BH8MC85&gtm=2oe8h0&_p=1034436603&cid=2001116087.1661198518&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661198517&sct=1&seg=0&cm=Email&cs=Marriott&cn=Confirmation%20Email&cc=Confirmation%20Email&dl=https%3A%2F%2Factivities.marriott.com%2Fproperty%2FYOWOE%3Fproperty%3DYOWOE%26end%3D2022-08-28%26start%3D2022-08-27%26program%3DMAR%26vsretype%3DCNF%26vsresect%3D1%26vsrelink%3DPlacePass%26vsrebrand%3DCY%26vsremarsha%3DNM%257EN&dt=Courtyard%20Ottawa%20East%20%7C%20Marriott&cu=USD
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KS7BH8MC85&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://activities.marriott.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 20:02:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://activities.marriott.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.marriott.com/	1970-01-20 15:02:38	Name: _ga_KS7BH8MC85 Value: GS1.1.1661198517.1.0.1661198517.60.0.0
.marriott.com/	1970-01-20 15:02:38	Name: _ga Value: GA1.2.2001116087.1661198518
.marriott.com/	1970-01-20 05:28:04	Name: _gid Value: GA1.2.245988910.1661198518
.marriott.com/	1970-01-20 05:26:38	Name: _gat_gtag_UA_77434830_33 Value: 1
.marriott.com/	1970-01-20 14:12:14	Name: ajs_anonymous_id Value: 0c3d4187-e521-4655-b685-86167241812c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activities.marriott.com
api.segment.io
cdn.segment.com
media-cdn.tripadvisor.com
o257508.ingest.sentry.io
region1.analytics.google.com
res-marriott.com
stats.g.doubleclick.net
widget.travelcurious.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.192.183
13.225.78.49
151.101.194.38
159.127.198.243
2001:4860:4802:34::36
2a00:1450:4001:812::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
34.120.195.249
34.245.131.185
35.166.121.236
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0591a572bd5d521d7329b3ddf2215351277bdb6ce9f9f6d39310484a96a4b2c1
0724f9b86707ae603911e0fe077a8c95708eb7daf903b7aeeac7308f7cc7ae8b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
166ec549b2d66e6ffbf2796b037f318c6ea3ae0f88976dd2edc1e18288bd3828
1c125ad4c4ad6f92ad43f4458102ea3ac83c17e0239ab1118b6a310fd5b92b07
2004f18034f0289def97f4aebd300d4a750e3319a5521ccb8d8139302af4ddba
23038fab2a2fcc3c7f1d09bfa80d10bc623eec7e3fde8af538fbbef5eacfa7c0
261eac35406103b157cca47ccd61f979e12c46da6017ce1f7a4c8306c607345f
2e1cd726b7561fdce288b2c05d1f7bf67c447ee349310139dc2153ec09b2df9e
380033ad7d869b35e783ec206d812cf6ef86abd343a230cc6746c7f29cecac07
42fa15ffe72f76f2b3797d5881a48b9e16a8a1411bbe8bdb84669b4f4742586e
42fae90bc5bcafeae46f8c5cfc28109b98e58697f9d43683415ccf90d2a14a70
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4883745e42385a857567b91a3f9719d29e72170644a52ecd683126343950c4ee
4d11472448828fc4ca24ecf5a2a3bf8f8864d1a6e4d6d36efef8f34bc7f4d2b0
54c73b979f6c648a2f081d34fdd3e54b55794a13bcabdec06d78643c1c88da76
55ed0af5931ea7cf068586ffd18cebefb5a7a82cb40d5de9b1c821194ed8dca5
55f20b4c1e80a7215baa637b53431572bd77dec166328d0c2772dc95117aa8c2
5b747d5cf654f1be7de50d4be5ec28be7620fd2ebba0d84b731490514e9689a5
751dd6e99160f4a8ace435b7f6f17109d95b61765bd1f6760591a79ddc4c60e2
82629870a0ae10bc5c7497c06c54ac687a2ae2dcba9c1d7167923734c07ed6ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af5306988d3f694c93b1d269d633b03b9aaae5be4f92dd4b0b82b6c71db709
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8761eca0a11ad258bc932d0e685266f1d14e77487d4d50f9906315362ceec5ac
9ae9c5303e7d8741d8dfa9b7e665dc4cddcd52287f64ce89baad50d1db4b38c4
9baf0aca1c12a5faf72eca4c734d29f9096b6e1dd7851e3cc7eaf6f4f0fea93f
9e9f97d504303a4d4a41a61c42ea766b1871d90bd4ca2f8b23e2bf1dd7d89b7b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5260ded1198aef5e30a3f8d1c9c28b70aeade6b6523776d6dd1f2131b6e5395
bca8cca32d065e300cc54105a31c0168548baf0844c0941eb486aa6a9d643166
c369f2215b69f4e78ae8f990264b31c486fdd50f4ee4be0841d1433bbb3da8f3
c8631d7c315dd76c9fd49c59b69fdfa792caba93a980492f7bdd80d2593845ae
cb09d70e1a930396978e18fa3471799ae3dcf16bea91ea2e418af8a3736a6628
d131032fee1c41ce31a4b8ebde9aac9b69005984d4882c0254c4de6202bdcdaa
d137f8e29131deffb0dcd3e079b019e94c82fdb6e8557efbf7346a1fe169c97e
d20555708a060c74b2f6190791845922eeb6bf2048615785a52c747c6ac1b2b5
d5c15dcd69f4bcb95cc846dabf0cb647a4cc67f14ad059877ffa16507e0e9896
dcc22cec00d1f77ff1b753f26f70f10786f9b39b1c185b47cfd651c9b7a75c3c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e279766d6adbaef8913ef2f675030f46e1556e3c50bd560e1e5a095d51c2e8a7
e3865c6a6037807d9dcdc9c15e1fb7b362879df7b2781085500084dc9dd83972
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f921ca124fd8ef9028c2cf29fa68fdd269e8a0e3cd3209c860f7b095604925aa
fdcca7b1821a0271467dd170a6e883b3d24264302d1c96e0847b50fac999ec26

activities.marriott.com Open in urlscan Pro 13.225.78.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

46 %IPv6

12 Domains

13 Subdomains

13 IPs

4 Countries

2311 kBTransfer

3270 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

activities.marriott.com Open in urlscan Pro
13.225.78.49 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

46 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

2311 kB
Transfer

3270 kB
Size

5
Cookies

49 HTTP transactions
2 data transactions