westinmauiamenities.247activities.com Open in urlscan Pro
54.165.176.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://westinmauiamenities.247activities.com/
Effective URL:
https://westinmauiamenities.247activities.com/
Submission: On October 09 via api (October 9th 2022, 1:12:57 pm UTC) from US — Scanned from US

Summary HTTP 169 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 51 IPs in 4 countries across 52 domains to perform 169 HTTP transactions. The main IP is 54.165.176.140, located in United States and belongs to AMAZON-AES, US. The main domain is westinmauiamenities.247activities.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 13th 2022. Valid for: a year.

This is the only time westinmauiamenities.247activities.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	54.165.176.140 54.165.176.140	14618 (AMAZON-AES) (AMAZON-AES)
19	2600:1400:d:5... 2600:1400:d:5a5::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1 16	52.27.120.158 52.27.120.158	16509 (AMAZON-02) (AMAZON-02)
1	35.165.158.151 35.165.158.151	16509 (AMAZON-02) (AMAZON-02)
1 1	35.168.204.104 35.168.204.104	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	23.205.57.251 23.205.57.251	16625 (AKAMAI-AS) (AKAMAI-AS)
2	63.140.38.165 63.140.38.165	14618 (AMAZON-AES) (AMAZON-AES)
6 8	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.217.89.100 52.217.89.100	16509 (AMAZON-02) (AMAZON-02)
3 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
7 9	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
6 7	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
2 5	2606:ae80:147... 2606:ae80:1471:16::730	26762 (CNVR-US-EAST) (CNVR-US-EAST)
6	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20ed:4c00:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
1	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
2 4	35.190.52.204 35.190.52.204	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:82d0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.138.113.246 108.138.113.246	16509 (AMAZON-02) (AMAZON-02)
2	2600:141b:900... 2600:141b:9000:39b::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	159.127.42.233 159.127.42.233	25751 (VALUECLICK) (VALUECLICK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2001:4998:1c:... 2001:4998:1c:800::1000	14779 (YAHOO) (YAHOO)
8	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2	18.207.40.242 18.207.40.242	14618 (AMAZON-AES) (AMAZON-AES)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	104.18.102.194 104.18.102.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	107.21.103.5 107.21.103.5	14618 (AMAZON-AES) (AMAZON-AES)
1 6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::38 2620:1ec:bdf::38	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
6 6	142.251.40.230 142.251.40.230	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
4	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	34.235.183.60 34.235.183.60	14618 (AMAZON-AES) (AMAZON-AES)
2	3.210.121.151 3.210.121.151	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	20.221.206.60 20.221.206.60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2606:ae80:147... 2606:ae80:1471:16::820	26762 (CNVR-US-EAST) (CNVR-US-EAST)
1 1	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	44.208.243.83 44.208.243.83	14618 (AMAZON-AES) (AMAZON-AES)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
7	104.77.220.247 104.77.220.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:1f16:b8a... 2600:1f16:b8a:8e00:5c25:93ca:2bd7:fec6	16509 (AMAZON-02) (AMAZON-02)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8 8	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	69.12.8.74 69.12.8.74	11742 (SPOTX-IAD) (SPOTX-IAD)
1 2	39.106.29.39 39.106.29.39	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
169	51

24 54.165.176.140 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-176-140.compute-1.amazonaws.com

westinmauiamenities.247activities.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:1400:d:5a5::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81d::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.27.120.158 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-120-158.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.165.158.151 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-158-151.us-west-2.compute.amazonaws.com

marriottinternationa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.204.104 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-204-104.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o436887.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.205.57.251 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-57-251.deploy.static.akamaitechnologies.com

cache.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.38.165 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-165.data.adobedc.net

smetrics.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.160.184 (Newark, United States) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.89.100 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ipoolside-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.72.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.33.220.150 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:ae80:1471:16::730 (United States) 2 redirects

ASN26762 (CNVR-US-EAST, US)

match.rundsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adobe-sync.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp-sync.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login-ds.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80b::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:4c00:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.52.204 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82d0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.113.246 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-113-246.jfk50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:9000:39b::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.127.42.233 (Los Angeles, United States)

ASN25751 (VALUECLICK, US)
PTR: iad03-usadmm.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:1c:800::1000 (United States)

ASN14779 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.207.40.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-40-242.compute-1.amazonaws.com

pxl.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.102.194 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 2 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.103.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-103-5.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::38 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.230 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.161.208 (Newark, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200e (Rockville, United States) 2 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200e (Rockville, United States)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.235.183.60 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-183-60.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.210.121.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-121-151.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.221.206.60 (Chicago, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:ae80:1471:16::820 (United States)

ASN26762 (CNVR-US-EAST, US)

match.sync.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.90.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.208.243.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-243-83.compute-1.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.77.220.247 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-220-247.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f16:b8a:8e00:5c25:93ca:2bd7:fec6 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.12.8.74 (Ashburn, United States) 1 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 39.106.29.39 (Beijing, China) 1 redirects

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

cm.ipinyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	247activities.com 1 redirects westinmauiamenities.247activities.com	3 MB
19	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 479	148 KB
17	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 293 marriottinternationa.demdex.net — Cisco Umbrella Rank: 36232	20 KB
15	doubleclick.net 13 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 304 ad.doubleclick.net — Cisco Umbrella Rank: 219	2 KB
12	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 334 secure.adnxs.com — Cisco Umbrella Rank: 707	11 KB
11	dotomi.com 2 redirects adobe-sync.dotomi.com — Cisco Umbrella Rank: 81335 login.dotomi.com — Cisco Umbrella Rank: 2750 match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3719 dp-sync.dotomi.com — Cisco Umbrella Rank: 8034 login-ds.dotomi.com — Cisco Umbrella Rank: 6815	6 KB
9	sojern.com static.sojern.com — Cisco Umbrella Rank: 24347 beacon.sojern.com — Cisco Umbrella Rank: 8396 pixel.sojern.com — Cisco Umbrella Rank: 10766	13 KB
9	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 463 js.adsrvr.org — Cisco Umbrella Rank: 2307 insight.adsrvr.org — Cisco Umbrella Rank: 922	11 KB
9	marriott.com cache.marriott.com — Cisco Umbrella Rank: 25124 smetrics.marriott.com — Cisco Umbrella Rank: 33263	261 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1620 sync-tm.everesttech.net — Cisco Umbrella Rank: 930	2 KB
7	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1035	5 KB
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 990	2 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	289 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 136 fcmatch.google.com — Cisco Umbrella Rank: 4175	1 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 c.clarity.ms — Cisco Umbrella Rank: 1219 l.clarity.ms — Cisco Umbrella Rank: 7025	26 KB
5	linkedin.com 5 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	4 KB
5	bing.com 2 redirects c.bing.com — Cisco Umbrella Rank: 426 bat.bing.com — Cisco Umbrella Rank: 665	13 KB
4	krxd.net 2 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1933 beacon.krxd.net — Cisco Umbrella Rank: 757	739 B
4	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1651 sp.analytics.yahoo.com — Cisco Umbrella Rank: 1787 ups.analytics.yahoo.com — Cisco Umbrella Rank: 432	2 KB
4	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 6848	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	40 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 708	511 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	290 B
3	tvpixel.com c.tvpixel.com — Cisco Umbrella Rank: 10673 p.tvpixel.com — Cisco Umbrella Rank: 3090	32 KB
3	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 596	526 B
3	amazonaws.com ipoolside-media.s3.amazonaws.com	795 KB
2	ipinyou.com 1 redirects cm.ipinyou.com — Cisco Umbrella Rank: 70728	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 835	902 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908	1 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 732	558 B
2	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493	2 KB
2	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 4238	758 B
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 486	758 B
2	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 926	465 B
2	jivox.com pxl.jivox.com — Cisco Umbrella Rank: 7637	454 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 650	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	112 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1008	21 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1038	18 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1476 s.tribalfusion.com — Cisco Umbrella Rank: 3850	939 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1513	449 B
1	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 2279	248 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 832	696 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 1813	120 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1482	611 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	rundsp.com match.rundsp.com — Cisco Umbrella Rank: 13089	41 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 1092	552 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 913	371 B
1	sentry.io o436887.ingest.sentry.io	291 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
169	52

	Domain	Requested by
24	westinmauiamenities.247activities.com	1 redirects westinmauiamenities.247activities.com
19	assets.adobedtm.com	westinmauiamenities.247activities.com assets.adobedtm.com
16	dpm.demdex.net	1 redirects assets.adobedtm.com westinmauiamenities.247activities.com
9	cm.g.doubleclick.net	7 redirects js.adsrvr.org
8	sync-tm.everesttech.net	8 redirects
8	ib.adnxs.com	6 redirects js.adsrvr.org
7	ct.pinterest.com	westinmauiamenities.247activities.com s.pinimg.com
7	cache.marriott.com	westinmauiamenities.247activities.com cache.marriott.com
6	pixel.sojern.com	static.sojern.com
6	ad.doubleclick.net	6 redirects
6	tr.snapchat.com	1 redirects westinmauiamenities.247activities.com sc-static.net
6	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
6	match.adsrvr.org	6 redirects
5	match.sync.ad.cpe.dotomi.com	login.dotomi.com
4	secure.adnxs.com	static.sojern.com
4	tag.yieldoptimizer.com	2 redirects
4	www.google-analytics.com	westinmauiamenities.247activities.com www.google-analytics.com www.googletagmanager.com
3	us-u.openx.net	2 redirects
3	www.facebook.com
3	adservice.google.com
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	assets.adobedtm.com bat.bing.com
3	idsync.rlcdn.com	3 redirects
3	ipoolside-media.s3.amazonaws.com	westinmauiamenities.247activities.com
2	cm.ipinyou.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.tapad.com	2 redirects
2	pixel.rubiconproject.com	1 redirects
2	c.clarity.ms	1 redirects
2	beacon.krxd.net	js.adsrvr.org login.dotomi.com
2	usermatch.krxd.net	2 redirects
2	sp.analytics.yahoo.com
2	fcmatch.youtube.com	static.sojern.com
2	fcmatch.google.com	2 redirects
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	p.tvpixel.com	westinmauiamenities.247activities.com
2	gum.criteo.com	2 redirects
2	p.adsymptotic.com	1 redirects
2	pxl.jivox.com
2	beacon.sojern.com	westinmauiamenities.247activities.com static.sojern.com
2	s.yimg.com	westinmauiamenities.247activities.com
2	connect.facebook.net	westinmauiamenities.247activities.com connect.facebook.net
2	login.dotomi.com	westinmauiamenities.247activities.com login.dotomi.com
2	s.pinimg.com	westinmauiamenities.247activities.com s.pinimg.com
2	sc-static.net	westinmauiamenities.247activities.com tr.snapchat.com
2	js.adsrvr.org	westinmauiamenities.247activities.com insight.adsrvr.org
2	adobe-sync.dotomi.com	2 redirects
2	c.bing.com	2 redirects
2	smetrics.marriott.com	assets.adobedtm.com
1	image2.pubmatic.com
1	l.clarity.ms	westinmauiamenities.247activities.com
1	ag.innovid.com	1 redirects
1	login-ds.dotomi.com	login.dotomi.com
1	bh.contextweb.com	1 redirects
1	e1.emxdgt.com	login.dotomi.com
1	dp-sync.dotomi.com	login.dotomi.com
1	ups.analytics.yahoo.com	1 redirects
1	odr.mookie1.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	cms.analytics.yahoo.com	1 redirects
1	insight.adsrvr.org	js.adsrvr.org
1	px4.ads.linkedin.com	1 redirects
1	www.linkedin.com	1 redirects
1	snap.licdn.com	westinmauiamenities.247activities.com
1	static.sojern.com	westinmauiamenities.247activities.com
1	c.tvpixel.com	westinmauiamenities.247activities.com
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	match.rundsp.com	westinmauiamenities.247activities.com
1	servedby.flashtalking.com	1 redirects
1	geolocation.onetrust.com	westinmauiamenities.247activities.com
1	o436887.ingest.sentry.io	westinmauiamenities.247activities.com
1	cm.everesttech.net	1 redirects
1	marriottinternationa.demdex.net	assets.adobedtm.com
1	fonts.googleapis.com	westinmauiamenities.247activities.com
169	76

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.marriott.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.247activities.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-06-13`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.ingest.sentry.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
www.marriott.com Entrust Certification Authority - L1K	`2022-09-01` - `2022-12-16`	3 months	crt.sh
smetrics.marriott.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-24` - `2023-04-24`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
match.rundsp.com GlobalSign RSA OV SSL CA 2018	`2022-04-19` - `2023-05-21`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.tvpixel.com Amazon	`2022-01-14` - `2023-02-12`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-10-26`	2 months	crt.sh
*.jivox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-13` - `2023-06-13`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://westinmauiamenities.247activities.com/
Frame ID: 5D03C233C21E243D252E5F62D3B72DF0
Requests: 114 HTTP requests in this frame

Frame: https://marriottinternationa.demdex.net/dest5.html?d_nsid=0
Frame ID: 4C0E4934FF0422C88B8BB18868D09918
Requests: 26 HTTP requests in this frame

Frame: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=HMMWI&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Frame ID: 3560FB921BCC77039DB7BEB3D3FA6A14
Requests: 8 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Frame ID: A579D7A2BA49E6C48F351028E1908C82
Requests: 11 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&upid=byw7ch4&upv=1.1.0
Frame ID: C8D469B7487BC51BE2405EA6529ED0BD
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=57382856-959d-4c7f-8641-8275ab566ede&u_sclid=779a6601-6813-4c7c-bea8-29a995a1f395
Frame ID: E760ED6EE0D371D63F2A20E9974B6E0E
Requests: 2 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
Frame ID: E592BA373F764500AE64948FEAE510C4
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/setuid?entity=82&code=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&gdpr=0&gdpr_consent=
Frame ID: A0588BA57AD3C801E5CAA2508E4C86BC
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgzNDcyOTQtNjUzYy00ZmM2LWJjMjMtYWUwN2NjZjBlNGFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
Frame ID: 7B84FF231BC33E347E0F6B4CC1A2DCC8
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1665184380310&pnid=140&pcid=84d4b4c3-9736-45ab-aaa1-ae3c8a8f95ba
Frame ID: 326B427C9CC07460D71847A96ACA13F9
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 84C74C078281113371FE20656902B925
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Westin Maui Resort & SpaBack ButtonFilter Button

Page URL History Show full URLs

http://westinmauiamenities.247activities.com/ HTTP 301
https://westinmauiamenities.247activities.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

169
Requests

74 %
HTTPS

32 %
IPv6

52
Domains

76
Subdomains

51
IPs

4
Countries

4772 kB
Transfer

14377 kB
Size

98
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/search/?api=1&query=The+Westin+Maui+Resort+%26+Spa%2C+Ka%27anapali
Title: 2365 Kaanapali Pkwy, Lahaina, Hawaii 96761, US

Search URL Search Domain Scan URL

URL: https://www.marriott.com/en-us/hotels/hnmwi-the-westin-maui-resort-and-spa-kaanapali/overview/
Title: Visit hotel website >

Search URL Search Domain Scan URL

URL: https://www.marriott.com/default.mi

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/terms-of-use.mi
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/ccpa/do-not-sell.mi
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/privacy.mi
Title: Privacy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://westinmauiamenities.247activities.com/ HTTP 301
https://westinmauiamenities.247activities.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cm.everesttech.net/cm/dd?d_uuid=86524227142965204711881721420039804859 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0LI0AAAAHo9QwOH

Request Chain 30

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5682941523316974673

Request Chain 41

https://idsync.rlcdn.com/365868.gif?partner_uid=86524227142965204711881721420039804859 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODY1MjQyMjcxNDI5NjUyMDQ3MTE4ODE3MjE0MjAwMzk4MDQ4NTkQABoNCNGRi5oGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=43e3527e99e451f4cac985bbea3792bf6ccb6b7cb0c644153f43150876b9909bb0da87c991749652

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODY1MjQyMjcxNDI5NjUyMDQ3MTE4ODE3MjE0MjAwMzk4MDQ4NTk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODY1MjQyMjcxNDI5NjUyMDQ3MTE4ODE3MjE0MjAwMzk4MDQ4NTk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNAym7Mm-Kryj7QVDlEXNY&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 46

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=westinmauiamenities.247activities.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=westinmauiamenities.247activities.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

Request Chain 48

https://c.bing.com/c.gif?uid=86524227142965204711881721420039804859&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3735FAA9C16C61AA223EE891C06B6010

Request Chain 53

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=53953B07428B56&gdpr=0&gdpr_consent=

Request Chain 55

https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=86524227142965204711881721420039804859&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D HTTP 302
https://adobe-sync.dotomi.com/match/bounce/current?DotomiTest=5e229788c56b162a&is_secure=true&networkId=85983&version=1&nuid=86524227142965204711881721420039804859&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=19360&dpuuid=86524227142965204711881721420039804859&expiration=1665407570&nuid=86524227142965204711881721420039804859&is_secure=true&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=

Request Chain 72

https://a.tribalfusion.com/i.match?p=b13&u=86524227142965204711881721420039804859&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=86524227142965204711881721420039804859&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 76

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://westinmauiamenities.247activities.com/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem= HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=863371267&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://westinmauiamenities.247activities.com/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=

Request Chain 81

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=344704585&t=i&p=2233

Request Chain 94

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1665321170444%26url%3Dhttps%253A%252F%252Fwestinmauiamenities.247activities.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLUxcMUvUxziAAAAYO84HjRSGJu08R8lSMr8QZJgcUWfO7GLIJ4vfWLf0gu98n3_b3hUMk HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0c0860ac-ae21-45d3-b007-85f7f39f8185 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0c0860ac-ae21-45d3-b007-85f7f39f8185&_expected_cookie=dd07c90ef051eef368501861da7ec879

Request Chain 95

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Kb9mhUuYU0v5PItJHVBC_TL_IdEgaaiV&gdpr=0&gdpr_consent=

Request Chain 106

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=86524227142965204711881721420039804859&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TYe78PhE2pH4nf3eNv3u8M7j.WuTSwlppd4-~A

Request Chain 109

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CLKLyOac0_oCFQ3-hwodYBUGrg;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CLKLyOac0_oCFQ3-hwodYBUGrg;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F

Request Chain 110

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CNqMyOac0_oCFcL6hwodo98FWw;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CNqMyOac0_oCFcL6hwodo98FWw;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F

Request Chain 112

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CMKMyOac0_oCFU7yhwodfugNiQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CMKMyOac0_oCFU7yhwodfugNiQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=26ccF3oqM_1EmFyIb8LleA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p&sjrn_ula=673976618 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p&sjrn_ula=673976618&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_hm=26ccF3oqM_1EmFyIb8LleA&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoqWBiOEq-q7GzXpZAqF-zoEY3-6mXq4SG-D-PFPdCG_FDAZRfzPYOcwOUDpwee13e3HsVZ8nJdWg2hdObCMbRXy2qf4c6SEzk1JvWFWl6eDPzf_kc4 HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqWBiOEq-q7GzXpZAqF-zoEY3-6mXq4SG-D-PFPdCG_FDAZRfzPYOcwOUDpwee13e3HsVZ8nJdWg2hdObCMbRXy2qf4c6SEzk1JvWFWl6eDPzf_kc4

Request Chain 117

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p HTTP 302
https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p

Request Chain 118

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p

Request Chain 121

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=BpsLFW3fRbQDl2ykQIPeHg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30&sjrn_ula=824794939 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30&sjrn_ula=824794939&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_hm=BpsLFW3fRbQDl2ykQIPeHg&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoq--4wPowNcQhie88tnFHFzmrAEGxX-IL98h8fUSBkjwElwT1dcJCY9L1BKcT-uwG7E8ve_4_xQFZ--zAbLkFBA-ePEPhSWd9yUxJkmyRNddc2fhPY HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq--4wPowNcQhie88tnFHFzmrAEGxX-IL98h8fUSBkjwElwT1dcJCY9L1BKcT-uwG7E8ve_4_xQFZ--zAbLkFBA-ePEPhSWd9yUxJkmyRNddc2fhPY

Request Chain 123

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30 HTTP 302
https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30

Request Chain 124

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30

Request Chain 127

https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=86524227142965204711881721420039804859&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10602177212788806488

Request Chain 129

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

Request Chain 130

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5682941523316974673&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae HTTP 302
https://ib.adnxs.com/setuid?entity=82&code=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&gdpr=0&gdpr_consent=

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDgzNDcyOTQtNjUzYy00ZmM2LWJjMjMtYWUwN2NjZjBlNGFl&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&google_gid=CAESEEAYSDD6gFf4Tqhb-Cd1RBU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgzNDcyOTQtNjUzYy00ZmM2LWJjMjMtYWUwN2NjZjBlNGFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

Request Chain 134

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7541244D3DA442AE8CFBAD75EA90A5C4&RedC=c.clarity.ms&MXFR=2F89D7077B3562221C2CC53F7F356CDC HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7541244D3DA442AE8CFBAD75EA90A5C4&MUID=3735FAA9C16C61AA223EE891C06B6010

Request Chain 136

https://ib.adnxs.com/getuid?https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D6%26userid%3D%24UID&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=6&userid=5682941523316974673&gdpr_consent=

Request Chain 137

https://ups.analytics.yahoo.com/ups/58272/sync?redir=true&https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D12%26userid%3D%24UID&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=12&userid=y-VzKtDR5E2ul9QHbT0ObCExICA.m4hw--~A

Request Chain 138

https://idsync.rlcdn.com/449046.gif?partner_uid=AQEJo4S4oFL7EAEtzFs_AQEL_wE&gdpr_consent= HTTP 307
https://dp-sync.dotomi.com/match/pixel/current?networkId=26832&version=1&nuid=ff74651c1a316b66e0a2d18b13f79ecc01dad5837211f3a02af508eccfcdb3eececafa215448e457

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon&gdpr=false&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=L91D87FQ-1U-B236

Request Chain 141

https://us-u.openx.net/w/1.0/cm?id=f9869243-40dc-4b34-9e8b-8d6529649f0f&ph=bec2690e-a73d-4d95-9901-75ad2a8d91b8&r=https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D7%26userid%3D{OPENX_ID}&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=f9869243-40dc-4b34-9e8b-8d6529649f0f&ph=bec2690e-a73d-4d95-9901-75ad2a8d91b8&r=https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D7%26userid%3D{OPENX_ID}&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=7&userid=a760a793-580e-0b5a-1a3a-7c2c5e8c25a2

Request Chain 142

https://bh.contextweb.com/bh/rtset?pid=561998&ev=1&rurl=https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&userid=%%VGUID%%&gdpr_consent= HTTP 302
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&ev=1&pid=561998&gdpr_consent=&userid=EY6cQLZa6gWl

Request Chain 150

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=ecabc518-5feb-4af6-9115-439581db4ddb

Request Chain 151

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1665321170953&u_scsid=813f88d6-134c-4de8-bbbb-f5bf95632bf4&u_sclid=f58f975c-e03b-434e-a6d3-a42228085039 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665184380310%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665184380310%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1665184380310&pnid=140&pcid=84d4b4c3-9736-45ab-aaa1-ae3c8a8f95ba

Request Chain 154

https://usermatch.krxd.net/um/v2?partner=adobe&id=86524227142965204711881721420039804859 HTTP 302
https://dpm.demdex.net/ibs:dpid=66757?id=86524227142965204711881721420039804859&dpuuid=PIK3NK2g

Request Chain 158

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTBMSTBBQUFBSG85UXdPSA==

Request Chain 159

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y0LI0AAAAHo9QwOH&expires=90

Request Chain 160

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0LI0AAAAHo9QwOH HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0LI0AAAAHo9QwOH&C=1

Request Chain 161

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y0LI0AAAAHo9QwOH

Request Chain 162

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0LI0AAAAHo9QwOH

Request Chain 163

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0LI0AAAAHo9QwOH

Request Chain 164

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y0LI0AAAAHo9QwOH&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y0LI0AAAAHo9QwOH&img=1&__user_check__=1&sync_id=1486f1f5-47d4-11ed-beb4-12d4f2240203

Request Chain 165

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y0LI0AAAAHo9QwOH&t=2592000&o=0

Request Chain 166

https://cm.ipinyou.com/xcmr/aam/r.gif HTTP 302
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=MA9LCpBqymw&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D HTTP 302
https://cm.ipinyou.com/xcms/aam/s.gif?tid=86524227142965204711881721420039804859

169 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
westinmauiamenities.247activities.com/
Redirect Chain

http://westinmauiamenities.247activities.com/
https://westinmauiamenities.247activities.com/

3 KB
2 KB

114ms
48ms

Document
text/html

54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

6d891b8d7a5d3aa459be57623da6203de5eafed2c55894a1ff9db3433cea80fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 09 Oct 2022 13:12:46 GMT
expires: Sun, 09 Oct 2022 12:52:46 GMT
pragma: no-cache
server: nginx/1.20.2
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
x-version: 1663843260
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Sun, 09 Oct 2022 13:12:46 GMT
Location: https://westinmauiamenities.247activities.com:443/
Server: awselb/2.0

GET
H2 200 vendor.css
westinmauiamenities.247activities.com/css/ 352 KB
96 KB 68ms
65ms Stylesheet
text/css 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

4b2745f0acdedc93d4cae2cc31730bac42cd3d655f0392cf6b22e2090ed5e685

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 10:47:00 GMT
server: nginx/1.20.2
etag: W/"632c3d24-57f0a"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 theming.css
westinmauiamenities.247activities.com/css/ 390 KB
92 KB 99ms
96ms Stylesheet
text/css 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/css/theming.css?v=1663843260

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

212e15059f12774146ba8a03f4151311984f1141e2758c36703ae60b188496d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 10:47:00 GMT
server: nginx/1.20.2
etag: W/"632c3d24-616a3"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 theme.css
westinmauiamenities.247activities.com/api/css/ 2 KB
824 B 138ms
136ms Stylesheet
text/css 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/css/theme.css

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

e4d0009981a17c2e5c3b38b3e1940e4874d300065daef0091d50212388764bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/css
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:46 GMT

GET
H2 200 marriott-general.css
westinmauiamenities.247activities.com/css/custom/ 7 KB
2 KB 137ms
134ms Stylesheet
text/css 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/css/custom/marriott-general.css?v=1663843260

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

c8694472e09c12a35cdaa905045b6893aede9b4b6f0e0be540b3c200499aefad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 10:47:00 GMT
server: nginx/1.20.2
etag: W/"632c3d24-1c43"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 vendor.js Show response
westinmauiamenities.247activities.com/js/ 2 MB
877 KB 138ms
136ms Script
application/javascript 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/js/vendor.js?v=1663843260

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

52cbe09b89bce5bb839f80f75cb2fd22047639da1dca6165f32e97d9c53430b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 09:15:33 GMT
server: nginx/1.20.2
etag: W/"632ad635-279dee"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 launch-EN3963523be4674e5591a9c4d516697352.min.js Show response
assets.adobedtm.com/ 437 KB
113 KB 143ms
30ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d181da61a2436ade40ec7ebdbfa145a9f22e0b75314529209c18b7024a66f19d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:40 GMT
server: AkamaiNetStorage
etag: "32636ea1ad6669a3df7ca606bb75625c:1663611940.74911"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 114702
expires: Sun, 09 Oct 2022 14:12:46 GMT

GET
H2 200 main.js Show response
westinmauiamenities.247activities.com/js/ 6 MB
1 MB 138ms
137ms Script
application/javascript 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

b3b2bd58dae74a73176233e091c18cd2e1c30868a41a82005763d2fd38be2755

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 10:47:00 GMT
server: nginx/1.20.2
etag: W/"632c3d24-65c1a6"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 hotel_info.css
westinmauiamenities.247activities.com/css/custom/ 22 KB
6 KB 123ms
120ms Stylesheet
text/css 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/css/custom/hotel_info.css

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/css/custom/marriott-general.css?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

942b411921e6de433c0bb708ea74f35aaf8b49a69afd8bca38f2c23cf3bd1e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/css/custom/marriott-general.css?v=1663843260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 10:47:00 GMT
server: nginx/1.20.2
etag: W/"632c3d24-56b5"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 312ms
43ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Oct 2022 13:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 13:12:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Oct 2022 13:12:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 97ms
26ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Oct 2022 12:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2268
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 09 Oct 2022 14:34:58 GMT

GET
H2 200 3cd4c80ccba0a4fb3e5d.png
westinmauiamenities.247activities.com/css/assets/ 22 KB
22 KB 111ms
110ms Image
image/png 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://westinmauiamenities.247activities.com/css/assets/3cd4c80ccba0a4fb3e5d.png

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

e392b7a34034b4389cb95c6a572e85e577e633b92e737ffb03cd03880bb3c97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:04:50 GMT
server: nginx/1.20.2
etag: "6215eaa2-5848"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 22600
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
221 B 41ms
40ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=82620299&t=pageview&_s=1&dl=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&ul=en-us&de=UTF-8&dt=The%20Westin%20Maui%20Resort%20%26%20Spa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1072564511&gjid=1565859788&cid=1903970533.1665321167&tid=UA-162569320-1&_gid=807448897.1665321167&_r=1&_slc=1&z=25128315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://westinmauiamenities.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 379ms
82ms XHR
application/json 52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1665321167938

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

f9eca3ca679eb95b1d2adc683e51589e7052aa8add6689abaf4c3aa3cca7e301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://westinmauiamenities.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v040-00ad7856a.edge-usw2.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: rNb4AMxIS98=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://westinmauiamenities.247activities.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1723
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 34 KB
13 KB 31ms
31ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 09 Oct 2022 13:12:47 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: Apache
etag: "72404253c27255247028f0ba11022cf8:1559603012"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12916
expires: Sun, 09 Oct 2022 14:12:47 GMT

GET
H/1.1 200
OK dest5.html Show response
marriottinternationa.demdex.net/ Frame 4C0E 7 KB
3 KB 434ms
77ms Document
text/html 35.165.158.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marriottinternationa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.165.158.151 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-165-158-151.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://westinmauiamenities.247activities.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-1-v040-00f54d090.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: VCOnpxiWSOw=
content-encoding: gzip
date: Sun, 9 Oct 2022 13:12:48 GMT
last-modified: Thu, 29 Sep 2022 16:19:10 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y0LI0AAAAHo9QwOH
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=86524227142965204711881721420039804859
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0LI0AAAAHo9QwOH

42 B
942 B

81ms
80ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0LI0AAAAHo9QwOH

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v040-0b9b74fe1.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: O1qm7vM4RHE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y0LI0AAAAHo9QwOH
Date: Sun, 09 Oct 2022 13:12:48 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 RC78d2ab32ef0d4ee6a18f0b50fcc75be4-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 573 B
613 B 28ms
27ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC78d2ab32ef0d4ee6a18f0b50fcc75be4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f273ee61a3dbd9e361ad35ceaf1bf8d8ae4f45e6759d39154c2cee616860b85f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 334
expires: Sun, 09 Oct 2022 14:12:48 GMT

GET
H2 200 RCa5ed73b2eef54820a2200065c47aced4-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 2 KB
1 KB 29ms
29ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RCa5ed73b2eef54820a2200065c47aced4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ab3791b5b70aa292c0543a1e5474a8d8c60e821369b656acf2e5e929758242c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 779
expires: Sun, 09 Oct 2022 14:12:48 GMT

POST
H2 200 / Show response
o436887.ingest.sentry.io/api/5398649/envelope/ 2 B
291 B 307ms
54ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o436887.ingest.sentry.io/api/5398649/envelope/?sentry_key=6ececa1dc2674f34a9478fb7271f037f&sentry_version=7

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://westinmauiamenities.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 09 Oct 2022 13:12:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://westinmauiamenities.247activities.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 translations Show response
westinmauiamenities.247activities.com/api/translations/ 314 KB
93 KB 53ms
52ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/translations/translations?language=en&return_as=dict

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

2eeac8097b182cc4f0acc02306ce33cfae488986f4943c283b9105c09045c98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Cookie, Accept-Language
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:48 GMT

GET
H2 200 7bc9ce404c297c24f210.otf
westinmauiamenities.247activities.com/css/assets/ 61 KB
62 KB 34ms
33ms Font
application/octet-stream 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/css/assets/7bc9ce404c297c24f210.otf

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260
Origin: https://westinmauiamenities.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:04:50 GMT
server: nginx/1.20.2
etag: "6215eaa2-f5ac"
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
accept-ranges: bytes
content-length: 62892
x-xss-protection: 1; mode=block

GET
H2 200 6768c1976c2ad78da163.png
westinmauiamenities.247activities.com/css/assets/ 538 B
788 B 55ms
55ms Image
image/png 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://westinmauiamenities.247activities.com/css/assets/6768c1976c2ad78da163.png

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:04:50 GMT
server: nginx/1.20.2
etag: "6215eaa2-21a"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 538
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/ 20 KB
7 KB 287ms
38ms Script
application/x-javascript 23.205.57.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?6737998858712162
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.57.251 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-57-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:48 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:38:47 GMT
server: AkamaiNetStorage
etag: "67b989d4e95276950bf7da56f7c0598d:1654544327.296254"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1150312
accept-ranges: bytes
content-length: 6886
expires: Sat, 22 Oct 2022 20:44:40 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 25 KB
9 KB 28ms
28ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 09 Oct 2022 13:12:48 GMT
content-encoding: gzip
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: Apache
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8640
expires: Sun, 09 Oct 2022 14:12:48 GMT

GET
H2 200 sites-session Show response
westinmauiamenities.247activities.com/api/auth/ 34 KB
9 KB 164ms
164ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/auth/sites-session

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

5307f9b6cf9d538f8f7646f8c5df565d0e8f30d7f61743b51267592c744a5d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Cookie, Accept-Language
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:48 GMT

GET
H2 200 9c33516aab48c61e3081.woff2
westinmauiamenities.247activities.com/css/assets/ 525 KB
526 KB 35ms
35ms Font
font/woff2 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/css/assets/9c33516aab48c61e3081.woff2

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/css/vendor.css?v=1663843260
Origin: https://westinmauiamenities.247activities.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Wed, 23 Feb 2022 08:04:50 GMT
server: nginx/1.20.2
etag: "6215eaa2-8350c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 537868
x-xss-protection: 1; mode=block

GET
H2 200 login-session Show response
westinmauiamenities.247activities.com/api/auth/ 82 B
556 B 42ms
42ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/auth/login-session

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

d28b8acbb3250e118fbdb30c8a722f32b033e27bfd75ae5126c4fbc08f6ddab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:48 GMT

GET
H2 200 s65977670635779 Show response
smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LCUM/ 5 KB
6 KB 209ms
112ms Script
application/x-javascript 63.140.38.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LCUM/s65977670635779?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=9%2F9%2F2022%2013%3A12%3A48%200%200&d.&nsid=0&jsonv=1&.d&mid=86798529885703376621908307411853384146&aamlh=9&ce=UTF-8&pageName=westinmauiamenities.247activities.com%2F&g=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=Real%20Time%20Reservation&c8=D%3Dv15&v15=Weekend%20%3A%20Sunday%20%3A%209%3A00AM&c26=Launch&v41=Real%20Time%20Reservation&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=westinmauiamenities.247activities.com%2F&v237=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.165 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-165.data.adobedc.net

Software

jag /

Resource Hash

a6ec4c6fcc7d936c0476c591eb2e6361a98f033c0c94335fbdd69f6786e4f90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-aam-tid: 7cunasQ2SVc=
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5410
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v040-01d3be116.edge-usw2.demdex.com 11 ms
pragma: no-cache
last-modified: Mon, 10 Oct 2022 13:12:49 GMT
server: jag
etag: 3576249979475591168-4619407781445061483
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 08 Oct 2022 13:12:49 GMT

GET
H2 200 b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/ 4 KB
5 KB 123ms
38ms XHR
application/json 23.205.57.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.57.251 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-57-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7316c1dfbc9f061b2280befce5285d9576624d84376031f96583df11d82ea916

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
last-modified: Mon, 06 Jun 2022 19:54:53 GMT
server: AkamaiNetStorage
etag: "2f1c841426300bd3781a1752ab891f7c:1654545293.924385"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=97558
accept-ranges: bytes
content-length: 4006
expires: Mon, 10 Oct 2022 16:18:47 GMT

GET
H2 200 1 Show response
westinmauiamenities.247activities.com/api/hotel/get-hotel/ 21 KB
6 KB 57ms
57ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/hotel/get-hotel/1

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

e3adb38c391aafd3c864ecaf1cd70bb4bd986386f5deeeb92839099d1f969e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:49 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=5682941523316974673
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5682941523316974673

42 B
942 B

81ms
81ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=5682941523316974673

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-0cec2d532.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gyisN+KoQNM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:49 GMT
AN-X-Request-Uuid: adf21cba-b2ff-4026-84ab-b2129151536e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=5682941523316974673
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 disablefood.css
westinmauiamenities.247activities.com/css/ 881 B
662 B 32ms
31ms Stylesheet
text/css 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/css/disablefood.css?v=2_1

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/vendor.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

78791edc61c96a5ec8159e033473108958108c66296abe6a5b6896040dff9645

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:04:50 GMT
server: nginx/1.20.2
etag: W/"6215eaa2-371"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 1 Show response
westinmauiamenities.247activities.com/api/palapa/booking/get-booking-values/ 8 KB
2 KB 55ms
53ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/palapa/booking/get-booking-values/1

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

bfad27a34f6e564cfdfc6da5696cd73b60c6ec323fa55a6aa6dc740f43cea3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:49 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 157 B
371 B 90ms
48ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://westinmauiamenities.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 75775ebb4c35d15f-BUF
access-control-allow-headers: Content-Type

GET
H2 200 user-cart Show response
westinmauiamenities.247activities.com/api/cart/ 202 B
482 B 130ms
130ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/cart/user-cart

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

8054f4e3fe5af937cdc5d795f555dae2c1489ce993935b2c0da1ddb9bb8ce183

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:49 GMT

GET
H2 200 get-services Show response
westinmauiamenities.247activities.com/api/service/ 21 KB
4 KB 228ms
227ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/service/get-services?serviceparent_id=&active=1&include_service_type=true&for_home=true

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

7e86f242c78d7fc5f2f67690e5c61192f0f1390c0af6d395b78605843e8bd258

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:49 GMT

GET
H2 200 1 Show response
westinmauiamenities.247activities.com/api/hotel/get-hotel/ 21 KB
6 KB 259ms
259ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/hotel/get-hotel/1

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

e3adb38c391aafd3c864ecaf1cd70bb4bd986386f5deeeb92839099d1f969e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:49 GMT

GET
H/1.1 200
OK bonvoy-dark.jpg
ipoolside-media.s3.amazonaws.com/site/westinmauiamenities/images/dashboard_right_logo/ 75 KB
75 KB 370ms
110ms Image
image/jpeg 52.217.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/westinmauiamenities/images/dashboard_right_logo/bonvoy-dark.jpg
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.100 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 228b1d6634abc2d6314f0591e07c5cd246a7fc071e4c9a592a2bf0e11fe6cd27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 13:12:50 GMT
x-amz-version-id: GoK5jIAO7ReRwIkjAMStK0hijKH6gFVM
Last-Modified: Mon, 07 Mar 2022 10:09:44 GMT
Server: AmazonS3
x-amz-request-id: 3GXB8W04HXE00WDR
ETag: "f1eb4e69941bc7d8fca19b56707d3e49"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 76498
x-amz-id-2: ZFgJVvVK+Z+FQu/W3wZ69Op7Po9Zr8f7nkPzWCPf/KnFHDxyeLiqAA4ykAeX8gUtaDgWb8ho7+w=

GET
H2 200 reserve Show response
westinmauiamenities.247activities.com/api/palapa/booking/ 52 B
414 B 283ms
282ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/palapa/booking/reserve?booking_id=0&keep_price=1

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

4dbae8b3d2a71b182f3aab701a08fc3c5f2bf734f9e09605c650b1c6506e9097

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:49 GMT

GET
H2 200 get-services Show response
westinmauiamenities.247activities.com/api/service/ 21 KB
4 KB 361ms
360ms XHR
application/json 54.165.176.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://westinmauiamenities.247activities.com/api/service/get-services?serviceparent_id=&active=1&include_service_type=true&for_home=true

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.165.176.140 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-165-176-140.compute-1.amazonaws.com

Software

nginx/1.20.2 /

Resource Hash

7e86f242c78d7fc5f2f67690e5c61192f0f1390c0af6d395b78605843e8bd258

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://westinmauiamenities.247activities.com/
Language: en
accept-language: en-US,en;q=0.9
X-CSRFToken: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1663843260
content-encoding: gzip
server: nginx/1.20.2
vary: Accept-Language, Cookie
x-frame-options: SAMEORIGIN
content-type: application/json
content-language: en
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Sun, 09 Oct 2022 12:52:49 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 29ms
29ms Image
image/gif 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=82620299&t=pageview&_s=2&dl=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Westin%20Maui%20Resort%20%26%20Spa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=1903970533.1665321167&tid=UA-162569320-1&_gid=807448897.1665321167&cd1=&cd2=The%20Westin%20Maui%20Resort%20%26%20Spa&z=724501880

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Oct 2022 14:07:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83149
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=43e3527e99e451f4cac985bbea3792bf6ccb6b7cb0c644153f43150876b9909bb0da87c991749652
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=86524227142965204711881721420039804859
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODY1MjQyMjcxNDI5NjUyMDQ3MTE4ODE3MjE0MjAwMzk4MDQ4NTkQABoNCNGRi5oGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=43e3527e99e451f4cac985bbea3792bf6ccb6b7cb0c644153f43150876b9909bb0da87c991749652

42 B
942 B

148ms
90ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=43e3527e99e451f4cac985bbea3792bf6ccb6b7cb0c644153f43150876b9909bb0da87c991749652

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v040-0ce66e57d.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: P48SeOyMQ9A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 09 Oct 2022 13:12:49 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=43e3527e99e451f4cac985bbea3792bf6ccb6b7cb0c644153f43150876b9909bb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 otBannerSdk.js Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/ 319 KB
76 KB 46ms
45ms Script
application/x-javascript 23.205.57.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?6737998858712162
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.57.251 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-57-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:39:17 GMT
server: AkamaiNetStorage
etag: "aa2e3ff705d27b77a2480d446a15e46b:1654544357.83096"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1156764
accept-ranges: bytes
expires: Sat, 22 Oct 2022 22:32:13 GMT

GET
H2 200 s63604306225064 Show response
smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LCUM/ 5 KB
5 KB 112ms
112ms Script
application/x-javascript 63.140.38.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LCUM/s63604306225064?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=9%2F9%2F2022%2013%3A12%3A49%200%200&d.&nsid=0&jsonv=1&.d&mid=86798529885703376621908307411853384146&aamlh=9&ce=UTF-8&pageName=westinmauiamenities.247activities.com%2F&g=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cc=USD&events=event1%2CprodView&products=%3BHMMWI%3B%3B&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=Real%20Time%20Reservation&c8=D%3Dv15&v15=Weekend%20%3A%20Sunday%20%3A%209%3A00AM&c26=Launch&v41=Real%20Time%20Reservation&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=westinmauiamenities.247activities.com%2F&v237=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&lrt=250&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.165 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-165.data.adobedc.net

Software

jag /

Resource Hash

5b2d153020b5b31ab714812188fcf3962b8ac202ed1f872df098286e810066f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-aam-tid: hmQ4PkLFSs0=
date: Sun, 09 Oct 2022 13:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5410
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v040-0a033a9ce.edge-usw2.demdex.com 8 ms
pragma: no-cache
last-modified: Mon, 10 Oct 2022 13:12:49 GMT
server: jag
etag: 3576249979530510336-4619869044826606004
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 08 Oct 2022 13:12:49 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEPNAym7Mm-Kryj7QVDlEXNY&google_cver=1
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODY1MjQyMjcxNDI5NjUyMDQ3MTE4ODE3MjE0MjAwMzk4MDQ4NTk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODY1MjQyMjcxNDI5NjUyMDQ3MTE4ODE3MjE0MjAwMzk4MDQ4NTk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNAym7Mm-Kryj7QVDlEXNY&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

79ms
78ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNAym7Mm-Kryj7QVDlEXNY&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v040-0cae7a47c.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vI9/jSgqRmk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPNAym7Mm-Kryj7QVDlEXNY&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wi_logo_L.webp
ipoolside-media.s3.amazonaws.com/site/westinmauiamenities/images/dashboard_logo/ 8 KB
9 KB 174ms
76ms Image
application/octet-stream 52.217.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/westinmauiamenities/images/dashboard_logo/wi_logo_L.webp
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.100 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: cf40a665a18239919e09019a74dcb0802ab9ec89544886f0942b27cbad9c2fc2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 13:12:50 GMT
x-amz-version-id: 8lE84b_UdH6GIwgG14WO6GfuotpiSTZh
Last-Modified: Fri, 05 Aug 2022 09:28:10 GMT
Server: AmazonS3
x-amz-request-id: 3GX2DYSN1XG7Q4XN
ETag: "5bbc4362e3a972b5b09b324398620bb4"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 8486
x-amz-id-2: TwvSaVzyu+RwCjkje4/J0mg3WzRAcRK+yVQVrp8PtjdWYjWSblnDh4/89Kqm883sHjV9LzQu1Z0=

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=westinmauiamenities.247activities.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=westinmauiamenities.247activities.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

42 B
942 B

234ms
81ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-099f4ea95.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: E1ExTkbuRwU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H2 200 en.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/54b25d98-3111-4bb0-813b-8594b0ad9115/ 96 KB
98 KB 41ms
40ms Fetch
application/json 23.205.57.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/54b25d98-3111-4bb0-813b-8594b0ad9115/en.json
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.57.251 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-57-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 12e0eab796c480420715dc00652b0da2c29dde4d7dc38848f9ab8890bc2f41f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
last-modified: Mon, 06 Jun 2022 19:42:45 GMT
server: AkamaiNetStorage
etag: "16e725b96339308c9ce9c076e3667118:1654544565.050061"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=40589
accept-ranges: bytes
content-length: 98478
expires: Mon, 10 Oct 2022 00:29:18 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=3735FAA9C16C61AA223EE891C06B6010
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://c.bing.com/c.gif?uid=86524227142965204711881721420039804859&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3735FAA9C16C61AA223EE891C06B6010

42 B
942 B

147ms
80ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3735FAA9C16C61AA223EE891C06B6010

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-0716cbe9b.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zITxiEClSpg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FFC35FE33AF47DBA13A78A113B685EF Ref B: EWR311000107049 Ref C: 2022-10-09T13:12:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3735FAA9C16C61AA223EE891C06B6010
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK 191025_Westin-Maui_GW_Rooms-31.jpg
ipoolside-media.s3.amazonaws.com/site/westinmauiamenities/images/service_image/ 711 KB
711 KB 182ms
146ms Image
image/jpeg 52.217.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/westinmauiamenities/images/service_image/191025_Westin-Maui_GW_Rooms-31.jpg
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.89.100 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 510bddbc721cb5ece350098dd2f8d009190c95d2401a8120d6ed7f6ddc22f470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sun, 09 Oct 2022 13:12:50 GMT
x-amz-version-id: kp1AykH3r_XRraSxNqXW7sMOt1MS51KI
Last-Modified: Mon, 09 May 2022 21:00:23 GMT
Server: AmazonS3
x-amz-request-id: 3GX0QWG3717J1MTE
ETag: "78a471773cd68e99601e9742538e8796"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 727947
x-amz-id-2: bV5Y0HmoZAkMVkO3bQpGs0RdRkB7dRX64in+5JiJUWiI7r6fMGvraCy4SjtbBt/wak2Y0CY+FGg=

GET
H2 200 otFloatingRounded.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/ 10 KB
11 KB 41ms
41ms Fetch
application/json 23.205.57.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otFloatingRounded.json
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.57.251 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-57-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
etag: "becf963d0b2b5f4544a5ec243252794c:1654544379.603934"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=30074
accept-ranges: bytes
content-length: 9894
expires: Sun, 09 Oct 2022 21:34:03 GMT

GET
H2 200 otPcTab.json Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/ 47 KB
48 KB 48ms
48ms Fetch
application/json 23.205.57.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/otPcTab.json
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.57.251 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-57-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
last-modified: Mon, 06 Jun 2022 19:40:07 GMT
server: AkamaiNetStorage
etag: "398ef3d808c735374c8e1b4d3984d51a:1654544407.4634"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=39119
accept-ranges: bytes
content-length: 47745
expires: Mon, 10 Oct 2022 00:04:48 GMT

GET
H2 200 otCommonStyles.css Show response
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/ 20 KB
4 KB 57ms
56ms Fetch
text/css 23.205.57.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otCommonStyles.css
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.57.251 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-57-251.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
etag: "61ee8e79970dcae1685a883b098b34d0:1654544379.290447"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1152758
accept-ranges: bytes
content-length: 4130
expires: Sat, 22 Oct 2022 21:25:27 GMT

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=53953B07428B56&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=53953B07428B56&gdpr=0&gdpr_consent=

42 B
942 B

79ms
79ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=53953B07428B56&gdpr=0&gdpr_consent=

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v040-0b68cff01.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +7CR0e5RRFk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=53953B07428B56&gdpr=0&gdpr_consent=
Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:49 GMT
Cache-Control: no-cache, no-store
Server: prod-xre-app5.ash11
Connection: close
X-HW: 1665321169.dop003.tr2.t,1665321169.cds209.tr2.shn,1665321169.dop003.tr2.t,1665321169.cds203.tr2.sc,1665321169.cds203.tr2.p

GET
H2 204 match.gif
match.rundsp.com/ Frame 4C0E 0
41 B 405ms
98ms Image
text/plain 2606:ae80:1471:16::730
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.rundsp.com/match.gif?id=86524227142965204711881721420039804859&partner=adobe
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1471:16::730 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
server: nginx

GET
H/1.1

200
OK

ibs:dpid=19360&dpuuid=
dpm.demdex.net/ibs:dpid=19360&dpuuid=86524227142965204711881721420039804859&expiration=1665407570&nuid=86524227142965204711881721420039804859&is_secure=true&rurl=https://dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://adobe-sync.dotomi.com/match/bounce/current?networkId=85983&version=1&nuid=86524227142965204711881721420039804859&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D19360%26dpuuid%3D
https://adobe-sync.dotomi.com/match/bounce/current?DotomiTest=5e229788c56b162a&is_secure=true&networkId=85983&version=1&nuid=86524227142965204711881721420039804859&rurl=https%3A%2F%2Fdpm.demdex...
https://dpm.demdex.net/ibs:dpid=19360&dpuuid=86524227142965204711881721420039804859&expiration=1665407570&nuid=86524227142965204711881721420039804859&is_secure=true&rurl=https://dpm.demdex.net/...

42 B
960 B

78ms
77ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=19360&dpuuid=86524227142965204711881721420039804859&expiration=1665407570&nuid=86524227142965204711881721420039804859&is_secure=true&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-00902f153.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: JVOFVodhRBI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://dpm.demdex.net/ibs:dpid=19360&dpuuid=86524227142965204711881721420039804859&expiration=1665407570&nuid=86524227142965204711881721420039804859&is_secure=true&rurl=https://dpm.demdex.net/ibs:dpid=19360&dpuuid=
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 200 RC13a65ced67c44530b4e082ec22d40a56-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 1 KB
824 B 27ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC13a65ced67c44530b4e082ec22d40a56-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2eabf851019fcf849c0b83879c6b8d770755ac74de8fbbf349b0f1b58dade4f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 545
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 422 B
548 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c08a4395f1088ce86fb752496d452e29405179b8bac6e7e116f8ac0de4476b9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 270
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 130ms
44ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af4d505feac5899781b07fb95854d65699ce53df581af93a860c8fba3e7adfd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42336
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H2 200 RC9cb1ec8ecf2a461187113443b47b5896-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 1 KB
995 B 27ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dfad04924be2673b5c72bf4e58bafac42307750f9cf7f46e40cc2ceb7ab9d451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 716
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 2 KB
1006 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b901c4c3109cd2119efb9fdd686c71e2945233348fba0388aaa6d6f2f5a3c7c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 727
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RC7702a88f33944e368fcae3a8c042e3bd-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 2 KB
938 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC7702a88f33944e368fcae3a8c042e3bd-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3cb766471eaa9fc03df87f52dd1aba801a8f588d82368e755db5aff211fe2342

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 659
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RCc37891c0d65e4f2581d609fc16498257-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 548 B
576 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RCc37891c0d65e4f2581d609fc16498257-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c0c8df384cd69c7f8b0b8d0cb712bb04b8d39adb74be54829c9dab778b7aa8b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 297
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RC5144740cc710431e95a7dd7c05b8b386-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 1 KB
957 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC5144740cc710431e95a7dd7c05b8b386-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 65a7e1aa4e343509d6d8d5a3747d45e455a5fb2859822046b5a4b294459fbdff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 678
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RC1b12bbad598c4c1380765438bb0467a9-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 718 B
733 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC1b12bbad598c4c1380765438bb0467a9-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e57df631ad9ba2b6928e6f483ce0476be634a3be584f095e64b14b434347f882

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 454
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RCb70d7bef713543b09b57afbc6f9e056a-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 3 KB
1 KB 30ms
29ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RCb70d7bef713543b09b57afbc6f9e056a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3a7a751bea24d12772dab7d67636353fe49e9162e9d3d58f8b064e974f52d7a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1097
expires: Sun, 09 Oct 2022 14:12:49 GMT

GET
H2 200 RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 2 KB
1 KB 40ms
30ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 61c62822be9730a70b551835b5f252459e3152eaa90fa1799ca7eb3dc2343264

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 904
expires: Sun, 09 Oct 2022 14:12:50 GMT

GET
H2 200 RC42aaf0650d8a42b4b0133f310ac14872-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 2 KB
893 B 26ms
26ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC42aaf0650d8a42b4b0133f310ac14872-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 93786ec2d7a220d718210a8e750ae34fb9d6bf8da97ea3c7519e5a51e5f9be77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 614
expires: Sun, 09 Oct 2022 14:12:50 GMT

GET
H2 200 RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 776 B
775 B 28ms
27ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3b1b0861d4e1a3adf3f4aa76aed0e24c1ce7d42e8f74a81c977eb334b9b9959f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 496
expires: Sun, 09 Oct 2022 14:12:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 57ms
46ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 09 Oct 2022 13:12:49 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6762D3123A96403A877D7DF678D8B63C Ref B: EWR311000107049 Ref C: 2022-10-09T13:12:50Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 648 B
688 B 29ms
28ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 93aaeacf0c1506c929f5b9faaf53706d5c581246c6dc5e29a5bebba2ade3729f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 409
expires: Sun, 09 Oct 2022 14:12:50 GMT

GET
H2 200 RCb6c3578477864b5583591694fb0c7548-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/ 4 KB
1 KB 35ms
35ms Script
application/x-javascript 2600:1400:d:5a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/697d0c070f1e/d405339bb010/44e5ea9c9003/RCb6c3578477864b5583591694fb0c7548-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:5a5::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4681e73fb1acb65f9ebdd5132b08e8d66cd4d9b94368390fb6e037d9b0d198a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:25:41 GMT
server: AkamaiNetStorage
etag: "c2b2e81d1afb077ef2228ea85d585a85:1663611941.548935"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1130
expires: Sun, 09 Oct 2022 14:12:50 GMT

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=86524227142965204711881721420039804859&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=86524227142965204711881721420039804859&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

84ms
83ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-09e9232a3.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: +JDASZn4QEc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 462
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75775ec2fe30d15f-BUF
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 141ms
41ms Script
application/javascript 2600:9000:20ed:4c00:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ed:4c00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
via: 1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
date: Sat, 08 Oct 2022 17:46:54 GMT
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 69957
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: d52XeSPADfUxlandnTYueKk7vwoIypLBbPKh6QvZoO_nEzb6gB-UOw==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 119ms
28ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sat, 08 Oct 2022 16:04:45 GMT
Via: 1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 76086
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: jbbhtCUn3YSO3f0jD8Z7Lv5n0M5-MHNTKo4ft6ZqzNoxZvbETUuNLw==

GET
H2 200 mhotels.html Show response
static.sojern.com/marriott/ Frame 3560 9 KB
9 KB 126ms
28ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=HMMWI&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 36ace21bc8477c7c421e6f69f575c1dbd38ad015f9a55e7e3646b5e4d3007fee

Request headers

Referer: https://westinmauiamenities.247activities.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 9076
content-type: text/html
date: Sun, 09 Oct 2022 13:02:57 GMT
etag: "f3ec22f4b4c6c94a8fd54b333337b94c"
expires: Sun, 09 Oct 2022 14:02:57 GMT
last-modified: Thu, 04 Aug 2022 13:43:35 GMT
server: UploadServer
x-goog-generation: 1659620615206818
x-goog-hash: crc32c=X1IjNQ== md5=8+wi9LTGyUqP1UszMze5TA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9076
x-guploader-uploadid: ADPycdsfCZq7rQTO6704_Ophb-NNqUU29umFVNT7dMKpNWfTZRa7DPvRZ4A78OASfs0M5e9yQHyVbAexNqcEIzwtk-C9Ng

GET
H3

200

ps
tag.yieldoptimizer.com/ps/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=...
https://tag.yieldoptimizer.com/ps/ps?tc=863371267&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&s...

539 B
539 B

102ms
46ms

Image
text/javascript

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=863371267&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://westinmauiamenities.247activities.com/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=
Protocol: H3
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 539
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=863371267&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://westinmauiamenities.247activities.com/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 99ms
27ms Script
application/x-javascript 2600:141b:13::17d7:82d0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82d0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=56663
accept-ranges: bytes
content-length: 3063

GET
H2 200 scevent.min.js Show response
sc-static.net/ 25 KB
9 KB 138ms
50ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
via: 1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: zOC5tDvcHRnJqSYXCEsIKTUCFgf0Ue93oP19toNqCjPYva6XZzOEJg==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 251ms
149ms Script
application/javascript 2600:141b:9000:39b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:39b::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "ef33a337cb7aa4b4f9c294765d2176c0"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 UCMController Show response
login.dotomi.com/ucm/ Frame A579 7 KB
3 KB 404ms
62ms Document
text/html 159.127.42.233
VALUECLICK

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.127.42.233 Los Angeles, United States, ASN25751 (VALUECLICK, US),
Reverse DNS: iad03-usadmm.dotomi.com
Software: nginx /
Resource Hash: 7642813721015df7c82c491de0a92bbcab5cbad5aa629b965487ce14d0d542e9

Request headers

Referer: https://westinmauiamenities.247activities.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, private, max-age=0, no-store
content-encoding: gzip
content-length: 2396
content-type: text/html
date: Sun, 09 Oct 2022 13:12:50 GMT
expires: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H3

200

ps
tag.yieldoptimizer.com/ps/ Frame 4C0E
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://tag.yieldoptimizer.com/ps/ps?tc=344704585&t=i&p=2233

43 B
65 B

105ms
47ms

Image
image/gif

35.190.52.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?tc=344704585&t=i&p=2233
Protocol: H3
Server: 35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.52.190.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type: image/gif
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://tag.yieldoptimizer.com/ps/ps?tc=344704585&t=i&p=2233
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 104ms
26ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Oct 2022 13:12:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: v12CaaLAgRLNMunEtMTdGH75KY2oxJxY7qLRIDTActVvV0YLEXXSePvnIur8LiCheQejSF5pm4a5xtOMUSc03w==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 109ms
29ms Script
application/javascript 2001:4998:1c:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:800::1000 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:27 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: 09CM8WT5WBJMTSQB
age: 24
x-amz-server-side-encryption: AES256
x-amz-id-2: 1Yau9LzTSzz8kb/NWxOjjy4D8BM/77n9dIeDqvB8UqiDmVmXuO0FOaD4Z39AlPF44bCfeUvmPoE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 140436 Show response
beacon.sojern.com/pixel/p/ 4 KB
1 KB 191ms
47ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cid=
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 636f3309456cd6b374a95f2f382c9a2a491b5b00c10dc95e2b2598c27e04a05e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 829

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 109ms
42ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-1359549&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4570b4cd17ccc97e55dcf95508b819f00118c5d1c3dcfaa0ce3fffbc569954b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42577
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 150ms
84ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab310cd74f0680f3e9fde909249882b22db8eb55cf4d68562948733a05dca663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46804
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 106ms
41ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ca0aa40ea2c6f88d0dd4a87d9ba1720dd48ddf9deb829fc88a8506632255634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61468
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 134ms
69ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9035495&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55b3120c28b94d852e40062bd08ad5ace2d5612bd2f9c2595db725c8e17bc346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42580
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 155 KB
58 KB 145ms
81ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-366134444&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8e62474b6248efaaeebf5f8edce8384f91c9b08ca028addd69245c09b24389e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59172
x-xss-protection: 0
last-modified: Sun, 09 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
26ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Oct 2022 12:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2272
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 09 Oct 2022 14:34:58 GMT

GET
H2 200 pxrc.php
pxl.jivox.com/tags/re/ 43 B
454 B 126ms
37ms Image
image/gif 18.207.40.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=HMMWI&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=westinmauiamenities.247activities.com/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.40.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-40-242.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
server: Jetty(9.4.39.v20210325)
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
access-control-allow-origin: *
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 5140893.js Show response
bat.bing.com/p/action/ 1 KB
843 B 48ms
42ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5140893.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a545df6f0240b78c951b8451c6b9b1f6e6213861fea83f537aec34872c2e9014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 09 Oct 2022 13:12:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5EB4104907E542808829842FC3419090 Ref B: EWR311000107049 Ref C: 2022-10-09T13:12:50Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 204 0
bat.bing.com/action/ 0
164 B 41ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5140893&tm=al001&Ver=2&mid=3d497ed5-4cb6-479b-8e09-863366c3355a&sid=13809af047d411ed82c49b140371cf79&vid=1380dc5047d411edb97565381e2d3d78&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Westin%20Maui%20Resort%20%26%20Spa&p=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&r=&lt=4086&pt=1665321166063,,,,,111,112,112,112,177,142,177,225,228,233,2483,2483,2529,3873,3873,4086&pn=0,0&evt=pageLoad&sv=1&rn=662124

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 09 Oct 2022 13:12:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 92F8F7632C154CC1B19298FEF1E873DE Ref B: EWR311000107049 Ref C: 2022-10-09T13:12:50Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1665321170444%26url%3Dhttps%253A%252F%252Fwestinmauiamenities.247...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1665321170444&url=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQLUxcMUvUxziAAAAYO84HjR...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0c0860ac-ae21-45d3-b007-85f7f39f8185
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0c0860ac-ae21-45d3-b007-85f7f39f8185&_expected_cookie=dd07c90ef051eef368501861...

43 B
141 B

49ms
49ms

Image
image/gif

104.18.102.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0c0860ac-ae21-45d3-b007-85f7f39f8185&_expected_cookie=dd07c90ef051eef368501861da7ec879
Protocol: H2
Server: 104.18.102.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Sun, 09 Oct 2022 13:12:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75775eca2b4ac42c-EWR
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=0c0860ac-ae21-45d3-b007-85f7f39f8185&_expected_cookie=dd07c90ef051eef368501861da7ec879
date: Sun, 09 Oct 2022 13:12:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75775ec9cabec42c-EWR
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=Kb9mhUuYU0v5PItJHVBC_TL_IdEgaaiV&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Kb9mhUuYU0v5PItJHVBC_TL_IdEgaaiV&gdpr=0&gdpr_consent=

42 B
942 B

79ms
79ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Kb9mhUuYU0v5PItJHVBC_TL_IdEgaaiV&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-033521a91.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: T6fgmRWRRfE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=Kb9mhUuYU0v5PItJHVBC_TL_IdEgaaiV&gdpr=0&gdpr_consent=
date: Sun, 09 Oct 2022 13:12:50 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1882990
content-length: 0

GET
H2 200 213 Show response
beacon.sojern.com/pixel/cp/ Frame 3560 3 KB
845 B 72ms
51ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/213?f_v=cp_v3_js&p_v=4&cid=MGP_201904%7Cundefined%7Chttps%3A%2F%2Fwestinmauiamenities.247activities.com%2F&p=undefined&hprid=HMMWI&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&hpid=HMMWI&pt=TRACKING&
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=HMMWI&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 8eca53b8fa4c9fafad07b128b170caf7d8c11128b6e4456eb57d8ac5c7a70232

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 688

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame C8D4 891 B
1 KB 47ms
40ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&upid=byw7ch4&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 66ba88875ee6ef3cc340c4675842e2b6efc1e5cd8333ab4d55cad3ac4a18d3fd

Request headers

Referer: https://westinmauiamenities.247activities.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sun, 09 Oct 2022 13:12:50 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
342 B 107ms
32ms XHR
text/plain 107.21.103.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.103.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-103-5.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://westinmauiamenities.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://westinmauiamenities.247activities.com
date: Sun, 09 Oct 2022 13:12:50 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 108ms
32ms Preflight 107.21.103.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.103.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-103-5.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://westinmauiamenities.247activities.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://westinmauiamenities.247activities.com
access-control-max-age: 5
content-length: 0
date: Sun, 09 Oct 2022 13:12:50 GMT
server: nginx

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
195 B 209ms
63ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

80797ded2a86cb84cbe55029f07e27d1a30adeed69f30f63ae7a86733e076031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://westinmauiamenities.247activities.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 77 B
502 B 207ms
62ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&tld=com

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2a374138346c7998a3f8ceefd69db0a635a5a4fbbf612075e7992cfc06a4208e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://westinmauiamenities.247activities.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 5140893 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 134ms
40ms Script
application/x-javascript 2620:1ec:bdf::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5140893
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5140893.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::38 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0b567c9ed4ca62f697229d85d59c0c339fe04345475c7cec317f075bad3803b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date: Sun, 09 Oct 2022 13:12:50 GMT
x-azure-ref: 00shCYwAAAAAt8YgYq3GsSZkUa7muK+ENRVdSMzExMDAwMTA5MDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1783
expires: -1

GET
H3 200 836072006419889 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 60ms
28ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836072006419889?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0de32fcd5f92282882c7bf191393e0d2687b885d9287e105d2155317fefc0977

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 09 Oct 2022 13:12:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86617
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HxDLUbtxXgjVSPdvDLdEsBhx86uXVya/qmIBhmiQVeObYrDCzHPSoTFmM1WyP1yhFXwprKML6ugMD7vGhqaHlg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 405909.json Show response
s.yimg.com/wi/config/ 44 B
674 B 102ms
47ms XHR
application/json 2001:4998:1c:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405909.json

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:1c:800::1000 , United States, ASN14779 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

fad2b41a387ad2bff0c05ed1475f79529e13a17163eb6e36f8953822d96ded88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:51 GMT
x-amz-version-id: 50Tr4LaAL2FlcpH6YjQKudKvwqwxbYro
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: W8MN30Z426ZQG327
age: 0
x-amz-server-side-encryption: AES256
content-length: 44
x-amz-id-2: VaYDuQrU74Xp1HPjlJ2xjEAbYAxgjn8rgZYQjjthj95h8e7w+80oYhWq8xUBb+3MbmKzmSDejQs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 23 Jun 2022 20:00:54 GMT
server: ATS
etag: "bef1253818c00b6e13b42804c46f2014"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame E760 672 B
596 B 184ms
74ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=57382856-959d-4c7f-8641-8275ab566ede&u_sclid=779a6601-6813-4c7c-bea8-29a995a1f395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://westinmauiamenities.247activities.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: gzip
content-type: text/html
date: Sun, 09 Oct 2022 13:12:50 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 8

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=86524227142965204711881721420039804859&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TYe78PhE2pH4nf3eNv3u8M7j.WuTSwlppd4-~A

42 B
942 B

82ms
80ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TYe78PhE2pH4nf3eNv3u8M7j.WuTSwlppd4-~A

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v040-0905afca2.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kmi+di3iRTg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 09 Oct 2022 13:12:50 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0108.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TYe78PhE2pH4nf3eNv3u8M7j.WuTSwlppd4-~A
content-length: 0

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame C8D4 487 B
987 B 27ms
26ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&upid=byw7ch4&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Sat, 08 Oct 2022 21:44:08 GMT
Via: 1.1 936397b26a4278a4582b6e1456333afa.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 55723
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: q9fLVz1dAfzs-EItmHAzoCykHB4eVFHg9iONPP_3_m7WjvCquBoivA==

POST
H2 200 p
tr.snapchat.com/ 68 B
616 B 155ms
72ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://westinmauiamenities.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryl7KYDLrqPFPuwYlr

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://westinmauiamenities.247activities.com
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2

200

dc_pre=CLKLyOac0_oCFQ3-hwodYBUGrg;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities....
https://ad.doubleclick.net/activity;dc_pre=CLKLyOac0_oCFQ3-hwodYBUGrg;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A%2F%2F...
https://adservice.google.com/ddm/fls/z/dc_pre=CLKLyOac0_oCFQ3-hwodYBUGrg;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenit...

42 B
107 B

149ms
74ms

Image
image/gif

2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLKLyOac0_oCFQ3-hwodYBUGrg;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F

Protocol

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CLKLyOac0_oCFQ3-hwodYBUGrg;src=1359549;type=marri003;cat=m1m_m0;ord=8590666024955;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dc_pre=CNqMyOac0_oCFcL6hwodo98FWw;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activ...
https://ad.doubleclick.net/activity;dc_pre=CNqMyOac0_oCFcL6hwodo98FWw;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=752909848.1665321171;u7=%2F;~oref=https%3A...
https://adservice.google.com/ddm/fls/z/dc_pre=CNqMyOac0_oCFcL6hwodo98FWw;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmaui...

42 B
494 B

166ms
74ms

Image
image/gif

2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNqMyOac0_oCFcL6hwodo98FWw;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F

Protocol

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CNqMyOac0_oCFcL6hwodo98FWw;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=4507314386994;gtm=2oda50;npa=1;auiddc=*;u7=%2F;~oref=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 144ms
73ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayerB&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

195f3c8ce18239cd241304be4a02c70892564caf8a139f6035b853fe212bab3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15196
x-xss-protection: 0
server: cafe
etag: 7222976147654879957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H2

200

src=4810757;dc_pre=CMKMyOac0_oCFU7yhwodfugNiQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_tre...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_lat=;dc_rdid=;tag_for_child_direct...
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CMKMyOac0_oCFU7yhwodfugNiQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_...
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CMKMyOac0_oCFU7yhwodfugNiQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_l...

42 B
107 B

122ms
75ms

Image
image/gif

2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CMKMyOac0_oCFU7yhwodfugNiQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Protocol

Server

2607:f8b0:4006:81d::2002 Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CMKMyOac0_oCFU7yhwodfugNiQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwestinmauiamenities.247activities.com%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
941 B 119ms
40ms Image
application/javascript 68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1565798&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.208 Newark, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:50 GMT
AN-X-Request-Uuid: 1054719a-8b44-43c1-9a38-0fb00ec7bd2e
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 0
1013 B 120ms
41ms Image
application/javascript 68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=29464183&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.208 Newark, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:50 GMT
AN-X-Request-Uuid: 1b464c98-e6f3-4d81-a234-5bde853f1db1
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=26ccF3oqM_1EmFyIb8LleA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p&sjrn_ula=673976618&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1

42 B
282 B

67ms
56ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p&sjrn_ula=673976618&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p&sjrn_ula=673976618&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=26ccF3oqM_1EmFyIb8LleA&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDoqWBiOEq-q7GzXpZAqF-zoEY3-6mXq4SG-D-PFPdCG_FDAZRfzPYOcwOUDpwee13e3HsVZ8nJdWg2hdObCMbRXy2qf4c6SEzk1JvWFWl6eDPzf_kc4
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqWBiOEq-q7GzXpZAqF-zoEY3-6mXq4SG-D-PFPdCG_FDAZRfzPYOcwOUDpwee13e3HsVZ8nJdWg2hdObCMbRXy2qf4c6SEzk1JvWFWl6eDPzf_kc4

170 B
525 B

87ms
43ms

Image
image/png

2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqWBiOEq-q7GzXpZAqF-zoEY3-6mXq4SG-D-PFPdCG_FDAZRfzPYOcwOUDpwee13e3HsVZ8nJdWg2hdObCMbRXy2qf4c6SEzk1JvWFWl6eDPzf_kc4

Protocol

Server

2607:f8b0:4006:822::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqWBiOEq-q7GzXpZAqF-zoEY3-6mXq4SG-D-PFPdCG_FDAZRfzPYOcwOUDpwee13e3HsVZ8nJdWg2hdObCMbRXy2qf4c6SEzk1JvWFWl6eDPzf_kc4
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p
https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p

42 B
264 B

64ms
58ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:50 GMT
AN-X-Request-Uuid: a125835a-f298-4755-b629-6db7813efb29
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p

42 B
275 B

70ms
59ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=KnwGtdyz4n5zZI-29c002z7yfSRIMg0lnh4A6-1CWAQwK_FCKQ6Tf-zDv4bKwv4p
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 327

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 3560 0
941 B 125ms
47ms Image
application/javascript 68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1228256&t=1

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=HMMWI&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.208 Newark, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:50 GMT
AN-X-Request-Uuid: e8074196-1541-4741-b0a2-a788b61cfeb3
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 3560 0
1013 B 119ms
42ms Image
application/javascript 68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=21126164&t=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.208 Newark, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:50 GMT
AN-X-Request-Uuid: 4409bfe4-91af-4a33-91a9-533fbc69125b
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 3560
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=BpsLFW3fRbQDl2ykQIPeHg&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30&sjrn_ula=824794939&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1

42 B
271 B

67ms
57ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30&sjrn_ula=824794939&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=HMMWI&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30&sjrn_ula=824794939&google_gid=CAESEGtc0yWrG99aaeaT0XRLHPU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 3560
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=BpsLFW3fRbQDl2ykQIPeHg&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDoq--4wPowNcQhie88tnFHFzmrAEGxX-IL98h8fUSBkjwElwT1dcJCY9L1BKcT-uwG7E8ve_4_xQFZ--zAbLkFBA-ePEPhSWd9yUxJkmyRNddc2fhPY
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq--4wPowNcQhie88tnFHFzmrAEGxX-IL98h8fUSBkjwElwT1dcJCY9L1BKcT-uwG7E8ve_4_xQFZ--zAbLkFBA-ePEPhSWd9yUxJkmyRNddc2fhPY

170 B
233 B

223ms
129ms

Image
image/png

2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq--4wPowNcQhie88tnFHFzmrAEGxX-IL98h8fUSBkjwElwT1dcJCY9L1BKcT-uwG7E8ve_4_xQFZ--zAbLkFBA-ePEPhSWd9yUxJkmyRNddc2fhPY

Requested by

Protocol

Server

2607:f8b0:4006:822::200e Rockville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoq--4wPowNcQhie88tnFHFzmrAEGxX-IL98h8fUSBkjwElwT1dcJCY9L1BKcT-uwG7E8ve_4_xQFZ--zAbLkFBA-ePEPhSWd9yUxJkmyRNddc2fhPY
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

apn
pixel.sojern.com/idsync/ Frame 3560
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30
https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30

42 B
58 B

152ms
117ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=HMMWI&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:50 GMT
AN-X-Request-Uuid: 4b3ca814-41c9-4194-a357-77af6b557b17
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://pixel.sojern.com/idsync/apn?id=5682941523316974673&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/ Frame 3560
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30

42 B
275 B

69ms
57ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=HMMWI&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&sjrn_id=AbLhzFn376GCoTWBsL_VwCl-n9MA4PbEtqZ9-Y1JjN6PR63z4Z4q-P6Z81ABHj30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 327

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
78 B 98ms
43ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2009%20Oct%202022%2013%3A12%3A50%20GMT&n=0&b=The%20Westin%20Maui%20Resort%20%26%20Spa&.yp=405909&f=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&enc=UTF-8&yv=1.13.0&hsr=&et=custom&ea=ViewProduct&cc=US&cio=%7C&cid=&tagmgr=gtm%2Cadobe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 57ms
42ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=The%20Westin%20Maui%20Resort%20%26%20Spa&.yp=405909&f=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 09 Oct 2022 13:12:50 GMT

GET
H/1.1

200
OK

ibs:dpid=30862&dpuuid=10602177212788806488
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=86524227142965204711881721420039804859&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10602177212788806488

42 B
942 B

144ms
143ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10602177212788806488

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v040-0a033a9ce.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 66ST3gCXSIM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://dpm.demdex.net/ibs:dpid=30862&dpuuid=10602177212788806488
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main.3a217bc7.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 77ms
76ms Script
application/javascript 2600:141b:9000:39b::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:9000:39b::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "77f7bb9138eae5ebd8398ae9aec923dd"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19398

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E592
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

0
0

65ms
31ms

Document
text/plain

3.210.121.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.121.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-121-151.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, no-cache, no-store
date: Sun, 09 Oct 2022 13:12:50 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time: D=33 t=1665321170
x-served-by: beacon-n037-ash-prod.krxd.net

Redirect headers

content-length: 0
date: Sun, 09 Oct 2022 13:12:50 GMT
location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
x-age: 0
x-cache: MISS
x-cache-hits: 0
x-served-by: usermatch-a003-ash-prod.krxd.net

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/ Frame A058
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5682941523316974673&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
https://ib.adnxs.com/setuid?entity=82&code=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&gdpr=0&gdpr_consent=

43 B
1022 B

34ms
34ms

Document
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/setuid?entity=82&code=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&gdpr=0&gdpr_consent=

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Newark, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

AN-X-Request-Uuid: adacf37c-22f9-4803-a6b6-22ced78184a2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 09 Oct 2022 13:12:50 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 231
content-type: text/html
date: Sun, 09 Oct 2022 13:12:50 GMT
location: https://ib.adnxs.com/setuid?entity=82&code=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3

200

pixel Show response
cm.g.doubleclick.net/ Frame 7B84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDgzNDcyOTQtNjUzYy00ZmM2LWJjMjMtYWUwN2NjZjBlNGFl&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07c...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae&google_gid=CAESEEAYSDD6gFf4Tqhb-Cd1RBU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgzNDcyOTQtNjUzYy00ZmM2LWJjMjMtYWUwN2NjZjBlNGFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

170 B
188 B

55ms
44ms

Document
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgzNDcyOTQtNjUzYy00ZmM2LWJjMjMtYWUwN2NjZjBlNGFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae

Requested by

Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Sun, 09 Oct 2022 13:12:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 423
content-type: text/html
date: Sun, 09 Oct 2022 13:12:50 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDgzNDcyOTQtNjUzYy00ZmM2LWJjMjMtYWUwN2NjZjBlNGFl&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8347294-653c-4fc6-bc23-ae07ccf0e4ae
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 108ms
27ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&rl=&if=false&ts=1665321170791&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665321170788.1735437343&it=1665321170597&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Oct 2022 13:12:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-e/s/0.6.42/ 53 KB
23 KB 45ms
44ms Script
application/javascript 2620:1ec:bdf::38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-e/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5140893
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::38 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d8e58fdaa9d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 00shCYwAAAACim2eteGR5S7MxNxsdS+e3RVdSMzExMDAwMTA5MDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 23382
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7541244D3DA442AE8CFBAD75EA90A5C4&RedC=c.clarity.ms&MXFR=2F89D7077B3562221C2CC53F7F356CDC
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7541244D3DA442AE8CFBAD75EA90A5C4&MUID=3735FAA9C16C61AA223EE891C06B6010

42 B
441 B

57ms
55ms

Image
image/gif

20.221.206.60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7541244D3DA442AE8CFBAD75EA90A5C4&MUID=3735FAA9C16C61AA223EE891C06B6010
Protocol: H2
Server: 20.221.206.60 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
last-modified: Tue, 13 Sep 2022 03:22:00 GMT
server: Microsoft-IIS/10.0
etag: "8766f3fc1fc7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B47424CF6684C8182F6B1E71F37A264 Ref B: EWR311000107049 Ref C: 2022-10-09T13:12:51Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7541244D3DA442AE8CFBAD75EA90A5C4&MUID=3735FAA9C16C61AA223EE891C06B6010
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame A579 0
336 B 170ms
32ms Image
text/plain 3.210.121.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=runads&partner_uid=cnvr-AQEJo4S4oFL7EAEtzFs_AQEL_wE&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.121.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-121-151.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-served-by: beacon-n019-ash-prod.krxd.net
date: Sun, 09 Oct 2022 13:12:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=20 t=1665321170
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame A579
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D6%26userid%3D%24UID&gdpr_consent=
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=6&userid=5682941523316974673&gdpr_consent=

43 B
268 B

245ms
39ms

Image
image/gif

2606:ae80:1471:16::820
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=6&userid=5682941523316974673&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1471:16::820 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:50 GMT
AN-X-Request-Uuid: fb1a54eb-9aef-40fc-91e8-4473cd93f1b4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=6&userid=5682941523316974673&gdpr_consent=
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame A579
Redirect Chain

https://ups.analytics.yahoo.com/ups/58272/sync?redir=true&https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D12%26userid%3D%24UID&gdpr_consent=
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=12&userid=y-VzKtDR5E2ul9QHbT0ObCExICA.m4hw--~A

43 B
267 B

164ms
40ms

Image
image/gif

2606:ae80:1471:16::820
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=12&userid=y-VzKtDR5E2ul9QHbT0ObCExICA.m4hw--~A
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1471:16::820 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: 0

Redirect headers

location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=12&userid=y-VzKtDR5E2ul9QHbT0ObCExICA.m4hw--~A
date: Sun, 09 Oct 2022 13:12:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

current
dp-sync.dotomi.com/match/pixel/ Frame A579
Redirect Chain

https://idsync.rlcdn.com/449046.gif?partner_uid=AQEJo4S4oFL7EAEtzFs_AQEL_wE&gdpr_consent=
https://dp-sync.dotomi.com/match/pixel/current?networkId=26832&version=1&nuid=ff74651c1a316b66e0a2d18b13f79ecc01dad5837211f3a02af508eccfcdb3eececafa215448e457

43 B
225 B

228ms
48ms

Image
image/gif

2606:ae80:1471:16::730
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dp-sync.dotomi.com/match/pixel/current?networkId=26832&version=1&nuid=ff74651c1a316b66e0a2d18b13f79ecc01dad5837211f3a02af508eccfcdb3eececafa215448e457
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1471:16::730 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: image/gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 43
expires: 0

Redirect headers

date: Sun, 09 Oct 2022 13:12:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dp-sync.dotomi.com/match/pixel/current?networkId=26832&version=1&nuid=ff74651c1a316b66e0a2d18b13f79ecc01dad5837211f3a02af508eccfcdb3eececafa215448e457
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame A579
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon&gdpr=false&gdpr_consent=
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=L91D87FQ-1U-B236

43 B
267 B

98ms
84ms

Image
image/gif

2606:ae80:1471:16::820
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=L91D87FQ-1U-B236
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1471:16::820 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=L91D87FQ-1U-B236
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
Expires: 0

GET
H2 200 put
e1.emxdgt.com/ Frame A579 43 B
120 B 261ms
55ms Image
image/gif 44.208.243.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d48&uid=AQEJo4S4oFL7EAEtzFs_AQEL_wE&gdpr=false&gdpr_consent=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.208.243.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-208-243-83.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
content-length: 43
x-nosync: emp
content-type: image/gif

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame A579
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=f9869243-40dc-4b34-9e8b-8d6529649f0f&ph=bec2690e-a73d-4d95-9901-75ad2a8d91b8&r=https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D7%26userid%3D{...
https://us-u.openx.net/w/1.0/cm?cc=1&id=f9869243-40dc-4b34-9e8b-8d6529649f0f&ph=bec2690e-a73d-4d95-9901-75ad2a8d91b8&r=https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com%2Fw%2Fuser.sync%3Fptrid%3D7%26useri...
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=7&userid=a760a793-580e-0b5a-1a3a-7c2c5e8c25a2

43 B
267 B

64ms
52ms

Image
image/gif

2606:ae80:1471:16::820
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=7&userid=a760a793-580e-0b5a-1a3a-7c2c5e8c25a2
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1471:16::820 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: 0

Redirect headers

date: Sun, 09 Oct 2022 13:12:51 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=7&userid=a760a793-580e-0b5a-1a3a-7c2c5e8c25a2
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame A579
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561998&ev=1&rurl=https%3A%2F%2Fmatch.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&userid=%%VGUID%%&gdpr_consent=
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&ev=1&pid=561998&gdpr_consent=&userid=EY6cQLZa6gWl

43 B
267 B

108ms
42ms

Image
image/gif

2606:ae80:1471:16::820
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&ev=1&pid=561998&gdpr_consent=&userid=EY6cQLZa6gWl
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Server: 2606:ae80:1471:16::820 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=9&ev=1&pid=561998&gdpr_consent=&userid=EY6cQLZa6gWl
content-language: en-US
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-7945856c5-t7pv4
expires: -1

GET
H2 200 px
login.dotomi.com/profile/set/fpc/ Frame A579 43 B
492 B 48ms
45ms Image
image/gif 159.127.42.233
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.dotomi.com/profile/set/fpc/px?ver=2&dtm_cid=2814&dtm_cmagic=8e987c&dtm_form_uid=622206731195357941&dtm_user_token=AQEJo4S4oFL7EAEtzFs_AQEL_wE&dtm_orig_com=28&wl_domains_key=login.dotomi.com&wl_override=
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.127.42.233 Los Angeles, United States, ASN25751 (VALUECLICK, US),
Reverse DNS: iad03-usadmm.dotomi.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:50 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, private, max-age=0, no-store
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 DMCSuccessLogger
login-ds.dotomi.com/ucm/ Frame A579 43 B
140 B 172ms
50ms Image
image/gif 2606:ae80:1471:16::730
CNVR-US-EAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login-ds.dotomi.com/ucm/DMCSuccessLogger?dtmid=622206730852629009&sessionid=1665321170725&comId=2814&dtm_command_op_date=1665321170725&uniqueid=622206731195357941
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=HMMWI&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&fpc_status=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1471:16::730 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://login.dotomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:50 GMT
cache-control: max-age=0, no-store
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame E760 25 KB
9 KB 46ms
44ms Script
application/javascript 108.138.113.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=57382856-959d-4c7f-8641-8275ab566ede&u_sclid=779a6601-6813-4c7c-bea8-29a995a1f395
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.113.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-113-246.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sat, 08 Oct 2022 15:26:01 GMT
content-encoding: gzip
via: 1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 78409
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: _9IfGmjUhUbsdopfT7yWS4e10ZjEun8vtgMBXar24YEbXz2yUAs3Ig==

GET
H2 200 / Show response
ct.pinterest.com/user/ 540 B
874 B 237ms
77ms XHR
application/json 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613977086519&pd=%7B%7D&cb=1665321170851

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.b5794668.1665321171.c72faee
x-envoy-upstream-service-time: 0
content-length: 378
x-pinterest-rid: 9733172010407016
pin-unauth: dWlkPU1tSTBZMkkxTXprdE56UmxaQzAwWVRsaExXRXlZVE10WlROaU9UVTNNVEUwTTJOaw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://westinmauiamenities.247activities.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 540 B
873 B 241ms
81ms XHR
application/json 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&tid=2613977086519&cb=1665321170852

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.b5794668.1665321171.c72faf0
x-envoy-upstream-service-time: 2
content-length: 378
x-pinterest-rid: 6700877473179522
pin-unauth: dWlkPU9HTm1aamxoT1RrdE5qaGpOUzAwTmpFMUxXSTNOVEV0WW1JellUbGxNemRqWVdFMg
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://westinmauiamenities.247activities.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 540 B
873 B 240ms
80ms XHR
application/json 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1665321170852

Requested by

Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.b5794668.1665321171.c72faf1
x-envoy-upstream-service-time: 0
content-length: 378
x-pinterest-rid: 1151272736946548
pin-unauth: dWlkPU5UUmlaVGN5TmpNdFl6UXlPQzAwWVRBM0xXSm1NekV0Wm1abU1XTXdPREprTmprdw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://westinmauiamenities.247activities.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 226ms
82ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613977086519&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwestinmauiamenities.247activities.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1665321170855

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.b5794668.1665321171.c72faf3
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 2492156296934110
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=80742&dpuuid=ecabc518-5feb-4af6-9115-439581db4ddb
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=ecabc518-5feb-4af6-9115-439581db4ddb

42 B
942 B

80ms
79ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=ecabc518-5feb-4af6-9115-439581db4ddb

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-0e6c597b0.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BN9T1a3vRiQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=ecabc518-5feb-4af6-9115-439581db4ddb
date: Sun, 09 Oct 2022 13:12:51 GMT
content-length: 0
request-time: 0

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 326B
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1665321170953&u_scsid=813f88d6-134c-4de8-bbbb-f5bf95632bf4&u_sclid=f58f975c-e03b-434e-a6d3-a42228085039
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665184380310%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1665184380310%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1665184380310&pnid=140&pcid=84d4b4c3-9736-45ab-aaa1-ae3c8a8f95ba

0
18 B

76ms
76ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1665184380310&pnid=140&pcid=84d4b4c3-9736-45ab-aaa1-ae3c8a8f95ba

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Sun, 09 Oct 2022 13:12:51 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 12

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 09 Oct 2022 13:12:51 GMT
location: https://tr.snapchat.com/cm/p?rand=1665184380310&pnid=140&pcid=84d4b4c3-9736-45ab-aaa1-ae3c8a8f95ba
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 404 usync.php
pxl.jivox.com/tags/sync/ Frame 4C0E 0
0 94ms
85ms Image
text/html 18.207.40.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.40.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-40-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

POST
H2 204 collect Show response
l.clarity.ms/ 0
172 B 238ms
58ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: westinmauiamenities.247activities.com
URL: https://westinmauiamenities.247activities.com/js/main.js?v=1663843260
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://westinmauiamenities.247activities.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://westinmauiamenities.247activities.com
date: Sun, 09 Oct 2022 13:12:50 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H/1.1

200
OK

ibs:dpid=66757
dpm.demdex.net/ Frame 4C0E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=86524227142965204711881721420039804859
https://dpm.demdex.net/ibs:dpid=66757?id=86524227142965204711881721420039804859&dpuuid=PIK3NK2g

42 B
942 B

81ms
79ms

Image
image/gif

52.27.120.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=66757?id=86524227142965204711881721420039804859&dpuuid=PIK3NK2g

Protocol

HTTP/1.1

Server

52.27.120.158 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-120-158.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v040-0697e8b68.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: i+eKxY5sSrQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: //dpm.demdex.net/ibs:dpid=66757?id=86524227142965204711881721420039804859&dpuuid=PIK3NK2g
date: Sun, 09 Oct 2022 13:12:51 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 84C7 565 B
590 B 46ms
45ms Document
text/html 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://westinmauiamenities.247activities.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.b5794668.1665321171.c72fb19
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 09 Oct 2022 13:12:51 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1720424823563906

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 46ms
41ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1665321170852&pd=%7B%22pin_unauth%22%3A%22dWlkPU1tSTBZMkkxTXprdE56UmxaQzAwWVRsaExXRXlZVE10WlROaU9UVTNNVEUwTTJOaw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwestinmauiamenities.247activities.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1665321171122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.b5794668.1665321171.c72fb23
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 7125538946111420
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 46ms
44ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&tid=2613977086519&cb=1665321170852&pd=%7B%22pin_unauth%22%3A%22dWlkPU1tSTBZMkkxTXprdE56UmxaQzAwWVRsaExXRXlZVE10WlROaU9UVTNNVEUwTTJOaw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwestinmauiamenities.247activities.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1665321171122

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.b5794668.1665321171.c72fb25
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 2886384310698684
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTBMSTBBQUFBSG85UXdPSA==

170 B
188 B

43ms
42ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTBMSTBBQUFBSG85UXdPSA==

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-ewr18169-EWR
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665321171.311381,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTBMSTBBQUFBSG85UXdPSA==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y0LI0AAAAHo9QwOH&expires=90

42 B
753 B

36ms
35ms

Image
image/gif

69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y0LI0AAAAHo9QwOH&expires=90
Protocol: HTTP/1.1
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-ewr18169-EWR
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665321171.321469,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y0LI0AAAAHo9QwOH&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0LI0AAAAHo9QwOH
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0LI0AAAAHo9QwOH&C=1

43 B
766 B

29ms
28ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0LI0AAAAHo9QwOH&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y0LI0AAAAHo9QwOH&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y0LI0AAAAHo9QwOH

43 B
1 KB

45ms
44ms

Image
image/gif

68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Y0LI0AAAAHo9QwOH

Protocol

HTTP/1.1

Server

68.67.160.184 Newark, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:51 GMT
AN-X-Request-Uuid: 6f4c87cd-c68f-4af8-b1b5-7bfe6b26f1f9
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.43; 96.9.249.43; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-ewr18169-EWR
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665321172.530480,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Y0LI0AAAAHo9QwOH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0LI0AAAAHo9QwOH

43 B
61 B

47ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0LI0AAAAHo9QwOH
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-ewr18169-EWR
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665321172.627973,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y0LI0AAAAHo9QwOH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0LI0AAAAHo9QwOH

1 B
449 B

106ms
26ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0LI0AAAAHo9QwOH
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 09 Oct 2022 13:12:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-ewr18169-EWR
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665321172.729775,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0LI0AAAAHo9QwOH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

partner
sync.search.spotxchange.com/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y0LI0AAAAHo9QwOH&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y0LI0AAAAHo9QwOH&img=1&__user_check__=1&sync_id=1486f1f5-47d4-11ed-beb4-12d4f2240203

43 B
419 B

39ms
39ms

Image
image/gif

69.12.8.74
SPOTX-IAD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y0LI0AAAAHo9QwOH&img=1&__user_check__=1&sync_id=1486f1f5-47d4-11ed-beb4-12d4f2240203
Protocol: H2
Server: 69.12.8.74 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software: /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 13:12:52 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 413
content-length: 43

Redirect headers

date: Sun, 09 Oct 2022 13:12:52 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: /partner?adv_id=6409&uid=Y0LI0AAAAHo9QwOH&img=1&__user_check__=1&sync_id=1486f1f5-47d4-11ed-beb4-12d4f2240203
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 245
content-length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame 4C0E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y0LI0AAAAHo9QwOH&t=2592000&o=0

43 B
71 B

143ms
112ms

Image
image/gif

2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y0LI0AAAAHo9QwOH&t=2592000&o=0

Protocol

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 06:12:52 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: 3dBZxcgXuK1IXQnLfZmox3pSsqJyEF+1KSPJZStkpkhrBlazaso8RWwWkrg5PsEbGcGS+i+ua6Wo5aD/rDtjCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
priority: u=3,i
expires: Sun, 09 Oct 2022 06:12:52 PDT

Redirect headers

x-served-by: cache-ewr18169-EWR
pragma: no-cache
date: Sun, 09 Oct 2022 13:12:51 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1665321172.942870,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y0LI0AAAAHo9QwOH&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

s.gif
cm.ipinyou.com/xcms/aam/ Frame 4C0E
Redirect Chain

https://cm.ipinyou.com/xcmr/aam/r.gif
https://dpm.demdex.net/ibs:dpid=134084&dpuuid=MA9LCpBqymw&redir=http%3A%2F%2Fcm.ipinyou.com%2Fxcms%2Faam%2Fs.gif%3Ftid%3D$%7BDD_UUID%7D
https://cm.ipinyou.com/xcms/aam/s.gif?tid=86524227142965204711881721420039804859

43 B
486 B

265ms
264ms

Image
image/gif

39.106.29.39
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.ipinyou.com/xcms/aam/s.gif?tid=86524227142965204711881721420039804859
Protocol: HTTP/1.1
Server: 39.106.29.39 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://marriottinternationa.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 09 Oct 2022 13:12:53 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked
Content-Type: image/gif
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-1-v040-094cc877d.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 228LqOcFQng=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://cm.ipinyou.com/xcms/aam/s.gif?tid=86524227142965204711881721420039804859
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 29ms
28ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836072006419889&ev=Microdata&dl=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&rl=&if=false&ts=1665321172299&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Westin%20Maui%20Resort%20%26%20Spa%22%2C%22meta%3Adescription%22%3A%22Real-time%20inventory%20management%20and%20booking%20software%20by%20RealTime%20Reservation%20LLC.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665321170788.1735437343&it=1665321170597&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://westinmauiamenities.247activities.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 09 Oct 2022 13:12:52 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

98 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:36:47	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.247activities.com/	1970-01-20 16:11:21	Name: _ga Value: GA1.2.1903970533.1665321167
.247activities.com/	1970-01-20 06:36:47	Name: _gid Value: GA1.2.807448897.1665321167
.247activities.com/	1970-01-20 06:35:21	Name: _gat Value: 1
.demdex.net/	1970-01-20 10:54:33	Name: demdex Value: 86524227142965204711881721420039804859
.247activities.com/	1969-12-31 23:59:59	Name: AMCVS_664516D751E565010A490D4C%40AdobeOrg Value: 1
westinmauiamenities.247activities.com/	1970-01-20 15:19:30	Name: csrftoken Value: Q7Tlnlxms5lh6CPZCsDQHDmB2KFWcbMhgg8zDtNiDRGPs3yPFubESKuRYGq30rbN
westinmauiamenities.247activities.com/	1970-01-20 06:35:57	Name: sessionid Value: hrrvo0s6vy58002kil2uutedeftzcf58
.everesttech.net/	1970-01-20 15:20:57	Name: everest_g_v2 Value: g_surferid~Y0LI0AAAAHo9QwOH
.dpm.demdex.net/	1970-01-20 10:54:33	Name: dpm Value: 86524227142965204711881721420039804859
.247activities.com/	1970-01-20 06:35:22	Name: s_tbm Value: true
.247activities.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.247activities.com/	1970-01-20 16:11:21	Name: AMCV_664516D751E565010A490D4C%40AdobeOrg Value: -1712354808%7CMCIDTS%7C19275%7CMCMID%7C86798529885703376621908307411853384146%7CMCAAMLH-1665925968%7C9%7CMCAAMB-1665925968%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1665328368s%7CNONE%7CMCSYNCSOP%7C411-19282%7CvVersion%7C4.3.0
.adnxs.com/	1970-01-20 08:44:57	Name: uuid2 Value: 5682941523316974673
.adsrvr.org/	1970-01-20 15:20:57	Name: TDID Value: d8347294-653c-4fc6-bc23-ae07ccf0e4ae
.doubleclick.net/	1970-01-20 16:11:21	Name: IDE Value: AHWqTUlXpx7fMHYJpxGBSKUQKk2o8stIGCspLVdNlBu4iMv1fmAtUmjQubpuHMYW_b0
.bing.com/	1970-01-20 15:56:57	Name: MUID Value: 3735FAA9C16C61AA223EE891C06B6010
.c.bing.com/	1970-01-20 06:45:25	Name: MR Value: 0
westinmauiamenities.247activities.com/	1970-01-20 15:20:57	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Oct+09+2022+13%3A12%3A49+GMT%2B0000+(GMT)&version=6.26.0&isIABGlobal=false&hosts=&consentId=16e03963-7540-47bc-a73e-41b5b4f672bc&interactionCount=0&landingPath=https%3A%2F%2Fwestinmauiamenities.247activities.com%2F&groups=1%3A1%2C3%3A1%2C4%3A1%2C6%3A1
.flashtalking.com/	1970-01-20 16:11:21	Name: flashtalkingad1 Value: "GUID=53953B07428B56"
.dotomi.com/	1970-01-20 06:35:21	Name: DotomiTest Value: 5e229788c56b162a
.bat.bing.com/	1970-01-20 06:45:25	Name: MR Value: 0
.247activities.com/	1970-01-20 06:36:47	Name: _uetsid Value: 13809af047d411ed82c49b140371cf79
.247activities.com/	1970-01-20 15:56:57	Name: _uetvid Value: 1380dc5047d411edb97565381e2d3d78
.yieldoptimizer.com/	1970-01-20 15:20:57	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 15:20:57	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 15:20:57	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 15:20:57	Name: cktst Value: 863371267
.tribalfusion.com/	1970-01-20 08:44:57	Name: ANON_ID Value: aGnr6ioNIvbpmVrCJZalPvTZb0n7EF4fI4EbZb9CvRB3p0eRHwnZdihB9KvPqHS0ZahQ6UQwV4lEv
.jivox.com/	1970-01-20 08:44:57	Name: jvxsync Value: tjLTUXmlNRoF
.247activities.com/	1970-01-20 06:35:22	Name: _dpm_ses.58f9 Value: *
.247activities.com/	1970-01-20 15:20:57	Name: _dpm_id.58f9 Value: cad80327-0551-4b3b-8f1d-1ee88e849e3e.1665321171.1.1665321171.1665321171.5ce44785-3c71-41be-843d-5f619a586d7f
.criteo.com/	1970-01-20 15:56:57	Name: uid Value: 8c1de51c-6914-4248-b291-2b80db5ef7f5
.yieldoptimizer.com/	1970-01-20 15:20:57	Name: ckid Value: 2028040619040
.yieldoptimizer.com/	1970-01-20 15:20:57	Name: ph Value: %7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D
.yieldoptimizer.com/	1970-01-20 15:20:57	Name: dph Value: %7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D
.247activities.com/	1970-01-20 16:05:07	Name: _scid Value: 20322a3a-ad19-4fe6-aba7-0260732884ab
.247activities.com/	1970-01-20 08:44:57	Name: _gcl_au Value: 1.1.752909848.1665321171
.linkedin.com/	1970-01-20 08:44:57	Name: li_sugr Value: 0c0860ac-ae21-45d3-b007-85f7f39f8185
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:20:57	Name: bcookie Value: "v=2&c17284e3-2113-4e2f-80fa-35a79edb8d9c"
.linkedin.com/	1970-01-20 06:36:47	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2801:u=1:x=1:i=1665321170:t=1665407570:v=2:sig=AQEIyTG62OCXf3MDztmLWEfbnh9Zu2EI"
.yahoo.com/	1970-01-20 15:21:18	Name: A3 Value: d=AQABBNLIQmMCED6d5OigL9RqjPYQo_k2WCIFEgEBAQEaRGNMYwAAAAAA_eMAAA&S=AQAAAg9Se_QTtW4RbGoKWvO_TSY
www.clarity.ms/	1970-01-20 15:20:57	Name: CLID Value: 19fcb10b424142e89dfe371068f340f0.20221009.20231009
.dotomi.com/	1969-12-31 23:59:59	Name: DotomiSession_2814 Value: 2_1665321170725$622206730852629009$751655486$1665321170726
.dotomi.com/	1970-01-20 15:22:23	Name: DotomiSync Value: 0$19274$19274$51472-0#26832-0#30129-0#82592-0#75347-0#42290-0#46227-0#59723-0#
.dotomi.com/	1970-01-20 16:01:16	Name: DotomiUser Value: 622206730852629009$0$751655486$$1
.tvpixel.com/	1970-01-20 15:20:57	Name: sp Value: 3587d843-9e93-42c9-bce7-c250f640e5cc
.247activities.com/	1970-01-20 08:44:57	Name: _fbp Value: fb.1.1665321170788.1735437343
.linkedin.com/	1970-01-20 07:18:33	Name: UserMatchHistory Value: AQKnTx8dvOyerAAAAYO84Hd1etjA29XFEB4Sf3E1yOKXuO_fD2-OfD_6uS3hV0kaLq4Q5Ft-4Ammlw
.linkedin.com/	1970-01-20 07:18:33	Name: AnalyticsSyncHistory Value: AQLCCYB1lTCafgAAAYO84Hd1M_xYMjUCO--R0GPnZzK6_PJbmzZdX91SuEFaoeIu7Ljh2cD1EJIyDarNZR30wA
.dotomi.com/	1970-01-20 16:01:16	Name: dtm_token Value: AQEJo4S4oFL7EAEtzFs_AQEL_wE
.dotomi.com/	1970-01-20 16:01:16	Name: dtm_token_sc Value: AQEJo4S4oFL7EAEtzFs_AQEL_wE
.sojern.com/	1970-01-20 15:20:57	Name: gid Value: CAESEGtc0yWrG99aaeaT0XRLHPU
.sojern.com/	1970-01-20 15:20:57	Name: cid Value: 069b0b15-6ddf-45b4-0397-6ca44083de1e#1665273600000
.sojern.com/	1970-01-20 07:18:33	Name: ttdid Value: d8347294-653c-4fc6-bc23-ae07ccf0e4ae
.sojern.com/	1970-01-20 08:44:57	Name: apnid Value: 5682941523316974673
.mookie1.com/	1970-01-20 16:04:09	Name: id Value: 10602177212788806488
.mookie1.com/	1970-01-20 16:04:09	Name: mdata Value: 1\|10602177212788806488\|1665321170862
.mookie1.com/	1970-01-20 16:04:09	Name: ov Value: c958adc6fc355dd7676d419a17f073cb
.247activities.com/	1970-01-20 15:20:57	Name: _clck Value: f28nhv\|1\|f5k\|0
.rlcdn.com/	1970-01-20 15:20:57	Name: rlas3 Value: bnNOFNVoo2mPsjt2zARESQPmsinNsg2PuwNg4Ru1jg0=
.rlcdn.com/	1970-01-20 08:01:45	Name: pxrc Value: CNGRi5oGEgUI6AcQABIGCO/rARABEgYI8esBEAA=
.adsrvr.org/	1970-01-20 15:20:57	Name: TDCPM Value: CAESEgoDYWFtEgsIooWe-b-AlTsQBRITCgRrcnV4EgsIgqbdhMCAlTsQBRIXCghhcHBuZXh1cxILCIjUj4XAgJU7EAUSFQoGZ29vZ2xlEgsI-NqLhcCAlTsQBRgBIAMoAjILCKLTqrHWgJU7EAU4AVoHb21ibDlocGAC
.krxd.net/	1970-01-20 10:54:33	Name: _kuid_ Value: PIK3NK2g
.openx.net/	1970-01-20 15:20:57	Name: i Value: 3d84bcea-a1dc-0ecb-13ba-b25d71264a07\|1665321170
.analytics.yahoo.com/	1970-01-20 15:20:57	Name: IDSYNC Value: 18yo~27md
.contextweb.com/	1970-01-20 15:13:45	Name: V Value: EY6cQLZa6gWl
.contextweb.com/	1970-01-20 15:20:57	Name: pb_rtb_ev Value: 3-1gk8\|88b.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 95dc0ceab260cd7c
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 15:20:57	Name: bscookie Value: "v=1&2022100913125099030ef3-5c65-4385-8fdd-dd2738eccbb5AQFDTrLPTGz81CSYDaaAGepeqPlG-p9U"
.westinmauiamenities.247activities.com/	1970-01-20 15:20:57	Name: _pin_unauth Value: dWlkPU1tSTBZMkkxTXprdE56UmxaQzAwWVRsaExXRXlZVE10WlROaU9UVTNNVEUwTTJOaw
.rubiconproject.com/	1970-01-20 15:20:57	Name: khaos Value: L91D87FQ-1U-B236
.snapchat.com/	1970-01-20 15:56:57	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwRHAIAwDsIlyZ5MQAtvQmi0Yvt/qJWD3UsleFS28yabmseMJPiOcjMvAYmb3Rg7eX/EBQ+VOwkAAAAA=
.c.bing.com/	1970-01-20 15:56:57	Name: SRM_B Value: 3735FAA9C16C61AA223EE891C06B6010
.ct.pinterest.com/	1970-01-20 15:20:57	Name: _pinterest_ct_ua Value: "TWc9PSZDU3k0STJJYTVydlJuNmhpQzdSTnd1aDRIcGNObllSVENmZGVvTlNja3ZPeHhXNHNZbFNaSkZjQ1RJUlRvVGZ1MitTNnh4UHhSbkREbW5ReE8wZ2hMbHNVWXh6anpoaXd6YllPN1p2QlFmST0mTEZmTU5ReUVQUUJobkVTUjZyd0EyN1ozaUhvPQ=="
.innovid.com/	1970-01-20 08:44:57	Name: uuid Value: ecabc518-5feb-4af6-9115-439581db4ddb-20221009 09:12:51
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:56:57	Name: MUID Value: 3735FAA9C16C61AA223EE891C06B6010
.c.clarity.ms/	1970-01-20 06:45:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 06:35:21	Name: ANONCHK Value: 0
.247activities.com/	1970-01-20 06:36:47	Name: _clsk Value: 18stumm\|1665321171240\|1\|0\|l.clarity.ms/collect
.tapad.com/	1970-01-20 08:01:45	Name: TapAd_TS Value: 1665321171235
.tapad.com/	1970-01-20 08:01:45	Name: TapAd_DID Value: 84d4b4c3-9736-45ab-aaa1-ae3c8a8f95ba
.tapad.com/	1970-01-20 08:01:45	Name: TapAd_3WAY_SYNCS Value:
.rubiconproject.com/	1970-01-20 15:20:57	Name: audit Value: 1\|K4nRCSmEAaGdUyfJCdE3bubS83TAJgWzOMXCHgumMB/hj9K5Ghav9Yg87Kf6PBULEgvaDmq1PL0kEa5N2k7U1SEEFoCDRlfYqW5oexR/QfRl6RNWyiuqEFYea4CdqGgFWzs+gIybVGuNt1PxM0uVcePtzNdx26gK0hnIqWoV4Ow=
.247activities.com/	1970-01-20 16:05:07	Name: _sctr Value: 1\|1665273600000
.adsymptotic.com/	1970-01-20 08:44:57	Name: U Value: dd07c90ef051eef368501861da7ec879
.casalemedia.com/	1970-01-20 15:20:57	Name: CMID Value: Y0LI08Wb5FBD0WZTuCKx5gAA
.casalemedia.com/	1970-01-20 08:44:57	Name: CMPS Value: 3579
.casalemedia.com/	1970-01-20 08:44:57	Name: CMPRO Value: 3579
.adnxs.com/	1970-01-20 08:44:57	Name: anj Value: dTM7k!M41$CxrEQF']wIg2GTvs`)q4!]tcg8i_j5eyGno7^I!9%^)np/B2aY4O6AIC)H].4^so?/DkUN@!5fUoB?OlTNlJS=/#uQ^y9[SfeLk[T-7k?Ph#Zp4nRV!S-t0iIisYRg:Jl]%p[s>9@q*s6whQr_$(]`/>4AQX_#tNd$SN#.xa32
.pubmatic.com/	1970-01-20 08:44:57	Name: KRTBCOOKIE_218 Value: 4056-Y0LI0AAAAHo9QwOH&KRTB&22978-Y0LI0AAAAHo9QwOH&KRTB&23194-Y0LI0AAAAHo9QwOH&KRTB&23209-Y0LI0AAAAHo9QwOH
.pubmatic.com/	1970-01-20 07:18:33	Name: PugT Value: 1665321170
.demdex.net/	1970-01-20 10:54:33	Name: dextp Value: 358-1-1665321169051\|477-1-1665321169209\|771-1-1665321169310\|903-1-1665321169417\|1957-1-1665321169523\|3047-1-1665321169638\|13870-1-1665321169740\|19360-1-1665321169889\|22054-1-1665321170165\|22069-1-1665321170368\|28645-1-1665321170477\|30646-1-1665321170610\|30862-1-1665321170756\|80742-1-1665321170881\|96420-1-1665321170987\|66757-1-1665321171091\|144230-1-1665321171200\|144231-1-1665321171304\|144232-1-1665321171405\|144233-1-1665321171507\|144234-1-1665321171610\|144235-1-1665321171711\|144236-1-1665321171813\|144237-1-1665321171925\|134084-1-1665321172027
.spotxchange.com/	1970-01-20 07:15:40	Name: audience Value: 1486f1aa-47d4-11ed-beb4-12d4f2240203
.ipinyou.com/	1970-01-20 16:11:21	Name: PYID Value: MA9LCpBqymw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pxl.jivox.com/tags/sync/usync.php?px=IkovJ4aN Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
adobe-sync.dotomi.com
adservice.google.com
ag.innovid.com
assets.adobedtm.com
bat.bing.com
beacon.krxd.net
beacon.sojern.com
bh.contextweb.com
c.bing.com
c.clarity.ms
c.tvpixel.com
cache.marriott.com
cm.everesttech.net
cm.g.doubleclick.net
cm.ipinyou.com
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
dp-sync.dotomi.com
dpm.demdex.net
dsum-sec.casalemedia.com
e1.emxdgt.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
geolocation.onetrust.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
ipoolside-media.s3.amazonaws.com
js.adsrvr.org
l.clarity.ms
login-ds.dotomi.com
login.dotomi.com
marriottinternationa.demdex.net
match.adsrvr.org
match.rundsp.com
match.sync.ad.cpe.dotomi.com
o436887.ingest.sentry.io
odr.mookie1.com
p.adsymptotic.com
p.tvpixel.com
pixel.rubiconproject.com
pixel.sojern.com
pixel.tapad.com
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.jivox.com
s.pinimg.com
s.tribalfusion.com
s.yimg.com
sc-static.net
secure.adnxs.com
servedby.flashtalking.com
smetrics.marriott.com
snap.licdn.com
sp.analytics.yahoo.com
static.sojern.com
sync-tm.everesttech.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
tr.snapchat.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
westinmauiamenities.247activities.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.18.102.194
104.36.115.109
104.77.220.247
107.178.244.119
107.178.246.49
107.21.103.5
108.138.113.246
13.107.42.14
142.250.72.98
142.251.40.230
142.251.40.98
143.204.138.162
151.101.2.49
159.127.42.233
18.207.40.242
192.40.39.223
198.148.27.140
20.120.65.166
20.221.206.60
2001:4998:1c:800::1000
209.197.3.19
23.205.57.251
2600:1400:d:5a5::1e80
2600:141b:13::17d7:82d0
2600:141b:9000:39b::1931
2600:1f16:b8a:8e00:5c25:93ca:2bd7:fec6
2600:9000:20ed:4c00:1d:bf0a:0:93a1
2606:4700:4400::6812:230b
2606:4700:4400::ac40:929e
2606:ae80:1471:16::730
2606:ae80:1471:16::820
2607:f8b0:4006:80b::2008
2607:f8b0:4006:816::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::200a
2620:100:a001::c
2620:1ec:21::14
2620:1ec:bdf::38
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.210.121.151
3.218.90.66
3.33.220.150
34.120.195.249
34.235.183.60
34.98.64.218
35.165.158.151
35.168.204.104
35.190.43.134
35.190.52.204
35.190.60.146
35.190.90.30
35.244.188.9
39.106.29.39
44.208.243.83
52.217.89.100
52.27.120.158
54.165.176.140
63.140.38.165
68.67.160.184
68.67.161.208
69.12.8.74
69.173.151.100
76.13.32.146
76.13.32.147
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca0aa40ea2c6f88d0dd4a87d9ba1720dd48ddf9deb829fc88a8506632255634
0de32fcd5f92282882c7bf191393e0d2687b885d9287e105d2155317fefc0977
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
12e0eab796c480420715dc00652b0da2c29dde4d7dc38848f9ab8890bc2f41f2
195f3c8ce18239cd241304be4a02c70892564caf8a139f6035b853fe212bab3a
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
212e15059f12774146ba8a03f4151311984f1141e2758c36703ae60b188496d0
228b1d6634abc2d6314f0591e07c5cd246a7fc071e4c9a592a2bf0e11fe6cd27
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a374138346c7998a3f8ceefd69db0a635a5a4fbbf612075e7992cfc06a4208e
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
2eabf851019fcf849c0b83879c6b8d770755ac74de8fbbf349b0f1b58dade4f2
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2eeac8097b182cc4f0acc02306ce33cfae488986f4943c283b9105c09045c98f
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
36ace21bc8477c7c421e6f69f575c1dbd38ad015f9a55e7e3646b5e4d3007fee
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
379e7f98c1e80a7c67fa2fb417a78711ec0715013509d9eeda3bb0f63549d400
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a7a751bea24d12772dab7d67636353fe49e9162e9d3d58f8b064e974f52d7a5
3b1b0861d4e1a3adf3f4aa76aed0e24c1ce7d42e8f74a81c977eb334b9b9959f
3cb766471eaa9fc03df87f52dd1aba801a8f588d82368e755db5aff211fe2342
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4570b4cd17ccc97e55dcf95508b819f00118c5d1c3dcfaa0ce3fffbc569954b0
4681e73fb1acb65f9ebdd5132b08e8d66cd4d9b94368390fb6e037d9b0d198a7
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4b2745f0acdedc93d4cae2cc31730bac42cd3d655f0392cf6b22e2090ed5e685
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbae8b3d2a71b182f3aab701a08fc3c5f2bf734f9e09605c650b1c6506e9097
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3
510bddbc721cb5ece350098dd2f8d009190c95d2401a8120d6ed7f6ddc22f470
52cbe09b89bce5bb839f80f75cb2fd22047639da1dca6165f32e97d9c53430b1
5307f9b6cf9d538f8f7646f8c5df565d0e8f30d7f61743b51267592c744a5d95
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55b3120c28b94d852e40062bd08ad5ace2d5612bd2f9c2595db725c8e17bc346
5b2d153020b5b31ab714812188fcf3962b8ac202ed1f872df098286e810066f9
61c62822be9730a70b551835b5f252459e3152eaa90fa1799ca7eb3dc2343264
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
636f3309456cd6b374a95f2f382c9a2a491b5b00c10dc95e2b2598c27e04a05e
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65a7e1aa4e343509d6d8d5a3747d45e455a5fb2859822046b5a4b294459fbdff
66ba88875ee6ef3cc340c4675842e2b6efc1e5cd8333ab4d55cad3ac4a18d3fd
67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac
6d891b8d7a5d3aa459be57623da6203de5eafed2c55894a1ff9db3433cea80fd
7316c1dfbc9f061b2280befce5285d9576624d84376031f96583df11d82ea916
7642813721015df7c82c491de0a92bbcab5cbad5aa629b965487ce14d0d542e9
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
78791edc61c96a5ec8159e033473108958108c66296abe6a5b6896040dff9645
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e86f242c78d7fc5f2f67690e5c61192f0f1390c0af6d395b78605843e8bd258
8054f4e3fe5af937cdc5d795f555dae2c1489ce993935b2c0da1ddb9bb8ce183
80797ded2a86cb84cbe55029f07e27d1a30adeed69f30f63ae7a86733e076031
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a
8eca53b8fa4c9fafad07b128b170caf7d8c11128b6e4456eb57d8ac5c7a70232
93786ec2d7a220d718210a8e750ae34fb9d6bf8da97ea3c7519e5a51e5f9be77
93aaeacf0c1506c929f5b9faaf53706d5c581246c6dc5e29a5bebba2ade3729f
942b411921e6de433c0bb708ea74f35aaf8b49a69afd8bca38f2c23cf3bd1e91
972688e6f6c24d2b23019a796b19f90515ba5f4ff744747c072b79fa44de3432
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b567c9ed4ca62f697229d85d59c0c339fe04345475c7cec317f075bad3803b
a545df6f0240b78c951b8451c6b9b1f6e6213861fea83f537aec34872c2e9014
a6ec4c6fcc7d936c0476c591eb2e6361a98f033c0c94335fbdd69f6786e4f90d
ab310cd74f0680f3e9fde909249882b22db8eb55cf4d68562948733a05dca663
ab3791b5b70aa292c0543a1e5474a8d8c60e821369b656acf2e5e929758242c2
af4d505feac5899781b07fb95854d65699ce53df581af93a860c8fba3e7adfd8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b2bd58dae74a73176233e091c18cd2e1c30868a41a82005763d2fd38be2755
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b8e62474b6248efaaeebf5f8edce8384f91c9b08ca028addd69245c09b24389e
b901c4c3109cd2119efb9fdd686c71e2945233348fba0388aaa6d6f2f5a3c7c6
bfad27a34f6e564cfdfc6da5696cd73b60c6ec323fa55a6aa6dc740f43cea3e3
c08a4395f1088ce86fb752496d452e29405179b8bac6e7e116f8ac0de4476b9d
c0c8df384cd69c7f8b0b8d0cb712bb04b8d39adb74be54829c9dab778b7aa8b0
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e
c8694472e09c12a35cdaa905045b6893aede9b4b6f0e0be540b3c200499aefad
cf40a665a18239919e09019a74dcb0802ab9ec89544886f0942b27cbad9c2fc2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d181da61a2436ade40ec7ebdbfa145a9f22e0b75314529209c18b7024a66f19d
d28b8acbb3250e118fbdb30c8a722f32b033e27bfd75ae5126c4fbc08f6ddab8
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
dfad04924be2673b5c72bf4e58bafac42307750f9cf7f46e40cc2ceb7ab9d451
e392b7a34034b4389cb95c6a572e85e577e633b92e737ffb03cd03880bb3c97c
e3adb38c391aafd3c864ecaf1cd70bb4bd986386f5deeeb92839099d1f969e02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d0009981a17c2e5c3b38b3e1940e4874d300065daef0091d50212388764bd4
e57df631ad9ba2b6928e6f483ce0476be634a3be584f095e64b14b434347f882
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f273ee61a3dbd9e361ad35ceaf1bf8d8ae4f45e6759d39154c2cee616860b85f
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f9eca3ca679eb95b1d2adc683e51589e7052aa8add6689abaf4c3aa3cca7e301
fad2b41a387ad2bff0c05ed1475f79529e13a17163eb6e36f8953822d96ded88

westinmauiamenities.247activities.com Open in urlscan Pro 54.165.176.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

74 %HTTPS

32 %IPv6

52 Domains

76 Subdomains

51 IPs

4 Countries

4772 kBTransfer

14377 kBSize

98 Cookies

7 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

westinmauiamenities.247activities.com Open in urlscan Pro
54.165.176.140 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

74 %
HTTPS

32 %
IPv6

52
Domains

76
Subdomains

51
IPs

4
Countries

4772 kB
Transfer

14377 kB
Size

98
Cookies

169 HTTP transactions
0 data transactions