wtimessquare.idaypass.com Open in urlscan Pro
54.196.47.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wtimessquare.idaypass.com/
Effective URL:
https://wtimessquare.idaypass.com/
Submission: On November 06 via api (November 6th 2024, 8:49:32 pm UTC) from US — Scanned from DE

Summary HTTP 170 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 51 IPs in 6 countries across 37 domains to perform 170 HTTP transactions. The main IP is 54.196.47.60, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is wtimessquare.idaypass.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on July 21st 2024. Valid for: a year.

This is the only time wtimessquare.idaypass.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	54.196.47.60 54.196.47.60	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:26d... 2600:9000:26db:1e00:15:dbf7:4c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::ac43:4771	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	16.15.216.37 16.15.216.37	14618 (AMAZON-AES) (AMAZON-AES)
21	2a02:26f0:350... 2a02:26f0:3500:c89::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	54.72.201.156 54.72.201.156	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	72.246.168.84 72.246.168.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:225... 2600:9000:225b:de00:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.173.188.247 18.173.188.247	16509 (AMAZON-02) (AMAZON-02)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	52.201.108.5 52.201.108.5	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42::84 2a04:4e42::84	54113 (FASTLY) (FASTLY)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	63.215.202.140 63.215.202.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1	52.3.166.170 52.3.166.170	14618 (AMAZON-AES) (AMAZON-AES)
9	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
3	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	108.128.49.114 108.128.49.114	16509 (AMAZON-02) (AMAZON-02)
1 1	52.16.193.179 52.16.193.179	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	75.2.57.54 75.2.57.54	16509 (AMAZON-02) (AMAZON-02)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:9000:216... 2600:9000:2165:c000:1d:40aa:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
6 8	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 5	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
7	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.171.122.26 54.171.122.26	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
170	51

25 54.196.47.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-47-60.compute-1.amazonaws.com

wtimessquare.idaypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:1e00:15:dbf7:4c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

libs.fraud.elavon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4771 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.equalweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o436887.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 16.15.216.37 (United States)

ASN14618 (AMAZON-AES, US)

ipoolside-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:26f0:3500:c89::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.201.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-201-156.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 72.246.168.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-84.deploy.static.akamaitechnologies.com

cache.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:de00:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.188.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-188-247.muc50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.108.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-108-5.compute-1.amazonaws.com

pxl.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-nessy-float2.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.166.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-166-170.compute-1.amazonaws.com

jvxpxl.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.49.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-49-114.eu-west-1.compute.amazonaws.com

marriottinternationa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.193.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-193-179.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

smetrics.marriott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.57.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad37daabd18951e96.awsglobalaccelerator.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2165:c000:1d:40aa:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.relay-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.102 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.122.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	idaypass.com wtimessquare.idaypass.com	5 MB
21	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430	164 KB
16	doubleclick.net 6 redirects ad.doubleclick.net — Cisco Umbrella Rank: 150 cm.g.doubleclick.net — Cisco Umbrella Rank: 283 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	6 KB
16	marriott.com cache.marriott.com — Cisco Umbrella Rank: 9808 jvxpxl.marriott.com — Cisco Umbrella Rank: 27092 smetrics.marriott.com — Cisco Umbrella Rank: 10610	316 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	1009 KB
10	amazonaws.com ipoolside-media.s3.amazonaws.com — Cisco Umbrella Rank: 653358	2 MB
8	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 930	7 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 357	317 B
6	equalweb.com cdn.equalweb.com — Cisco Umbrella Rank: 19378	24 KB
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 267	5 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 893 tr6.snapchat.com — Cisco Umbrella Rank: 1360	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
4	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1442 insight.adsrvr.org — Cisco Umbrella Rank: 945 match.adsrvr.org — Cisco Umbrella Rank: 373	7 KB
3	sojern.com static.sojern.com — Cisco Umbrella Rank: 13754 beacon.sojern.com — Cisco Umbrella Rank: 6826 pixel.sojern.com — Cisco Umbrella Rank: 9645	2 KB
3	tvpixel.com c.tvpixel.com — Cisco Umbrella Rank: 9813 p.tvpixel.com — Cisco Umbrella Rank: 2286	32 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 243 marriottinternationa.demdex.net — Cisco Umbrella Rank: 45617	3 KB
2	yieldoptimizer.com tag.yieldoptimizer.com — Cisco Umbrella Rank: 4145	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 11271	128 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1568	585 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 604	1 KB
2	relay-t.io p.relay-t.io — Cisco Umbrella Rank: 50898	5 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	465 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 712	8 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 982	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	79 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	295 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1371	503 B
1	dotomi.com login.dotomi.com — Cisco Umbrella Rank: 2470
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	jivox.com pxl.jivox.com — Cisco Umbrella Rank: 7864	453 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1089	24 KB
1	sentry.io o436887.ingest.sentry.io — Cisco Umbrella Rank: 634433	300 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	elavon.com libs.fraud.elavon.com	130 KB
170	37

	Domain	Requested by
25	wtimessquare.idaypass.com	wtimessquare.idaypass.com
21	assets.adobedtm.com	wtimessquare.idaypass.com assets.adobedtm.com
13	cache.marriott.com	wtimessquare.idaypass.com cache.marriott.com
12	www.googletagmanager.com	www.google-analytics.com assets.adobedtm.com www.googletagmanager.com
10	ipoolside-media.s3.amazonaws.com
8	ct.pinterest.com	wtimessquare.idaypass.com s.pinimg.com
8	ad.doubleclick.net	6 redirects
6	cdn.equalweb.com	wtimessquare.idaypass.com cdn.equalweb.com
5	ib.adnxs.com	2 redirects
4	td.doubleclick.net	www.googletagmanager.com
4	tr.snapchat.com	wtimessquare.idaypass.com sc-static.net
3	px.ads.linkedin.com	1 redirects wtimessquare.idaypass.com
3	adservice.google.com
3	www.google.com	www.googletagmanager.com
3	www.google-analytics.com	wtimessquare.idaypass.com www.google-analytics.com
2	tag.yieldoptimizer.com
2	www.google.de
2	www.facebook.com
2	sp.analytics.yahoo.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	c1.adform.net	2 redirects
2	cm.g.doubleclick.net
2	p.relay-t.io	beacon.sojern.com p.relay-t.io
2	bat.bing.net	bat.bing.com
2	p.tvpixel.com	wtimessquare.idaypass.com
2	match.adsrvr.org	js.adsrvr.org
2	smetrics.marriott.com	assets.adobedtm.com
2	s.yimg.com	wtimessquare.idaypass.com
2	s.pinimg.com	wtimessquare.idaypass.com s.pinimg.com
2	connect.facebook.net	wtimessquare.idaypass.com connect.facebook.net
2	bat.bing.com	assets.adobedtm.com bat.bing.com
2	dpm.demdex.net	wtimessquare.idaypass.com
2	region1.google-analytics.com	www.googletagmanager.com wtimessquare.idaypass.com
1	tr6.snapchat.com	sc-static.net
1	geolocation.onetrust.com	wtimessquare.idaypass.com
1	px4.ads.linkedin.com
1	pixel.sojern.com
1	insight.adsrvr.org	1 redirects
1	cm.everesttech.net	1 redirects
1	marriottinternationa.demdex.net	assets.adobedtm.com
1	jvxpxl.marriott.com
1	beacon.sojern.com	wtimessquare.idaypass.com
1	login.dotomi.com	wtimessquare.idaypass.com
1	snap.licdn.com	wtimessquare.idaypass.com
1	static.sojern.com	wtimessquare.idaypass.com
1	pxl.jivox.com
1	js.adsrvr.org	wtimessquare.idaypass.com
1	sc-static.net	wtimessquare.idaypass.com
1	c.tvpixel.com	wtimessquare.idaypass.com
1	o436887.ingest.sentry.io	wtimessquare.idaypass.com
1	fonts.googleapis.com	wtimessquare.idaypass.com
1	libs.fraud.elavon.com	wtimessquare.idaypass.com
170	52

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.marriott.com
help.marriott.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.idaypass.com Amazon RSA 2048 M03	`2024-07-21` - `2025-08-19`	a year	crt.sh
libs.fraud.elavon.com Entrust Certification Authority - L1K	`2024-04-15` - `2025-05-12`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
equalweb.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
www.marriott.com Entrust Certification Authority - L1K	`2024-09-09` - `2025-10-09`	a year	crt.sh
*.tvpixel.com Amazon RSA 2048 M03	`2024-10-15` - `2025-11-12`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.jivox.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-24` - `2025-06-19`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-21`	5 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-10-31` - `2024-12-18`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2024-08-20` - `2025-09-21`	a year	crt.sh
jvxas.marriott.com Entrust Certification Authority - L1K	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
smetrics.marriott.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-04-27`	a year	crt.sh
p.tvpixel.com Amazon RSA 2048 M02	`2024-02-01` - `2025-03-01`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
p.relay-t.io Amazon RSA 2048 M02	`2024-04-30` - `2025-05-29`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.yieldoptimizer.com Go Daddy Secure Certificate Authority - G2	`2023-12-14` - `2025-01-14`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://wtimessquare.idaypass.com/
Frame ID: 82834ADC7DB492B8035D9941C4F36DB0
Requests: 158 HTTP requests in this frame

Frame: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Frame ID: 7857D613F3F698298CFDF06ACF52248E
Requests: 1 HTTP requests in this frame

Frame: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwtimessquare.idaypass.com%2F&fpc_status=
Frame ID: 4DA70C3C826584D95DCB68581A43CAAB
Requests: 1 HTTP requests in this frame

Frame: https://marriottinternationa.demdex.net/dest5.html?d_nsid=0
Frame ID: 9A336189B7B64C21329CAAEB1DB5D38D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F&upid=byw7ch4&upv=1.1.0&paapi=1
Frame ID: C04267395722295DBC4BF5A9AD4DEB24
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=7a77b409-38e0-45e6-8a2a-a2afebf5c9c8&u_sclid=65ac89c1-be1d-4c14-8de6-37a459c71ffd
Frame ID: 9A5F10A91A7927C66E715C1BDCF81946
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/924374711?random=1730926164159&cv=11&fst=1730926164159&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9189012645&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D
Frame ID: AEACB0E5B55E1E7260E50F6AE0816FEB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwtimessquare.idaypass.com
Frame ID: 9ADFAE6C5272972613049B9A14D077B3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F
Frame ID: 27F53B12DBBC934F1B6D7EFED8F480E2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F
Frame ID: 90531820F74CA2796E68305097B1BF31
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/950378023?random=1730926164395&cv=11&fst=1730926164395&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v868987318za200zb9189012645&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D
Frame ID: 7E239082F1DE853F2620C4EEF0FB494B
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: C62485D656D8F0AFA7A4EAE3123EF017
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

W NEW YORK - TIMES SQUARE

Page URL History Show full URLs

http://wtimessquare.idaypass.com/ HTTP 307
https://wtimessquare.idaypass.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

EqualWeb (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.equalweb\.com.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

170
Requests

95 %
HTTPS

34 %
IPv6

37
Domains

52
Subdomains

51
IPs

6
Countries

9198 kB
Transfer

24850 kB
Size

57
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/place/W+New+York+-+Times+Square/@40.7590779,-73.9857128,18.75z/data=!4m15!1m5!3m4!2zNDDCsDQ1JzMyLjQiTiA3M8KwNTknMDYuMCJX!8m2!3d40.759!4d-73.985!3m8!1s0x89c25855cbd95a7d:0x8521f490bd967c27!5m2!4m1!1i2!8m2!3d40.7593016!4d-73.9855873!16s%2Fg%2F1s04wrnxd
Title: 1567 Broadway, New York, New York, 10036, USA

Search URL Search Domain Scan URL

URL: https://www.marriott.com/en-us/hotels/nycwh-w-new-york-times-square/overview/
Title: Visit hotel website >

Search URL Search Domain Scan URL

URL: https://www.marriott.com/default.mi

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/terms-of-use.mi
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/your-privacy-rights.mi
Title: Your Privacy Choices

Search URL Search Domain Scan URL

URL: https://www.marriott.com/about/privacy.mi
Title: Privacy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://help.marriott.com/s/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wtimessquare.idaypass.com/ HTTP 307
https://wtimessquare.idaypass.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://cm.everesttech.net/cm/dd?d_uuid=74767002622005909070435240007560346813 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZyvWVAAAAN_p1ANe

Request Chain 94

https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F&upid=byw7ch4&upv=1.1.0&paapi=1 HTTP 302
https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F&upid=byw7ch4&upv=1.1.0&paapi=1

Request Chain 104

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CJP2lrnKyIkDFRJNHgIddBAQXQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN HTTP 302
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CJP2lrnKyIkDFRJNHgIddBAQXQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

Request Chain 105

https://ib.adnxs.com/px?id=1565798&t=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1

Request Chain 106

https://ib.adnxs.com/seg?add=29464183&t=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1

Request Chain 111

https://c1.adform.net/serving/cookie/match?cid=d6c030e3-e239-401c-8b62-e452da0b3987&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=d6c030e3-e239-401c-8b62-e452da0b3987&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=3170543564115380853&cid=d6c030e3-e239-401c-8b62-e452da0b3987

Request Chain 114

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1730926164048&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1730926164048&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&e_ipv6=AQI0aZ8WcwF8JAAAAZMDPTnIdyXO-HEZFBV6Gr9hOnjitST2zOEM2_BF6ezR-ULmg-YHWRc

Request Chain 136

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CO_mpbnKyIkDFYRqHgIdeLoLYA;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CO_mpbnKyIkDFYRqHgIdeLoLYA;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=*;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F

Request Chain 138

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CNnvpbnKyIkDFYxFHgIdTAoGtA;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CNnvpbnKyIkDFYxFHgIdTAoGtA;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=*;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F

170 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wtimessquare.idaypass.com/
Redirect Chain

http://wtimessquare.idaypass.com/
https://wtimessquare.idaypass.com/

5 KB
3 KB

418ms
169ms

Document
text/html

54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

1460bf3469f0decae76a2b1432c1dbefbef9643475e8ff97b6e1f19892b6404d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-language: de
content-type: text/html; charset=utf-8
date: Wed, 06 Nov 2024 20:49:20 GMT
expires: Wed, 06 Nov 2024 20:29:20 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Language, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-version: 1730712431
x-xss-protection: 1; mode=block

Redirect headers

Location: https://wtimessquare.idaypass.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 vendor.css
wtimessquare.idaypass.com/css/ 424 KB
122 KB 251ms
250ms Stylesheet
text/css 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

ab066295593b54931f3626321d47be2c5e864721c2e151d0c9a38f8e467e9e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
etag: W/"67220585-6a0f0"
date: Wed, 06 Nov 2024 20:49:20 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 30 Oct 2024 10:08:05 GMT
server: nginx/1.24.0

GET
H2 200 theming.css
wtimessquare.idaypass.com/css/ 501 KB
123 KB 368ms
367ms Stylesheet
text/css 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/theming.css?v=1730712431

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

845f8de0271cb49d747de3ce216d1f025c4dfd406d4abbb0e1d62a21c5be7c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
etag: W/"67220585-7d35a"
date: Wed, 06 Nov 2024 20:49:20 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 30 Oct 2024 10:08:05 GMT
server: nginx/1.24.0

GET
H2 200 theme.css
wtimessquare.idaypass.com/api/css/ 3 KB
1 KB 480ms
479ms Stylesheet
text/css 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/css/theme.css

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

01ce1e6429e6a1fa2d753f6e65c6fec0a20640879b51725d6fa11a986e41f1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:20 GMT
date: Wed, 06 Nov 2024 20:49:20 GMT
x-xss-protection: 1; mode=block
content-type: text/css
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 boot.css
wtimessquare.idaypass.com/css/ 414 KB
84 KB 366ms
365ms Stylesheet
text/css 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/boot.css

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

ef0e3d5d384271257c3e400d910b9aff6ebfa8f3ef368c563cb70b8ea18e3b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
etag: W/"67252450-67781"
date: Wed, 06 Nov 2024 20:49:20 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Fri, 01 Nov 2024 18:56:16 GMT
server: nginx/1.24.0

GET
H2 200 3ds2-web-sdk.min.js Show response
libs.fraud.elavon.com/sdk-web-js/1.2.0/ 130 KB
130 KB 207ms
59ms Script
application/javascript 2600:9000:26db:1e00:15:dbf7:4c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.fraud.elavon.com/sdk-web-js/1.2.0/3ds2-web-sdk.min.js
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:1e00:15:dbf7:4c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a1dce6eeb6dbe84c403811768b526312e32e76a422d0f01bf4a198ca916cd62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-version-id: uk9c0FmyFsNDfzuXcwnHwOzPRNvKWsGV
etag: "85cf8ea2d0a3d1827495cf96302056be"
age: 1941
via: 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 132770
x-amz-cf-id: Rqqqq4pljutoDjB1sVQOmEMydsWd_kbWxf_QYT5TvSePJSIGFUjM_w==
date: Wed, 06 Nov 2024 20:17:00 GMT
content-type: application/javascript
last-modified: Tue, 28 Feb 2023 14:28:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor.js Show response
wtimessquare.idaypass.com/js/ 4 MB
1 MB 479ms
478ms Script
application/javascript 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/js/vendor.js?v=1730712431

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

ad78e8eb18687259ba548b75eba609f28ac8483ce80a86a86b9cbe3c19049b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
etag: W/"67252450-3be5ad"
date: Wed, 06 Nov 2024 20:49:20 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Fri, 01 Nov 2024 18:56:16 GMT
server: nginx/1.24.0

GET
H2 200 main.js Show response
wtimessquare.idaypass.com/js/ 10 MB
2 MB 479ms
479ms Script
application/javascript 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

29181ef676dacfe42e71b28462d2929d4d4806cd33331ff8a76beb5781e3c94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
etag: W/"672894c9-a01dce"
date: Wed, 06 Nov 2024 20:49:20 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 09:32:57 GMT
server: nginx/1.24.0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,600

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:49:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 06 Nov 2024 19:39:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
age: 4752
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 19:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 accessibility.js Show response
cdn.equalweb.com/core/4.5.2/ 43 KB
15 KB 138ms
48ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/core/4.5.2/accessibility.js

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

149fbf15206579ff157a3b578766c3828810b0d3c2cf088aa3ec30f1a7b3dc3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wtimessquare.idaypass.com
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "0b7a6a488dd91:0"
age: 261855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3FSpzUXU3rzA1vIiUokBI9ZEuUK5vUXniYp3Wh8YITpwAGFpMEXt7Xr1LoUhj%2FrWs0gmbGIhaP0kQ1hMxu9GnIQzEZhX%2BeVujqQYAJqVHPYWL%2Fa6OwOSxYArEMlG%2BG68BF5wjIiB8nJAz7u5Fc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=36969&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2217&delivery_rate=105250&cwnd=252&unsent_bytes=0&cid=5313a2ec9852632f&ts=53&x=0"
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: application/javascript
last-modified: Tue, 23 May 2023 07:27:34 GMT
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' ;
cache-control: public, max-age=2204800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: DE
access-control-allow-credentials: true
cf-ray: 8de7f31d68969022-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14064
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
441 B 48ms
47ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1018486057&t=pageview&_s=1&dl=https%3A%2F%2Fwtimessquare.idaypass.com%2F&ul=de-de&de=UTF-8&dt=W%20NEW%20YORK%20-%20TIMES%20SQUARE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=617632889&gjid=560292978&cid=39501880.1730926162&tid=UA-162569320-1&_gid=709960340.1730926162&_r=1&_slc=1&z=519143712

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

68f4d44b056db178a4a5683da873a2c3754afb055d3cea217afdd297b6162bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wtimessquare.idaypass.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:21 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://wtimessquare.idaypass.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 style.css Show response
cdn.equalweb.com/style/ 20 KB
5 KB 49ms
48ms Fetch
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/style.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.5.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afaed7c81302d1a08eef38549fc320ba36f714e366cbfe9ed1a492b98fc51790

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "0777f846fcda1:0"
age: 261854
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hiB8XiYdQ8CoDd49Jkl%2Fd9z1sPHbGUR6dESzeD5J%2FnBsx7sqYLSooaEQZJiZ%2Bct550PGuU5t%2BGiwyKzW%2B%2F6%2FfLGGVCB3xvAyIZfGML6AMudRAN54GLGCDlbv3YEGPAlG652rAuo3O8PhzwZ%2FcWk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=39936&sent=24&recv=17&lost=0&retrans=0&sent_bytes=19197&recv_bytes=2461&delivery_rate=428379&cwnd=256&unsent_bytes=0&cid=5313a2ec9852632f&ts=125&x=0"
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: text/css
last-modified: Sun, 01 Sep 2024 08:14:30 GMT
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' ;
cache-control: public, max-age=2204800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: DE
access-control-allow-credentials: true
cf-ray: 8de7f31dd8eb9022-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4154
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 btncolor.css Show response
cdn.equalweb.com/style/ 105 B
677 B 106ms
106ms Fetch
text/css 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/style/btncolor.css

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.5.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "3f26cd3dfbc1d41:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BD1qO78CNHH2ctKPQ5iMFilqX3MwokUGamn2zoGVnoyk9yWnzDMieOs4rz7sQoLQ%2Bdb9Sc3VKQ3WLl99QeCk%2BFxSO%2FgVgBx3kiIFBfZOf4lhORINni4%2BRNRuomogPQ7wkOweJ%2Bz3paGfCylOcl4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=39744&sent=32&recv=21&lost=0&retrans=0&sent_bytes=23972&recv_bytes=2461&delivery_rate=428379&cwnd=256&unsent_bytes=0&cid=5313a2ec9852632f&ts=183&x=0"
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: text/css
last-modified: Mon, 11 Feb 2019 11:16:31 GMT
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' ;
cache-control: public, max-age=2204800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: DE
access-control-allow-credentials: true
cf-ray: 8de7f31dd8ee9022-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 201
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 en.json Show response
cdn.equalweb.com/assets/locale/ 810 B
860 B 113ms
112ms Fetch
application/json 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/locale/en.json

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.5.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"f45920b9fc61d71:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqM8s4dtxGro%2Bnc5or%2F7YYb%2Fg%2FpOLHSptGIpI3l4HzMelprZUsDf0CfoF51qrbRAKb%2FnRIlBBLW6FPL47sxnOY6Dci8iUAhF6NvSnwte69WKIl5ThTGcQD3G1n%2FuZtpsLHrWKgFw3pyTO4wZMVY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=39744&sent=35&recv=21&lost=0&retrans=0&sent_bytes=24715&recv_bytes=2461&delivery_rate=428379&cwnd=256&unsent_bytes=0&cid=5313a2ec9852632f&ts=188&x=0"
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: application/json
last-modified: Tue, 15 Jun 2021 15:40:09 GMT
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' ;
cache-control: public, max-age=2204800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: DE
access-control-allow-credentials: true
cf-ray: 8de7f31dd8ef9022-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 classManager.js Show response
cdn.equalweb.com/assets/scripts/ 2 KB
2 KB 146ms
68ms Script
application/javascript 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/scripts/classManager.js

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.5.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4abc6dae982d098d315efd0bfa7fa88afe40438acf7a540cc2fce38bc50cb39f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "6c55a6848d0da1:0"
age: 729837
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtnCO41WkX5k2ydIn4JX9EvCb9LyVBN7T3ps9l0WPla%2B2st%2BARsM%2BwIQ4qk6jY9Gb1T339wTWFt8V0LVTdW52UG4lVLTo1x%2BG2ku46qHZSmJ7LYZOFW%2FRODGbd%2FgZDsFjyuLpivoSd4USjQJ76g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=37412&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3985&recv_bytes=2253&delivery_rate=103967&cwnd=252&unsent_bytes=0&cid=63707ce4a71623f0&ts=60&x=0"
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: application/javascript
last-modified: Sun, 07 Jul 2024 08:31:16 GMT
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' ;
cache-control: public, max-age=2204800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: DE
access-control-allow-credentials: true
cf-ray: 8de7f31e5eb7d411-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1068
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
98 KB 151ms
61ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F655SMQDS2&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d201123b79435acabd61f3e6cac057fc511d1fd02ca383f30d84aee05364a17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99175
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 11.svg Show response
cdn.equalweb.com/assets/images/ 1017 B
1 KB 52ms
51ms Fetch
image/svg+xml 2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.equalweb.com/assets/images/11.svg

Requested by

Host: cdn.equalweb.com
URL: https://cdn.equalweb.com/core/4.5.2/accessibility.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247fc189082160e979e84de9e2a591da28319423bc1b706e9a99f2fe3bced7af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"42b27526748d51:0"
age: 261853
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPkCBjQFh98opV7%2B1ZnLRdLzxNZINp9v%2BJ7%2FwrRvd31hIimWK%2F7j%2BMtP01Q15asg6JrFTSOp980C7Jf5VixUoubaO7Gff9B9ue%2Fx7Ol2nHajoNBzKybqjLRCEnEDHtrlJDUZlSGPG2Nta8gCb28%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=39845&sent=38&recv=24&lost=0&retrans=0&sent_bytes=25641&recv_bytes=2527&delivery_rate=428379&cwnd=256&unsent_bytes=0&cid=5313a2ec9852632f&ts=249&x=0"
date: Wed, 06 Nov 2024 20:49:21 GMT
content-type: image/svg+xml
last-modified: Thu, 01 Aug 2019 12:47:47 GMT
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' ;
cache-control: public, max-age=2204800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-client-country: DE
access-control-allow-credentials: true
cf-ray: 8de7f31e99729022-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 fe6322860e55901598c4.woff2
wtimessquare.idaypass.com/css/assets/ 53 KB
54 KB 119ms
119ms Font
font/woff2 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/assets/fe6322860e55901598c4.woff2

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

329411bd81609e0bc23b6e00861122b7627e701ae5f38d96c933afadb43b2afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wtimessquare.idaypass.com
Referer: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
etag: "6513012a-d5a4"
accept-ranges: bytes
content-length: 54692
date: Wed, 06 Nov 2024 20:49:21 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Tue, 26 Sep 2023 16:04:58 GMT
server: nginx/1.24.0

GET
H2 200 9d8649e81e4800425ff0.woff2
wtimessquare.idaypass.com/css/assets/ 372 KB
373 KB 121ms
120ms Font
font/woff2 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/assets/9d8649e81e4800425ff0.woff2

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

b1ab7f5b143326ada33e6390ac30e8910eff824a143f868f2b55a807e65f16f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wtimessquare.idaypass.com
Referer: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
etag: "645b5e5d-5d088"
accept-ranges: bytes
content-length: 381064
date: Wed, 06 Nov 2024 20:49:22 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Wed, 10 May 2023 09:05:33 GMT
server: nginx/1.24.0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 144ms
50ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F655SMQDS2&gtm=45je4au0v9124605564za200&_p=1730926161594&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&ul=de-de&sr=1600x1200&cid=39501880.1730926162&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwtimessquare.idaypass.com%2F&dt=W%20NEW%20YORK%20-%20TIMES%20SQUARE&sid=1730926162&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2648
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F655SMQDS2&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wtimessquare.idaypass.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:22 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 / Show response
o436887.ingest.sentry.io/api/5398649/envelope/ 2 B
300 B 139ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o436887.ingest.sentry.io/api/5398649/envelope/?sentry_key=6ececa1dc2674f34a9478fb7271f037f&sentry_version=7

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
date: Wed, 06 Nov 2024 20:49:22 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 translations Show response
wtimessquare.idaypass.com/api/translations/ 492 KB
145 KB 164ms
164ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/translations/translations?language=de&return_as=dict

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

2e37065f9b9d3f97a3fae828a874d78cb543f3b363c1309e7a5e5efa127d3b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: de
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 06 Nov 2024 20:29:22 GMT
date: Wed, 06 Nov 2024 20:49:22 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Cookie, Accept-Language
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 / Show response
wtimessquare.idaypass.com/api/tags/ 2 B
333 B 175ms
175ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/tags/

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: de
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
referrer-policy: strict-origin-when-cross-origin
allow: GET, HEAD, OPTIONS
x-content-type-options: nosniff
content-length: 2
date: Wed, 06 Nov 2024 20:49:22 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept, Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 6768c1976c2ad78da163.png
wtimessquare.idaypass.com/css/assets/ 538 B
765 B 118ms
118ms Image
image/png 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wtimessquare.idaypass.com/css/assets/6768c1976c2ad78da163.png

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
etag: "6215ea85-21a"
accept-ranges: bytes
content-length: 538
date: Wed, 06 Nov 2024 20:49:22 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 23 Feb 2022 08:04:21 GMT
server: nginx/1.24.0

GET
H/1.1 200
OK MarriottApple57x57.png
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/favicon/ 938 B
1 KB 439ms
181ms Other
image/png 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/favicon/MarriottApple57x57.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2aa45b8303a0d7a102478546b3a0ea86a5aa22838be3aa6da0c4bd40012bebb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: 1RwHakjHwAcf0FHN7GHGuqfbLXp/jFFCBkZF2kEQqRtmy8kSzbt49TlOTk6pwbi1ZuRXK1pMA6TypDAuWgdoykMg+WQUfZLvSA7TeKUpCPg=
ETag: "ae4adb29736c6bc3b5812ee7088592e1"
x-amz-version-id: T2RZipI3wFN6sDd4BaYI8yxPr8Hvc2BQ
x-amz-request-id: X3CC2BJH74SSKYB6
Accept-Ranges: bytes
Content-Length: 938
Date: Wed, 06 Nov 2024 20:49:24 GMT
Last-Modified: Mon, 15 May 2023 17:35:40 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
wtimessquare.idaypass.com/api/tags/categories/ 2 B
333 B 126ms
126ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/tags/categories/

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: de
X-CSRFToken: zt8gRb7xRCyZLdMQlg5EbwHHRJ1scbq7RKfy8KlKbPbbkcpEOr0kOPm3nx0YXKsY
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
mode: same-origin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
referrer-policy: strict-origin-when-cross-origin
allow: GET, HEAD, OPTIONS
x-content-type-options: nosniff
content-length: 2
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept, Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 sites-session Show response
wtimessquare.idaypass.com/api/auth/ 64 KB
13 KB 333ms
333ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/auth/sites-session

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

e87f28c516c3a718744495121d2f3f5f6bc7bd48689df40017e9ad62bdd9d57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
X-CSRFToken: zt8gRb7xRCyZLdMQlg5EbwHHRJ1scbq7RKfy8KlKbPbbkcpEOr0kOPm3nx0YXKsY
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
mode: same-origin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 06 Nov 2024 20:29:23 GMT
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Cookie, Accept-Language
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 9c33516aab48c61e3081.woff2
wtimessquare.idaypass.com/css/assets/ 525 KB
526 KB 119ms
119ms Font
font/woff2 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/assets/9c33516aab48c61e3081.woff2

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wtimessquare.idaypass.com
Referer: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
etag: "6215ea85-8350c"
accept-ranges: bytes
content-length: 537868
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Wed, 23 Feb 2022 08:04:21 GMT
server: nginx/1.24.0

GET
H2 200 1 Show response
wtimessquare.idaypass.com/api/hotel/get-hotel/ 12 KB
5 KB 157ms
157ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/hotel/get-hotel/1

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

639f775b7a630ade2f4e7d0a726079bc49e791ae0262f2f9d13270ffc29adcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
X-CSRFToken: TGoSpkNpMpQ0gqUUpPNN5zvN2ROtYf1VbXvaGT1C6CtcPpxIS0ItISa9yFNZJO3M
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
mode: same-origin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:23 GMT
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 launch-EN3963523be4674e5591a9c4d516697352.min.js Show response
assets.adobedtm.com/ 519 KB
125 KB 198ms
38ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

42eb556748fab66fb88259b02c1f065621f4a06a2ccec56ccfd4b14bf7ef43f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "0c2b26856baa013c542001082a0d512b:1730911182.809252"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 127392
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 login-session Show response
wtimessquare.idaypass.com/api/auth/ 164 B
803 B 164ms
164ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/auth/login-session

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

815845177259fa674dcda05bf0064f22e39ca7451aa464f573749c7f153e40ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
X-CSRFToken: TGoSpkNpMpQ0gqUUpPNN5zvN2ROtYf1VbXvaGT1C6CtcPpxIS0ItISa9yFNZJO3M
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
mode: same-origin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:23 GMT
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 disablefood.css
wtimessquare.idaypass.com/css/ 881 B
639 B 118ms
118ms Stylesheet
text/css 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/disablefood.css?v=2_1

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/vendor.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

78791edc61c96a5ec8159e033473108958108c66296abe6a5b6896040dff9645

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
etag: W/"6215ea85-371"
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: text/css
last-modified: Wed, 23 Feb 2022 08:04:21 GMT
server: nginx/1.24.0

GET
H2 200 1 Show response
wtimessquare.idaypass.com/api/palapa/booking/get-booking-values/ 10 KB
3 KB 216ms
216ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/palapa/booking/get-booking-values/1

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

d431a1bea049c7cde596966313cb6264cc9e0ebe24322f96763d2f9d50054620

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
X-CSRFToken: PbcBdZBCI9q6KAwKZunb8NiObKWaiD5b7sjTuyPP2m3ijz9ysFiRL6XaHyVG3c72
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
mode: same-origin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:23 GMT
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 id Show response
dpm.demdex.net/ 5 KB
2 KB 185ms
64ms XHR
application/json 54.72.201.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&ts=1730926163638

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.72.201.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-201-156.eu-west-1.compute.amazonaws.com

Software

Resource Hash

31dac5db579ff87171e5dc80096f53f332c47f4db7bd64839030240322d638b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v068-0b0a78a44.edge-irl1.demdex.com 11 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: 59ieZZsIShE=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 1735
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/json;charset=utf-8
vary: Origin

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 34 KB
13 KB 38ms
38ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "72404253c27255247028f0ba11022cf8:1559603012"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 12916
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC29ff55524bbe44d8900405f4f383bcbd-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 573 B
623 B 39ms
38ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC29ff55524bbe44d8900405f4f383bcbd-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

56edcce22cf5108db3c8084fb42c5750a89f2e209761cc208307176f90fd1929

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 335
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC6346233ab31d4757bfe2413caf05d420-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 2 KB
1 KB 41ms
41ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC6346233ab31d4757bfe2413caf05d420-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

e266f7448ec14c233e0e9b92b6e8270a37e9fbfda62022949989d005c20927fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 1047
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC247e3a7b160042e59768c9f337b1c0d8-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 3 KB
1 KB 38ms
38ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC247e3a7b160042e59768c9f337b1c0d8-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

3fad006c469f982166a48dc2c9297c506bb4b132dabb117a985275754a1dc3a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 797
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 422 B
557 B 40ms
40ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCb500618f5ce84b22ac56f249cbc4d22d-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

dd85a2b2658e24fa2db14b8b90985f787bc0b3935ddf8ac8b42a76373e512580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 270
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fdac922e21fafc6832815aecb44b417a6073ebc1e1b2215a1e264316d89504c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82866
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 RC157b8197209f4066a43a359133c28600-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 4 KB
1 KB 47ms
46ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC157b8197209f4066a43a359133c28600-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

34879a34f205cdac81574bc8a729d54ed7f6770c05847352fa925cbd76b14481

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 949
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCd27fea974d354655821709a78f4b1dd2-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 2 KB
922 B 39ms
39ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCd27fea974d354655821709a78f4b1dd2-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

5a1216d11e2fba3c5157c0ca95899fc1d19a9749fa3b1fc7c5cd4db834e37c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 634
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCef41c43fe2e74124bd2ff1dbf34b03fd-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 1 KB
909 B 39ms
39ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCef41c43fe2e74124bd2ff1dbf34b03fd-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

71c7fba3eac44436b09a1832e4f42793dbe61479cb5cbcf9ad26cbc83a8f875e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 622
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC9cb1ec8ecf2a461187113443b47b5896-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 1 KB
1004 B 39ms
39ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

bb9d9e64821aa32f205cbe5f2781ca5c7fd203ead988e73323f9d10a954587d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 716
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC7f291fe33c3c4bf1af3c7f36b2a8c7e3-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 1 KB
938 B 45ms
45ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC7f291fe33c3c4bf1af3c7f36b2a8c7e3-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

7e8a5143da6b8b8a2c3580f709d2aa735d5cbbd074f4a94bbd01e0733a3509e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 650
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 199ms
63ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5254522147044959B9222F59A2EBC9F5 Ref B: FRA31EDGE0518 Ref C: 2024-11-06T20:49:23Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 RCb6c3578477864b5583591694fb0c7548-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 4 KB
1 KB 65ms
65ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCb6c3578477864b5583591694fb0c7548-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

0807fa8baed2f7938346633b61e706e4c08e9760c57d339d92e91c5f4a04aa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 1131
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 2 KB
1015 B 65ms
65ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

03cfeab77ae89feafb1baaacbdece4080066010d7643eb9880f948d6c912f4ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 727
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCc37891c0d65e4f2581d609fc16498257-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 548 B
585 B 68ms
68ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCc37891c0d65e4f2581d609fc16498257-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

fae292c56f0ba34ad22703b446d30e97ec101dfba1a5657bab60cbb6f3d00b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 297
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCb70d7bef713543b09b57afbc6f9e056a-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 3 KB
1 KB 65ms
65ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCb70d7bef713543b09b57afbc6f9e056a-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

164db006110a8216f385e43f672709644c6487e6d0edb010cf398ecbfef4fc7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 1098
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 776 B
785 B 74ms
74ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

47cd76ff474afbe3fd2927514df932b704677377de742e1794c214e590a22aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 497
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 2 KB
1 KB 68ms
68ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

14849795f2342b3b0cc2b70c26a4298856acbbd78cc6f3529db84dfabf9b421e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 905
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 648 B
697 B 67ms
67ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

0ac5a43bd1498cea1f7899f761cbe21cd8a0a540bf2394bc5fe459f258d97aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 410
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RC5144740cc710431e95a7dd7c05b8b386-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 1 KB
966 B 71ms
71ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RC5144740cc710431e95a7dd7c05b8b386-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

a3a7843072d6183c555fac74191b3f39d982388798455306030d78464238830c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 678
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 RCc3f4828f094d492b8356f158534742f5-source.min.js Show response
assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/ 3 KB
1 KB 66ms
66ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/697d0c070f1e/d405339bb010/3142b8d1ae90/RCc3f4828f094d492b8356f158534742f5-source.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

dacc6ca3b43fcebe51561c46b183860e141dfea219a084a1e08386859987da9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "1c380a7a8a301deec861f159e76c9da4:1730911185.685967"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 989
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Wed, 06 Nov 2024 16:39:45 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/ 25 KB
9 KB 40ms
37ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 21:49:23 GMT
accept-ranges: bytes
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 8640
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 otSDKStub.js Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/ 21 KB
7 KB 298ms
94ms Script
application/x-javascript 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/otSDKStub.js?7396044833951521
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=2362466
content-encoding: gzip
etag: "0cd317a7b9c520801230e944f7d50e41:1714414240.52386"
expires: Wed, 04 Dec 2024 05:03:49 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6862
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Apr 2024 18:10:40 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 privacyoptions29x14.png
cache.marriott.com/aka-fonts/ccpa/ 446 B
654 B 292ms
88ms Image
image/webp 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.marriott.com/aka-fonts/ccpa/privacyoptions29x14.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 70b48751ed188f249e4bcf1937413d480f6787e589bf8dd50cf245de1403f350

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: private, no-transform, max-age=1811865
etag: "3becc0b0069622544a1ffb2da90eebe3:1709836376.622396"
expires: Wed, 27 Nov 2024 20:07:08 GMT
access-control-allow-origin: *
content-length: 446
date: Wed, 06 Nov 2024 20:49:23 GMT
last-modified: Thu, 03 Oct 2024 08:09:23 GMT
content-type: image/webp
server: Akamai Image Manager

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 164ms
50ms Script
application/javascript 2600:9000:225b:de00:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:de00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-cf-pop: MUC50-P1
content-encoding: gzip
x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
etag: W/"08e770c8a17bf087d50cec01af0892c2"
age: 67704
via: 1.1 47755cdb8b36419a04f12ee3c24f7fae.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: j7nutS8h0UcfuihdFNjLOjfa1Zd3RVimEYs27d2_YpKpOn0SD9VIGg==
date: Wed, 06 Nov 2024 02:01:04 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Thu, 16 Sep 2021 18:14:59 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 188ms
73ms Script
application/javascript 18.173.188.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.188.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-188-247.muc50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6809abca6a41d3fda45b365d00b7683beb23de1a7e14c7b09357a60306ad3bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 3a5ebe10b769db9444c2df2c2e8a76a8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23688
x-amz-cf-id: JxM_8ubYGBUHM6tYYzqPxIKPa_rjo-TAe3vzlRxSZ3SLDZqVvyHnJg==
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: MUC50-P4
server: CloudFront
access-control-allow-headers: Content-Type

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 84ms
40ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-c1UCtgZW' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-c1UCtgZW' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4425, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: mWJtuz1p49DmoapQMbwZLeas9xCO7cedN9uRCD3nJl8+yx7DYsmjLBMK3bANBKZkEPZklZ3jUSJl0ReYRcGU8g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 156ms
44ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"407149e43d6d6f4c2458e9179af5b3a2"
Age: 40464
Connection: keep-alive
Via: 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: -tNGXtLiDhSM16pQogR4XHGE3zbQlso94m2fw4-z_vvk1SqdiPCKOw==
Date: Wed, 06 Nov 2024 09:35:00 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 16:18:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 get-services Show response
wtimessquare.idaypass.com/api/service/ 51 KB
8 KB 210ms
209ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/service/get-services?serviceparent_id=&active=1&include_service_type=true&for_home=true&simple_menu=true

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

6bfefa8525dd424aece1f6e1bac4fd6e8fef2b13579bf09a4d58debf29afc096

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:23 GMT
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

POST
H2 200 user-cart Show response
wtimessquare.idaypass.com/api/cart/ 220 B
528 B 312ms
307ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/cart/user-cart

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

3b2e183cd3ed235b8dca670058e1d59c4ccce8c519f4d409e7ce67d917cd0151

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
X-CSRFToken: PbcBdZBCI9q6KAwKZunb8NiObKWaiD5b7sjTuyPP2m3ijz9ysFiRL6XaHyVG3c72
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
mode: same-origin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:23 GMT
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK wh_logo_L_W.webp
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/dashboard_logo/ 3 KB
3 KB 144ms
142ms Image
application/octet-stream 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/dashboard_logo/wh_logo_L_W.webp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae094581b02078545d1307829acbc067667d89a8ee4f334b767dfc82152844fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: +OgWVQhQmhKRbDylygAhwoiTJ/JMNN96pcvHg6ESnciTvVseYkEU4xLv7h+C7CBr+DlZ3I+FVBpQkP2roYua7v7Csndyc3f/yv4Br+PEsuM=
ETag: "d501f38a152d96ba6541b9938418a8d0"
x-amz-version-id: OHEu9w_UB52Cfs6mbjFCmXXBNFs68I1f
x-amz-request-id: X3CCBA6CWR8FW6VD
Accept-Ranges: bytes
Content-Length: 2718
Date: Wed, 06 Nov 2024 20:49:24 GMT
Last-Modified: Mon, 15 May 2023 17:38:21 GMT
Content-Type: application/octet-stream
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK BONVOY_LOGO_2C_REV_TM_RGB.png
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/dashboard_right_logo/ 10 KB
10 KB 296ms
149ms Image
image/png 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/dashboard_right_logo/BONVOY_LOGO_2C_REV_TM_RGB.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8616c6ac715b0b422786930a6e6a969bb192ccedb206fb62ec977d133e5c96e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: oh22yECNH+yqxjCAJL/xznR+NWijcxbceYP+HIL+346vAqn3FltmdiieugqnTSzsKHwNPhSCXqcgnDobyGqbQtNyInvoBZaF+RB1bOGJN88=
ETag: "ed15ba8332df3c3d591e811fa0eb0f31"
x-amz-version-id: r5sbhNZuRTdTWpnY64TjJ5ZuF8454KF7
x-amz-request-id: X3C9GEC3JP72TWCT
Accept-Ranges: bytes
Content-Length: 10155
Date: Wed, 06 Nov 2024 20:49:24 GMT
Last-Modified: Mon, 15 May 2023 17:36:07 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6d63d0501e5ed7b79dab.woff2
wtimessquare.idaypass.com/css/assets/ 118 KB
119 KB 122ms
121ms Font
font/woff2 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/assets/6d63d0501e5ed7b79dab.woff2

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/css/boot.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wtimessquare.idaypass.com
Referer: https://wtimessquare.idaypass.com/css/boot.css

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
etag: "64819b04-1d9fc"
accept-ranges: bytes
content-length: 121340
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: font/woff2
last-modified: Thu, 08 Jun 2023 09:10:28 GMT
server: nginx/1.24.0

GET
H2 200 reserve Show response
wtimessquare.idaypass.com/api/palapa/booking/ 52 B
453 B 223ms
221ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/palapa/booking/reserve?booking_id=0&keep_price=1

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

4dbae8b3d2a71b182f3aab701a08fc3c5f2bf734f9e09605c650b1c6506e9097

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
X-CSRFToken: PbcBdZBCI9q6KAwKZunb8NiObKWaiD5b7sjTuyPP2m3ijz9ysFiRL6XaHyVG3c72
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
mode: same-origin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:23 GMT
date: Wed, 06 Nov 2024 20:49:23 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H2 200 get-services Show response
wtimessquare.idaypass.com/api/service/ 51 KB
8 KB 408ms
200ms XHR
application/json 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/api/service/get-services?serviceparent_id=&active=1&include_service_type=true&for_home=true&simple_menu=true

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

6bfefa8525dd424aece1f6e1bac4fd6e8fef2b13579bf09a4d58debf29afc096

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Language: en
Referer: https://wtimessquare.idaypass.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
x-version: 1730712431
cache-control: no-cache, no-store
content-encoding: gzip
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 20:29:24 GMT
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 1; mode=block
content-type: application/json
vary: Accept-Language, Cookie
server: nginx/1.24.0
content-language: de
x-frame-options: SAMEORIGIN

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 39ms
38ms Image
image/gif 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1018486057&t=pageview&_s=2&dl=https%3A%2F%2Fwtimessquare.idaypass.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=W%20NEW%20YORK%20-%20TIMES%20SQUARE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=&gjid=&cid=39501880.1730926162&tid=UA-162569320-1&_gid=709960340.1730926162&cd1=&cd2=W%20NEW%20YORK%20-%20TIMES%20SQUARE&z=1413743407

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

age: 18189
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 15:46:14 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H/1.1 200
OK nycwh-exterior-1201-hor-clsc.jpg
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/dashboard_hotel/ 259 KB
259 KB 387ms
186ms Image
image/jpeg 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/dashboard_hotel/nycwh-exterior-1201-hor-clsc.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ceb18be4f71464b6cef1dbbd39472e8ffa9edafec1cfe3c3ba584ba38839ef18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: ca6Ul9RYYqxo02W4Y5a98qGW87SfbW3au/yp/2Tu6F67GyoUwMexbw9jkPeWOxNJuwrY7ENT+EN6UqmXc40dquksH2/cZ4TviKUXnlpTG+o=
ETag: "249684097088cfa9a78676c669361b6a"
x-amz-version-id: 1Vtah6aclsywWO9V7gC8Pb_I_yKxWScR
x-amz-request-id: HVHTA13YSZ9E6QPW
Accept-Ranges: bytes
Content-Length: 264924
Date: Wed, 06 Nov 2024 20:49:25 GMT
Last-Modified: Mon, 15 May 2023 17:36:41 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pxrc.php
pxl.jivox.com/tags/re/ 43 B
453 B 423ms
131ms Image
image/gif 52.201.108.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pxl.jivox.com/tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=N/A&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=wtimessquare.idaypass.com/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.108.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-108-5.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: image/gif
server: Jetty(9.4.39.v20210325)
access-control-allow-headers: content-type

GET
H2 200 mhotels.html
static.sojern.com/marriott/ Frame 7857 0
0 193ms
35ms Document
text/html 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 2258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: br
content-length: 7666
content-type: text/html
date: Wed, 06 Nov 2024 20:11:45 GMT
etag: W/"5f911f31aea3366d574d9075f54710c8"
expires: Wed, 06 Nov 2024 21:11:45 GMT
last-modified: Fri, 26 Jul 2024 10:40:38 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1721990438751319
x-goog-hash: crc32c=DrNzVA== md5=X5EfMa6jNm1XTZB19UcQyA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26459
x-guploader-uploadid: AHmUCY1W3Qg1MAqHoOti6UStzscztyJEkVhrGpkEifkQ4_lFqhkcu1VcAO6zEsofy4tvLa6O7GI

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 227ms
64ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=11418
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Wed, 06 Nov 2024 20:49:23 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 230ms
67ms Script
application/javascript 2a04:4e42::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82750f27be03d4b9e57a91dfa19180873ddbb22dd81aba6854dd7b7ea08c1e9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "ff059a8682cea8fb697d8b71b2e62b93"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1879
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 199ms
37ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
etag: "bc033c3a83e1880e480086bf11ac0b0a-df"
x-amz-version-id: JRuD6BVFDpXh1T7iUrCVWNpcX_ACBwVG
age: 2056
date: Wed, 06 Nov 2024 20:15:08 GMT
last-modified: Wed, 28 Aug 2024 12:33:10 GMT
vary: Origin, Accept-Encoding
x-amz-expiration: expiry-date="Fri, 03 Oct 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type: application/javascript
x-amz-id-2: tgV7JRPPPrnI/lGubtsVdqiCJ8ZxH5hgcDLwME9S8efsNgMFgtRMd+akSOGZUXM+wtSwb3qxp1O+dx113qb7og==
strict-transport-security: max-age=31536000
cache-control: public,max-age=3600
ats-carp-promotion: 1, 1
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: WNJDXA9NJNEGJZA5
accept-ranges: bytes
content-length: 6826
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 UCMController
login.dotomi.com/ucm/ Frame 4DA7 0
0 260ms
114ms Document
text/html 63.215.202.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fwtimessquare.idaypass.com%2F&fpc_status=
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-nessy-float2.dotomi.com
Software: nginx /
Resource Hash

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 181
content-type: text/html
date: Wed, 06 Nov 2024 20:49:23 GMT
expires: 0
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow

GET
H2 200 140436 Show response
beacon.sojern.com/pixel/p/ 5 KB
1 KB 173ms
56ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fwtimessquare.idaypass.com%2F&cid=
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 620292c706dc2569ba5dfb3127de87f03c772fe48a29bfeb836827390f79584f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1028
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-expires: 0

GET
H2 200 pxrc.php
jvxpxl.marriott.com/tags/re/ 43 B
454 B 497ms
138ms Image
image/gif 52.3.166.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jvxpxl.marriott.com/tags/re/pxrc.php?px=nmqnUipTo43by7&ret=img&cData=N/A&px_gA2V6weHmbE0kX=N/A&px_VN9UYLBnPmZRT3=Placeholder_1&px_RfhvJOfVi0k0ib=N/A%20&px_dHFTxmPEkfwIqC=1&px_QM6nmyio6tmtv7=wtimessquare.idaypass.com/&px_nKN36pA0Ug7YPn=N/A&px_SZFcf8KiSk0A2R=1&px_5Dt68OUOhPgTvZ=1&px_NlnQNfcLkGTbTv=N/A&px_owu8FfhO0SEcKu=N/A&px_8Rr6pIQc4nSUJz=N/A&px_gmHzp9o9vaI22h=%27%27&px_t9htmmuRzKANGT=N/A&px_kLwVqUWkEmbpIL=N/A&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.166.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-166-170.compute-1.amazonaws.com
Software: Jetty(9.4.39.v20210325) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: image/gif
server: Jetty(9.4.39.v20210325)
access-control-allow-headers: content-type

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
82 KB 151ms
150ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-1359549&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

972670964765920ff0c87aed2613cf09ce2e920b78ca4153d54c234df024f1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 83631
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
87 KB 154ms
153ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

58e5fd5fdc433a0d63fb56c16a7354adb2c2c6560316058ebddbfaab7c8451b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89212
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
93 KB 65ms
64ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4ab99c5f1dd5c8659f53fb22be0002378e5364d194877b7c15b6ef202b535b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95256
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
93 KB 127ms
126ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9035495&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b178a094aa675818c30336b05f33281544ac8ebf46773e8c9e0342efe77466be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95646
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 96ms
95ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-366134444&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8a3c0e393f9218f4f23b69d934656e6254a38fad195f98a63878d1b5c940ae32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92488
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 362 KB
120 KB 153ms
152ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1LXTBF5X2V&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

313ca7f9de7305682b30b4d59749ad39d4e4ecfca3ca3a84bd91c22864b61413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 122367
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 121ms
120ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981033382&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

acf810119d93e7f8635d3377ffb33293e0227109d3961b2da444f179a98bfa2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92501
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 85ms
84ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-941002199&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

20701e0d48d0c18cded6071c8f337091ef965629f1bfed00afc9651565a78955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89396
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 154ms
153ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-370803186&l=dataLayerB&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c0ed76555f0c56b40626bae8cf00b9b2aaf26a9dbbe1d2e3b65bec71f55c707c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 06 Nov 2024 20:49:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 06 Nov 2024 19:52:02 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89399
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 184ms
76ms Ping
text/plain 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwtimessquare.idaypass.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1892272941.1730926164&auid=1578195551.1730926164&npa=1&gtm=45fe4au0v9189012645za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&tft=1730926163805&tfd=3695&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4532766&l=dataLayerB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

GET
H2 200 dest5.html
marriottinternationa.demdex.net/ Frame 9A33 0
0 182ms
63ms Document
text/html 108.128.49.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://marriottinternationa.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.128.49.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-49-114.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 06 Nov 2024 20:49:23 GMT
dcs: dcs-prod-irl1-2-v068-0ba304b6d.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 5 Nov 2024 09:35:13 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: sfeDIZ/3Rlw=

GET
H2

200

ibs:dpid=411&dpuuid=ZyvWVAAAAN_p1ANe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=74767002622005909070435240007560346813
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZyvWVAAAAN_p1ANe

42 B
714 B

59ms
58ms

Image
image/gif

54.72.201.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZyvWVAAAAN_p1ANe

Protocol

Server

54.72.201.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-201-156.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v068-0256c0b57.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: 4SdctaL2STA=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZyvWVAAAAN_p1ANe
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Wed, 06 Nov 2024 20:49:24 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H3 200 836072006419889 Show response
connect.facebook.net/signals/config/ 88 KB
18 KB 313ms
312ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/836072006419889?v=2.9.176&r=stable&domain=wtimessquare.idaypass.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

180fa4a7c18fbb8dc8747ed85b955d8644c60f7db15710f8935a502664c4dff9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-92K1ZUCd' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-92K1ZUCd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=76, mss=1232, tbw=70249, tp=65, tpl=0, uplat=273, ullat=0
pragma: public
x-fb-debug: VNG/oF+u+LF8+XYn/ypt+1ZmUm4HBdPk05QGAS+NNMw4RLuBcBkQV9/0CC6AQgcZbQ6ceOmMl6LKUOHkXTA9gg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 s07364160170711 Show response
smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LEWM/ 5 KB
6 KB 222ms
80ms Script
application/x-javascript 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LEWM/s07364160170711?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=6%2F10%2F2024%2021%3A49%3A23%203%20-60&d.&nsid=0&jsonv=1&.d&mid=74681112187210332980462978681894040276&aamlh=6&ce=UTF-8&pageName=wtimessquare.idaypass.com%2F&g=https%3A%2F%2Fwtimessquare.idaypass.com%2F&cc=USD&v0=Unpaid%20Referrals%3A%20Typed%2FBookmarked&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=No%20Site%20ID&c8=D%3Dv15&c26=Launch&v41=No%20Site%20ID&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=wtimessquare.idaypass.com%2F&v237=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

f05d606520a925d806abe5f14bf2c8f2444be06370b26964b5b92bac2e35f27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-aam-tid: xWmGLZocQwA=
etag: 3717135633589469184-4618249976762914224
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 20:49:24 GMT
p3p: CP="This is not a P3P policy"
date: Wed, 06 Nov 2024 20:49:24 GMT
last-modified: Thu, 07 Nov 2024 20:49:24 GMT
vary: *
content-type: application/x-javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
dcs: dcs-prod-irl1-1-v068-01eacaab5.edge-irl1.demdex.com 9 ms
pragma: no-cache
access-control-allow-origin: *
content-length: 5422
x-xss-protection: 1; mode=block
server: jag

GET
H2 200 5140893.js Show response
bat.bing.com/p/action/ 363 B
413 B 70ms
68ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5140893.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8D5951D86354CDDBF5D3BEA89A1616D Ref B: FRA31EDGE0518 Ref C: 2024-11-06T20:49:23Z
x-cache: CONFIG_NOCACHE
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame C042
Redirect Chain

https://insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F&upid=byw7ch4&upv=1.1.0&paapi=1
https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F&upid=byw7ch4&upv=1.1.0&paapi=1

0
0

68ms
62ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F&upid=byw7ch4&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Wed, 06 Nov 2024 20:49:24 GMT
server: Kestrel

Redirect headers

content-length: 301
date: Wed, 06 Nov 2024 20:49:24 GMT
location: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F&upid=byw7ch4&upv=1.1.0&paapi=1
server: Kestrel

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
295 B 370ms
127ms XHR
text/plain 75.2.57.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.57.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad37daabd18951e96.awsglobalaccelerator.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 2
date: Wed, 06 Nov 2024 20:49:24 GMT
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 368ms
127ms Preflight 75.2.57.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.57.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad37daabd18951e96.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://wtimessquare.idaypass.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://wtimessquare.idaypass.com
access-control-max-age: 600
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.json Show response
tr.snapchat.com/config/com/ 2 KB
864 B 303ms
171ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96.json?v=3.33.2-2411010127

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

a56c17631640f1b0f23f489807bb99694935d75d9ff6d56e19d83276f14d8223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
x-envoy-upstream-service-time: 121
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://wtimessquare.idaypass.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/json
vary: Accept-Encoding
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 9A5F 0
0 175ms
50ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=7a77b409-38e0-45e6-8a2a-a2afebf5c9c8&u_sclid=65ac89c1-be1d-4c14-8de6-37a459c71ffd

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 06 Nov 2024 20:49:24 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 204 0
bat.bing.net/actionp/ 0
119 B 239ms
80ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=5140893&tm=al001&Ver=2&mid=f9e7b6bb-e427-4af9-9e33-8d86190d977e&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D73C1650F3D14606BE71923EAA900167 Ref B: FRA31EDGE0507 Ref C: 2024-11-06T20:49:24Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 06 Nov 2024 20:49:23 GMT

GET
H2 204 0
bat.bing.net/action/ 0
346 B 242ms
79ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=5140893&tm=al001&Ver=2&mid=f9e7b6bb-e427-4af9-9e33-8d86190d977e&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=W%20NEW%20YORK%20-%20TIMES%20SQUARE&p=https%3A%2F%2Fwtimessquare.idaypass.com%2F&r=&lt=2792&pt=1730926160111,,,,,0,1,14,14,249,129,249,417,421,427,2657,2657,2670,2791,2791,2792&pn=0,0&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=750503
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94DF3EA0BCF94DAAA0F2BB95E1115E58 Ref B: FRA31EDGE0507 Ref C: 2024-11-06T20:49:24Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 06 Nov 2024 20:49:23 GMT

GET
H2 200 405909.json Show response
s.yimg.com/wi/config/ 45 B
548 B 233ms
149ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/405909.json

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

da976af5823bc6ad759c9700904641c456b3c4df1ce61a333ab94187facbb2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

etag: "f9ee6d44023afc8b693f8213c7b8cd9e"
x-amz-version-id: UsJMOq991guhh4u3fHhx4a.BIxcq_8yw
age: 0
access-control-allow-methods: GET
date: Wed, 06 Nov 2024 20:49:25 GMT
last-modified: Wed, 06 Nov 2024 15:55:15 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-expiration: expiry-date="Fri, 12 Dec 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type: application/json
x-amz-id-2: GaoOLo/FjZ58GLHeF8a36hdQnBM/O8f0ExjJXjxyu3WM2mW+TnoSn9ZX7ru9NQK2tSyo2eq/bMY=
strict-transport-security: max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: HVHKG2SG3VRVWFAN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 main.be180668.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 73ms
54ms Script
application/javascript 2a04:4e42::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.be180668.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3afb9988267a380488bd5d0cc82ef645c2c96093316c97c10b636a8c09b0682b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "826854c5f0c7214ebf36eaa3251aac05"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23668
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 wh.js Show response
p.relay-t.io/ 4 KB
5 KB 248ms
128ms Script
application/javascript 2600:9000:2165:c000:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/wh.js

Requested by

Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fwtimessquare.idaypass.com%2F&cid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2165:c000:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

etag: "53ab807de88f695459be24327e46aad6"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: 1s-UmAnXyUoKrZEhSsve3LoOGGQ0vhc4gxBZYinGT2Abi5E1TmhIsw==
date: Wed, 06 Nov 2024 20:49:25 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 13:34:04 GMT
vary: Origin
x-frame-options: SAMEORIGIN
x-amz-meta-content-type: application/javascript
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4196
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3

200

;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CJP2lrnKyIkDFRJNHgIddBAQXQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
https://ad.doubleclick.net/ddm/activity/src=4810757;dc_pre=CJP2lrnKyIkDFRJNHgIddBAQXQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_...
https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CJP2lrnKyIkDFRJNHgIddBAQXQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_d...

42 B
63 B

169ms
89ms

Image
image/gif

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CJP2lrnKyIkDFRJNHgIddBAQXQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 06 Nov 2024 20:49:24 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"13795033734490361433"}],"aggregatable_trigger_data":[{"filters":[{"14":["7697247"]}],"key_piece":"0x3fdcb7b23c0f2efe","source_keys":["12","13","14","15","16","17","18","19","20","21","22940336","22940337","22940338","22940339","22974100","22974101","22974102","22974103","642845544","642845545","642845546","642845547","642879252","642879253","642879254","642879255"]},{"key_piece":"0xdce5b1984cfe9717","not_filters":{"14":["7697247"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22940336","22940337","22940338","22940339","22974100","22974101","22974102","22974103","642845544","642845545","642845546","642845547","642879252","642879253","642879254","642879255"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22940336":38,"22940337":38,"22940338":38,"22940339":3739,"22974100":131,"22974101":131,"22974102":131,"22974103":12713,"642845544":46,"642845545":46,"642845546":46,"642845547":4540,"642879252":109,"642879253":109,"642879254":109,"642879255":10594},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"7835221601438655903","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13795033734490361433","filters":[{"14":["7697247"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"13795033734490361433","filters":[{"14":["7697247"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"13795033734490361433","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"13795033734490361433","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4810757"]}}
content-type: image/png
cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=4810757;dc_pre=CJP2lrnKyIkDFRJNHgIddBAQXQ;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https://wtimessquare.idaypass.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=UNKNOWN
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/px?id=1565798&t=1
https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1

0
1 KB

50ms
48ms

Image
application/javascript

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.122; 80.255.7.122; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 1ecbb722-a0a3-41fc-a4be-af93b4e3d9f8
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 80.255.7.122; 80.255.7.122; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 3e7b458f-bb16-4c63-abda-977d58f645d9
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://ib.adnxs.com/seg?add=29464183&t=1
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1

0
1 KB

50ms
50ms

Image
application/javascript

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.122; 80.255.7.122; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: efd9fd16-641c-4fa2-94d1-760cfd478e77
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.122; 80.255.7.122; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: cec79916-cff1-4223-a5b5-771552fa723f
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 156ms
54ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=ZDZjMDMwZTMtZTIzOS00MDFjLThiNjItZTQ1MmRhMGIzOTg3&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=X9DIUgc2qTXqyV_VQ5xvJq8PWc3170MxaQu3GF1aIPc3oJUj7e6D9k1NwyRDEmC-&sjrn_pid=140436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 81ms
60ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_hm=ZDZjMDMwZTMtZTIzOS00MDFjLThiNjItZTQ1MmRhMGIzOTg3&google_nid=sojern_adh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 getuidnb
ib.adnxs.com/ 43 B
698 B 49ms
49ms Image
image/gif 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=X9DIUgc2qTXqyV_VQ5xvJq8PWc3170MxaQu3GF1aIPc3oJUj7e6D9k1NwyRDEmC-

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.122; 80.255.7.122; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 800964b1-23d2-444b-a7b1-a395b707c891
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
149 B 189ms
62ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=X9DIUgc2qTXqyV_VQ5xvJq8PWc3170MxaQu3GF1aIPc3oJUj7e6D9k1NwyRDEmC-&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-length: 70
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: image/gif
server: Kestrel

GET
H2

202

adf
pixel.sojern.com/idsync/
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=d6c030e3-e239-401c-8b62-e452da0b3987&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=d6c030e3-e239-401c-8b62-e452da0b3987&party=1296
https://pixel.sojern.com/idsync/adf?adfid=3170543564115380853&cid=d6c030e3-e239-401c-8b62-e452da0b3987

0
233 B

49ms
48ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=3170543564115380853&cid=d6c030e3-e239-401c-8b62-e452da0b3987
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-accel-expires: 0

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://pixel.sojern.com/idsync/adf?adfid=3170543564115380853&cid=d6c030e3-e239-401c-8b62-e452da0b3987
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 f6f2227d-5318-43ca-8e66-30acdeffa99f-test.json Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/ 5 KB
7 KB 185ms
67ms XHR
application/json 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/f6f2227d-5318-43ca-8e66-30acdeffa99f-test.json
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ba8ace037b7166c713f54d37ee29f9234e29f2543919d1af2374a3c8f51f2a0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=43222
etag: "9b8df45b97690fad934ec155e12730f1:1714411695.226732"
expires: Thu, 07 Nov 2024 08:49:46 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5420
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/json
last-modified: Mon, 29 Apr 2024 17:28:15 GMT
server: AkamaiNetStorage

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
812 B 271ms
152ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=360572&time=1730926164048&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: https://wtimessquare.idaypass.com/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 00062644a726ceed12266df872747d30
x-msedge-ref: Ref A: 6770AA70C36B4E308881A6ECA6640F48 Ref B: FRAEDGE1214 Ref C: 2024-11-06T20:49:24Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYmRKcmzu0SJm34cnR9MA==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Wed, 06 Nov 2024 20:49:23 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1730926164048&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1730926164048&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&e_ipv6=AQI0aZ8WcwF8JAAAAZMDPTnIdyXO-HEZFBV6Gr9hOnjitST2zOEM2_BF6ezR-ULmg...

0
266 B

2783ms
2691ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1730926164048&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&e_ipv6=AQI0aZ8WcwF8JAAAAZMDPTnIdyXO-HEZFBV6Gr9hOnjitST2zOEM2_BF6ezR-ULmg-YHWRc
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 75E13F50495348609C5C01700005C644 Ref B: DUS30EDGE0814 Ref C: 2024-11-06T20:49:24Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYmRKcuIdVGuJThWIP8JA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1730926164048&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&e_ipv6=AQI0aZ8WcwF8JAAAAZMDPTnIdyXO-HEZFBV6Gr9hOnjitST2zOEM2_BF6ezR-ULmg-YHWRc
x-msedge-ref: Ref A: 27953C8921F64806974439F55FD1DA41 Ref B: FRAEDGE1616 Ref C: 2024-11-06T20:49:24Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYmRKcpmoQXnvR1Z2vH0w==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Wed, 06 Nov 2024 20:49:23 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/924374711/ 5 KB
2 KB 145ms
58ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924374711/?random=1730926164159&cv=11&fst=1730926164159&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9189012645&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayerB&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

973984f8b4377b365f790bc50453b556ce0875fb7f2ceebc069220efa480fb58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2413
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 924374711
td.doubleclick.net/td/rul/ Frame AEAC 0
0 200ms
71ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/924374711?random=1730926164159&cv=11&fst=1730926164159&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9189012645&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayerB&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Nov 2024 20:49:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
332 B 172ms
65ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613977086519&pd=%7B%22em%22%3A%22%22%7D&cb=1730926164226&dep=2%2CPAGE_LOAD
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 7227ef675c200ff1e3cbf17713cf5708
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU5qZGxZbVprWmpFdE1UQTJNQzAwWVRkbExUbGpOalF0WVRjd1kyWm1ZMkprWkRRNA
pinterest-version: e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 188
x-pinterest-rid: 1641447876061766

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
681 B 171ms
65ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&tid=2613977086519&cb=1730926164227&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 1c55b5ee1cfd2fb68dd1bac1d5d087ba
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU1qUmtOMkV6TkdJdE9UaG1OUzAwWVdGaExUazVOekV0T0dFNE5qVTJOMlk1WVdFMQ
pinterest-version: e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 188
x-pinterest-rid: 1021915437115903

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
329 B 171ms
66ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%2C%22event_id%22%3A%22c895c9c4-86d8-4acd-ab51-25317fa0dfac%22%7D&tid=2613977086519&cb=1730926164228&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: e04fbb64f9623e54609d09b98e633e01
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU5UTm1OemMzTXpRdFpEQTVZaTAwWVdGaUxUaGxOakV0TmpkaU5ETXdPVFl3TURSag
pinterest-version: e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin: https://wtimessquare.idaypass.com
content-length: 188
x-pinterest-rid: 6961731291547123

GET
H2 200 s09837235343685 Show response
smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LEWM/ 5 KB
5 KB 97ms
97ms Script
application/x-javascript 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.marriott.com/b/ss/marriottglobal,/10/JS-2.14.0-LEWM/s09837235343685?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=6%2F10%2F2024%2021%3A49%3A23%203%20-60&d.&nsid=0&jsonv=1&.d&mid=74681112187210332980462978681894040276&aamlh=6&ce=UTF-8&pageName=wtimessquare.idaypass.com%2F&g=https%3A%2F%2Fwtimessquare.idaypass.com%2F&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c5=No%20Site%20ID&c8=D%3Dv15&c26=Launch&v41=No%20Site%20ID&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=wtimessquare.idaypass.com%2F&v237=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

00c0c915d8250c454dba66ca8be37df9607bfe85110b38e14feda70e60202f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-aam-tid: +lxxT2qzSSA=
etag: 3717135634084528128-4618626250802413024
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 20:49:24 GMT
p3p: CP="This is not a P3P policy"
date: Wed, 06 Nov 2024 20:49:24 GMT
last-modified: Thu, 07 Nov 2024 20:49:24 GMT
vary: *
content-type: application/x-javascript;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
dcs: dcs-prod-irl1-2-v068-0fd3de841.edge-irl1.demdex.com 6 ms
pragma: no-cache
access-control-allow-origin: *
content-length: 5422
x-xss-protection: 1; mode=block
server: jag

POST
H2 200 p
tr.snapchat.com/ 0
247 B 157ms
76ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 23
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://wtimessquare.idaypass.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
server: API Gateway

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 9ADF 0
0 110ms
49ms Document
text/html 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwtimessquare.idaypass.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-924374711&l=dataLayerB&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Nov 2024 20:49:24 GMT
expires: Thu, 06 Nov 2025 20:49:24 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 138ms
55ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8de7f32f7859dbf8-FRA
access-control-allow-origin: *
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
207 B 98ms
66ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2613977086519&pd=%7B%22em%22%3A%22%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwtimessquare.idaypass.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1730926164289
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 16635a66eed89688ad213095b3fc1334
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin: https://wtimessquare.idaypass.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Wed, 06 Nov 2024 20:49:24 GMT
x-pinterest-rid: 1247530586232088
content-type: image/gif

GET
H/1.1 200
OK nycwh-inroom-dining-0138-hor-clsc.png
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/ 856 KB
856 KB 201ms
201ms Image
image/png 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/nycwh-inroom-dining-0138-hor-clsc.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7fa96da8fdda65f661dab352194c1291fd3485613fbbdc356f03212c0908494

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: Dn6PRoUbsTizq8qAttZG+dFt27dDlvO9kytkRcIj/zpLX4Y6BHNh3Ci3ljHL/EiYtCThftzhG3IlqJdRHCcYoYRJpA8CDDy7a9dHk0ER6OI=
ETag: "d8998e48c32c8a2ebd6b04464d2eb8ef"
x-amz-version-id: ExR4b1IU_lEcIQwzkCy4OtHBuosJdfDm
x-amz-request-id: HVHRTRXXPVK98EEE
Accept-Ranges: bytes
Content-Length: 876455
Date: Wed, 06 Nov 2024 20:49:25 GMT
Last-Modified: Wed, 17 May 2023 13:38:30 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK NYE1.jfif
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/ 105 KB
105 KB 302ms
301ms Image
application/octet-stream 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/NYE1.jfif
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7fa19c0a500f3bf2b7f7a35c217a719745097bdbef1a2486d986841b8eefb8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: 4rWTxeSTNR/UUPQ0+RKf+xi6RXWt5sv/pUn3DKrHwcLVAUovHzcJNqhsB4Y4IboZ3iwKMQM8DbLgGce+19ULrdF/61tjdv3OWLggUAB+pgE=
ETag: "df8edcd917d01dc0c292256f40d772bd"
x-amz-version-id: LqTHXEU3t517.Lg7DsR3sQg_Wgp1l98F
x-amz-request-id: HVHY1NBR8JKSST5W
Accept-Ranges: bytes
Content-Length: 107247
Date: Wed, 06 Nov 2024 20:49:25 GMT
Last-Modified: Tue, 01 Oct 2024 02:57:33 GMT
Content-Type: application/octet-stream
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK GettyImages-115872964.jpeg
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/service_image/ 219 KB
219 KB 426ms
233ms Image
image/jpeg 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/service_image/GettyImages-115872964.jpeg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db866dd342c47c8ce58dd26ec220b91bcf6ae480a3c77f073bff5e8bcf892be5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: v9u6OGBQfUvkP7AbTP36YRvwECrtoaYj/t1Otu1l74kgvBCtoOqQFv/9++m0QKhTgKUPT8HFN1G5l55paRrn/bHGsfbJkJ0lUFl6fTB6kXk=
ETag: "62fd3eb06fce712e1c6992f73e230d58"
x-amz-version-id: .ftlDVw0utEDJF7.7jXw9E2Oe5B23Qim
x-amz-request-id: HVHNQPZ9VWA6G1QW
Accept-Ranges: bytes
Content-Length: 223906
Date: Wed, 06 Nov 2024 20:49:25 GMT
Last-Modified: Tue, 24 Sep 2024 20:09:20 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK b4f50194-0be8-45ca-b95e-c745fadee26c.png
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/service_image/ 87 KB
88 KB 2990ms
2755ms Image
image/png 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/service_image/b4f50194-0be8-45ca-b95e-c745fadee26c.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4a95f3867a155a56cb4f968c5d608e7e598b5162e1013be965ec4f5de6ba2ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: CwlbjwlPQkZvktZV2Sv+aMQdZc7SEcjemCDCLGjW3HQukzaT37K7iVtQFU9tddteekIgjGe5osCQD1drd/6ZQ4XKAT/IXcwzeFsv2IeVDDY=
ETag: "44bec44b6170301c442c87a31657c71b"
x-amz-version-id: PD_XtrggjeEzQjZ04c.yFeJWEeIvakKy
x-amz-request-id: HVHVF504Q8K7RBF8
Accept-Ranges: bytes
Content-Length: 89441
Date: Wed, 06 Nov 2024 20:49:25 GMT
Last-Modified: Tue, 16 Jan 2024 16:06:16 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 00b5283f-a1b6-4e3d-a2eb-62efa29ed25a.png
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/service_image/ 176 KB
177 KB 2994ms
2760ms Image
image/png 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/service_image/00b5283f-a1b6-4e3d-a2eb-62efa29ed25a.png
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47c80ce233fa461d857b8202bdd5458f6c31b9a728e349ac2788b528cb3ed7e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: cbfK9p+Njqxt54EyEFvyiV9krb7U2Z5MDMliWLHsQWCFnS1JRiooU/k0LeXVhia8zJQ7/fj6Y3Gw+Xn4+rio4s2en8olBilOR1isX8g6d4o=
ETag: "9624eb82dcff377412971dbe410268e6"
x-amz-version-id: BzzZPPqOMxmQl4ilWDZ.EcrVfj_yREx5
x-amz-request-id: HVHMKX9B634Q36VB
Accept-Ranges: bytes
Content-Length: 180565
Date: Wed, 06 Nov 2024 20:49:25 GMT
Last-Modified: Mon, 04 Sep 2023 15:28:41 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK nycwh-inroom-dining-8186-hor-clsc.png
ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/ 828 KB
829 KB 2799ms
2756ms Image
image/png 16.15.216.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipoolside-media.s3.amazonaws.com/site/wtimessquare/images/nycwh-inroom-dining-8186-hor-clsc.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.15.216.37 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 339100ef0fb7dbbd6483d48024908d52a862cd341ef39d58138f7cf49cea2378

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

x-amz-id-2: fhvCTbrh9kuPhs3pJ7BKWum0rn5/0dCCCrEztSbpw9zLW2AyQCxx3DphA8AL0GsJUpESKJXa6Xv/NQDdddePsyYD0tdNJHPaZD7eQ0YWx5s=
ETag: "eac29277d385cdfad66ca0ed314d07d2"
x-amz-version-id: jhmotQRY03SFCzticNzf.JVI4kV2_2Ql
x-amz-request-id: HVHKJ2KGZ4BRSS8H
Accept-Ranges: bytes
Content-Length: 848353
Date: Wed, 06 Nov 2024 20:49:25 GMT
Last-Modified: Wed, 17 May 2023 13:33:49 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 295183786cd8a1389865.woff
wtimessquare.idaypass.com/css/assets/ 1 KB
2 KB 167ms
165ms Font
font/woff 54.196.47.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wtimessquare.idaypass.com/css/assets/295183786cd8a1389865.woff

Requested by

Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.196.47.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-47-60.compute-1.amazonaws.com

Software

nginx/1.24.0 /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wtimessquare.idaypass.com
Referer: https://wtimessquare.idaypass.com/css/vendor.css?v=1730712431

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
etag: "6215ea85-564"
accept-ranges: bytes
content-length: 1380
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 1; mode=block
content-type: font/woff
last-modified: Wed, 23 Feb 2022 08:04:21 GMT
server: nginx/1.24.0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
508 B 224ms
53ms Image
image/gif 54.171.122.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2006%20Nov%202024%2020%3A49%3A24%20GMT&n=-1&b=W%20NEW%20YORK%20-%20TIMES%20SQUARE&.yp=405909&f=https%3A%2F%2Fwtimessquare.idaypass.com%2F&enc=UTF-8&yv=1.16.5&tagmgr=gtm%2Cadobe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.171.122.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.144 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires: Wed, 06 Nov 2024 20:49:24 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: image/gif
server: ATS/9.1.10.144
x-frame-options: DENY

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
77 B 226ms
55ms Image
image/gif 54.171.122.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=W%20NEW%20YORK%20-%20TIMES%20SQUARE&.yp=405909&f=https%3A%2F%2Fwtimessquare.idaypass.com%2F&enc=UTF-8&yv=1.16.5&hsr=&et=custom&ea=ViewProduct&cc=&cio=%7C&cid=&tagmgr=gtm%2Cadobe

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.171.122.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.144 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires: Wed, 06 Nov 2024 20:49:24 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: image/gif
server: ATS/9.1.10.144
x-frame-options: DENY

GET
H2 200 activityi;fledge=1;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;fr...
td.doubleclick.net/td/fls/rul/ Frame 27F5 0
0 66ms
61ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1359549&l=dataLayerB&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Nov 2024 20:49:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
td.doubleclick.net/td/fls/rul/ Frame 9053 0
0 100ms
87ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-1359549&l=dataLayerB&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 1263
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Nov 2024 20:49:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CO_mpbnKyIkDFYRqHgIdeLoLYA;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=*;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;g...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
https://ad.doubleclick.net/activity;dc_pre=CO_mpbnKyIkDFYRqHgIdeLoLYA;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=...
https://adservice.google.com/ddm/fls/z/dc_pre=CO_mpbnKyIkDFYRqHgIdeLoLYA;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=*;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;ua...

42 B
63 B

78ms
77ms

Image
image/gif

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CO_mpbnKyIkDFYRqHgIdeLoLYA;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=*;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/dc_pre=CO_mpbnKyIkDFYRqHgIdeLoLYA;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=*;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 activity;register_conversion=1;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ps...
ad.doubleclick.net/ 0
24 B 74ms
73ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=1359549;type=marri003;cat=m1m_m0;ord=6759308896090;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=1944068797;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"503098902628109423"}],"aggregatable_trigger_data":[{"filters":[{"14":["8173239"]}],"key_piece":"0xd91cd24cf9d3791c","source_keys":["12","13","14","15","16","17","18","19","20","21","628582880","628582881","628582882","628582883","628695024","628695025","628695026","628695027","628772456","628772457","628772458","628772459","628830124","628830125","628830126","628830127","628898172","628898173","628898174","628898175"]},{"key_piece":"0x650bdfc1601345fe","not_filters":{"14":["8173239"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628582880","628582881","628582882","628582883","628695024","628695025","628695026","628695027","628772456","628772457","628772458","628772459","628830124","628830125","628830126","628830127","628898172","628898173","628898174","628898175"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628582880":32,"628582881":32,"628582882":32,"628582883":3177,"628695024":32,"628695025":32,"628695026":32,"628695027":3177,"628772456":32,"628772457":32,"628772458":32,"628772459":3177,"628830124":32,"628830125":32,"628830126":32,"628830127":3177,"628898172":32,"628898173":32,"628898174":32,"628898175":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5717665633563083356","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"503098902628109423","filters":[{"14":["8173239"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"503098902628109423","filters":[{"14":["8173239"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"503098902628109423","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"503098902628109423","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["1359549"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3

200

dc_pre=CNnvpbnKyIkDFYxFHgIdTAoGtA;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=*;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;fr...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv...
https://ad.doubleclick.net/activity;dc_pre=CNnvpbnKyIkDFYxFHgIdTAoGtA;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=...
https://adservice.google.com/ddm/fls/z/dc_pre=CNnvpbnKyIkDFYxFHgIdTAoGtA;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=*;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb...

42 B
63 B

75ms
75ms

Image
image/gif

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNnvpbnKyIkDFYxFHgIdTAoGtA;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=*;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/dc_pre=CNnvpbnKyIkDFYxFHgIdTAoGtA;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=*;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3 200 activity;register_conversion=1;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
ad.doubleclick.net/ 0
24 B 127ms
126ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=7273692938805;npa=0;auiddc=1578195551.1730926164;u7=%2F;ps=1;pcor=628949012;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4au0v9181787912za200zb9189012645;gcs=G111;gcd=13t3tPt2t5l1;dma_cps=syphamo;dma=1;tag_exp=101823848~101925629;epver=2;~oref=https%3A%2F%2Fwtimessquare.idaypass.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"1789259406731900041"}],"aggregatable_trigger_data":[{"filters":[{"14":["9719034"]}],"key_piece":"0x1b0cf24e747cdb8b","source_keys":["12","13","14","15","16","17","18","19","20","21","628582880","628582881","628582882","628582883","628695024","628695025","628695026","628695027","628772456","628772457","628772458","628772459","628830124","628830125","628830126","628830127","628898172","628898173","628898174","628898175"]},{"key_piece":"0x41793ea049ac361c","not_filters":{"14":["9719034"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","628582880","628582881","628582882","628582883","628695024","628695025","628695026","628695027","628772456","628772457","628772458","628772459","628830124","628830125","628830126","628830127","628898172","628898173","628898174","628898175"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628582880":32,"628582881":32,"628582882":32,"628582883":3177,"628695024":32,"628695025":32,"628695026":32,"628695027":3177,"628772456":32,"628772457":32,"628772458":32,"628772459":3177,"628830124":32,"628830125":32,"628830126":32,"628830127":3177,"628898172":32,"628898173":32,"628898174":32,"628898175":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"7630943920842593292","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"1789259406731900041","filters":[{"14":["9719034"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"1789259406731900041","filters":[{"14":["9719034"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"1789259406731900041","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"1789259406731900041","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["1359549"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950378023/ 6 KB
2 KB 101ms
100ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950378023/?random=1730926164395&cv=11&fst=1730926164395&bg=ffffff&guid=ON&async=1&gtm=45be4au0v868987318za200zb9189012645&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayerB&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

bcc4ea27e4eed52715c226ebbaa6db04ef6baace6d9784983eac4f00a0ed4979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2443
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 950378023
td.doubleclick.net/td/rul/ Frame 7E23 0
0 72ms
71ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/950378023?random=1730926164395&cv=11&fst=1730926164395&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0v868987318za200zb9189012645&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-950378023&l=dataLayerB&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Nov 2024 20:49:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 136ms
43ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fwtimessquare.idaypass.com%2F&rl=&if=false&ts=1730926164572&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730926164557.87677629555477133&cs_est=true&ler=empty&cdl=API_unavailable&it=1730926163847&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2957, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 2750ms
2658ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fwtimessquare.idaypass.com%2F&rl=&if=false&ts=1730926164572&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730926164557.87677629555477133&cs_est=true&ler=empty&cdl=API_unavailable&it=1730926163847&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7434271267513523473"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: GOc5JFe8FrfJjqTmW32TF/sSWFSmPBUhjzm+1S7ABudjtn4DIeqjix6YmXaTTncFth52RnrELsZQIhB4BWHt/Q==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7434271267513523473", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=17, mss=1297, tbw=3275, tp=-1, tpl=-1, uplat=255, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 42ms
41ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
etag: "16d5d552603d86726ae439fc61299d42"
age: 6026
x-cdn: fastly
alt-svc: h3=":443";ma=600
content-length: 4103
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame C624 0
0 143ms
66ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.be180668.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wtimessquare.idaypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 06 Nov 2024 20:49:24 GMT
pinterest-version: e62010f407d09decef677569943c37eeaefcbe47
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8549247146597760
x-pinterest-rid-128bit: 898388544698fde676a506fbe5fb3c74

GET
H2 200 otBannerSdk.js Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/ 430 KB
105 KB 79ms
78ms Script
application/x-javascript 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/otBannerSdk.js
Requested by: Host: cache.marriott.com
URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/otSDKStub.js?7396044833951521
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=1177557
content-encoding: gzip
etag: "9422af4c8c350fb1fee377e0e551ca5c:1714414159.665076"
expires: Wed, 20 Nov 2024 11:55:21 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 106860
date: Wed, 06 Nov 2024 20:49:24 GMT
content-type: application/x-javascript
last-modified: Mon, 29 Apr 2024 18:09:19 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 beat.js Show response
p.relay-t.io/ 21 B
564 B 127ms
127ms Script
application/javascript 2600:9000:2165:c000:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/beat.js?type=tg&idhotel=idH&pmsId=pms&tkraw=&tk=&ref=https%3A%2F%2Fwtimessquare.idaypass.com%2F

Requested by

Host: p.relay-t.io
URL: https://p.relay-t.io/wh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2165:c000:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

etag: "590efd78ccb474abbf45b795b73e37d8"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: jAs3KkbGUKClzVIFcwwgm4sLwRLix-b0xU8oFEBLGixcdvhYwEERLQ==
date: Wed, 06 Nov 2024 20:49:25 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 13:34:05 GMT
vary: Origin
x-frame-options: SAMEORIGIN
x-amz-meta-content-type: application/javascript
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 2f495c2a75817f316afd4d3bb437bf0a.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 21
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 /
www.google.com/pagead/1p-user-list/924374711/ 42 B
64 B 57ms
57ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/924374711/?random=1730926164159&cv=11&fst=1730923200000&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9189012645&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dAk1-266e5fpFMJXushaSA7WBJO3f_Q&random=3463434059&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/924374711/ 42 B
64 B 119ms
62ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/924374711/?random=1730926164159&cv=11&fst=1730923200000&bg=ffffff&guid=ON&async=1&gtm=45be4au0za200zb9189012645&gcd=13t3t3t2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dAk1-266e5fpFMJXushaSA7WBJO3f_Q&random=3463434059&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
694 B 64ms
64ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&tid=2613977086519&cb=1730926164614&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%22%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwtimessquare.idaypass.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 85e95682f7c3a3672d642b3924fb3714
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin: https://wtimessquare.idaypass.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Wed, 06 Nov 2024 20:49:24 GMT
x-pinterest-rid: 3270786753811396
content-type: image/gif

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
694 B 70ms
69ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%2C%22event_id%22%3A%22c895c9c4-86d8-4acd-ab51-25317fa0dfac%22%7D&tid=2613977086519&cb=1730926164614&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPU5qZGxZbVprWmpFdE1UQTJNQzAwWVRkbExUbGpOalF0WVRjd1kyWm1ZMkprWkRRNA%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwtimessquare.idaypass.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22be180668%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-pinterest-rid-128bit: 585a7c07f5bb661e6a7cf292080b3db6
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: e62010f407d09decef677569943c37eeaefcbe47
access-control-allow-origin: https://wtimessquare.idaypass.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Wed, 06 Nov 2024 20:49:24 GMT
x-pinterest-rid: 7673274574146583
content-type: image/gif

GET
H3 200 /
www.google.com/pagead/1p-user-list/950378023/ 42 B
64 B 55ms
55ms Image
image/gif 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950378023/?random=1730926164395&cv=11&fst=1730923200000&bg=ffffff&guid=ON&async=1&gtm=45be4au0v868987318za200zb9189012645&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dddA5OIKbqdrsLxdBuOxtfzZrYaGFujJ7fywv3pauKFRK58te&random=2599540177&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.de/pagead/1p-user-list/950378023/ 42 B
64 B 115ms
62ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/950378023/?random=1730926164395&cv=11&fst=1730923200000&bg=ffffff&guid=ON&async=1&gtm=45be4au0v868987318za200zb9189012645&gcd=13t3tPt2t5l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fwtimessquare.idaypass.com%2F&hn=www.googleadservices.com&frm=0&tiba=W%20NEW%20YORK%20-%20TIMES%20SQUARE&npa=0&pscdl=noapi&auid=1578195551.1730926164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view%3BCheckInDayofWeek%3D%3BEnterpriseSegmentCEIDetails%3D%3BMemberLevel%3D%3BWeekendStay%3D&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dddA5OIKbqdrsLxdBuOxtfzZrYaGFujJ7fywv3pauKFRK58te&random=2599540177&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 06 Nov 2024 20:49:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 p
tr6.snapchat.com/ 0
45 B 2584ms
2577ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://wtimessquare.idaypass.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 06 Nov 2024 20:49:24 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

POST
H2 200 p
tr.snapchat.com/ 0
46 B 2422ms
2420ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://wtimessquare.idaypass.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://wtimessquare.idaypass.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 06 Nov 2024 20:49:27 GMT
server: API Gateway

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
203 B 201ms
199ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wtimessquare.idaypass.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: DD7CB8E7C8374EB39348D4D35018CB79 Ref B: FRAEDGE1616 Ref C: 2024-11-06T20:49:27Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYmRKdXSiYwh7W/Z2tlxw==
x-li-proto: http/2
access-control-allow-origin: https://wtimessquare.idaypass.com
x-cache: CONFIG_NOCACHE
date: Wed, 06 Nov 2024 20:49:26 GMT
vary: Origin

GET
H2 200 en.json Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/ 92 KB
93 KB 61ms
61ms Fetch
application/json 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/en.json
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f10edd6b5939fa52302d695307a651d8d95207d89c7cf734681603cad7d58b2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=55213
etag: "362fc0cc71e5747e8677e780971eead2:1714411149.331847"
expires: Thu, 07 Nov 2024 12:09:40 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 94140
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: application/json
last-modified: Mon, 29 Apr 2024 17:19:09 GMT
server: AkamaiNetStorage

GET
H2 200 otCenterRounded.json Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/assets/ 9 KB
11 KB 73ms
71ms Fetch
application/json 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/assets/otCenterRounded.json
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=121098
etag: "17e5cf7e2fcaed7692184f43c4577219:1714414182.179629"
expires: Fri, 08 Nov 2024 06:27:45 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9721
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: application/json
last-modified: Mon, 29 Apr 2024 18:09:42 GMT
server: AkamaiNetStorage

GET
H2 200 otPcTab.json Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/assets/v2/ 63 KB
64 KB 76ms
74ms Fetch
application/json 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/assets/v2/otPcTab.json
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=48532
etag: "f87a49adf0071a1866abcd9f1f4ca26f:1714414210.992302"
expires: Thu, 07 Nov 2024 10:18:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64205
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: application/json
last-modified: Mon, 29 Apr 2024 18:10:10 GMT
server: AkamaiNetStorage

GET
H2 200 otCommonStyles.css Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/assets/ 21 KB
4 KB 60ms
59ms Fetch
text/css 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/scripttemplates/202401.2.0/assets/otCommonStyles.css
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=1191159
content-encoding: gzip
etag: "73bc4067d312180a1b19a4d883f42d6a:1714414182.088839"
expires: Wed, 20 Nov 2024 15:42:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3707
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 18:09:42 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 ps
tag.yieldoptimizer.com/ps/ 675 B
675 B 136ms
50ms Image
text/javascript 35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mhcy=&mhcr=&mhcd=&mhst=&mhnm=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 675
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: text/javascript;charset=ISO-8859-1
server: Apache-Coyote/1.1

GET
H2 200 ps
tag.yieldoptimizer.com/ps/ 675 B
675 B 135ms
51ms Image
text/javascript 35.186.212.60
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.yieldoptimizer.com/ps/ps?t=s&p=1057&si=US&ln=EN&hbc=HRS&pg=hm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.212.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.212.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache
pragma: no-cache
via: 1.1 google
expires: Thu, 01 Jan 1970 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-length: 675
date: Wed, 06 Nov 2024 20:49:26 GMT
content-type: text/javascript;charset=ISO-8859-1
server: Apache-Coyote/1.1

GET
H2 200 bonvoyLogo.svg
cache.marriott.com/aka-fonts/Marriott/ 4 KB
4 KB 63ms
63ms Image
image/svg+xml 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.marriott.com/aka-fonts/Marriott/bonvoyLogo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 58ba841b04c89089a69c02ce9a02cac37a2d24677a518576412b5ecf96ca3d68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=185019
etag: "bd100fbfe3cbfbc0d134f3346f9646a8:1700497715.008028"
expires: Sat, 09 Nov 2024 00:13:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3939
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: image/svg+xml
last-modified: Mon, 20 Nov 2023 16:28:35 GMT
server: AkamaiNetStorage

GET
H2 200 ot_guard_logo.svg Show response
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/static/ 497 B
695 B 63ms
62ms Fetch
image/svg+xml 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/static/ot_guard_logo.svg
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=97745
etag: "b57c99c9d1e3c50b2114c6db053d7ff0:1714411387.205976"
expires: Thu, 07 Nov 2024 23:58:32 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 497
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 17:23:07 GMT
server: AkamaiNetStorage

GET
H2 200 Screenshot_2024-04-11_at_9.47.05%E2%80%AFAM.png
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/0894cd2c-85ba-4d0b-8ec1-e18f3735e0e0/b060421... 2 KB
2 KB 132ms
131ms Image
image/avif 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/0894cd2c-85ba-4d0b-8ec1-e18f3735e0e0/b0604211-2b00-4c75-9cda-d7a20affd155/9305323c-4de4-473a-96d6-53ebd1fc4a01/Screenshot_2024-04-11_at_9.47.05%E2%80%AFAM.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: ff6ed1816426b74236266b53606227ca523ffa1129685579857f3bee9e79d876

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: private, no-transform, max-age=1396997
etag: "55c16ae2b50edb812083f9c43193d855:1714411306.412777"
expires: Sat, 23 Nov 2024 00:52:44 GMT
access-control-allow-origin: *
content-length: 1910
date: Wed, 06 Nov 2024 20:49:27 GMT
last-modified: Fri, 27 Sep 2024 00:52:23 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 OBOP_logo_area_mobile.png
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/0894cd2c-85ba-4d0b-8ec1-e18f3735e0e0/5bb511e... 1 KB
1 KB 132ms
132ms Image
image/avif 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/0894cd2c-85ba-4d0b-8ec1-e18f3735e0e0/5bb511eb-d9f4-4df3-a115-b872b88fbf00/9decae5a-2da0-42c0-9864-d7ae6f5b5da2/OBOP_logo_area_mobile.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: a2f6bb0a1df0be51146c7da9f1c2318bd82666947b4ee78f9291acf78e1d34f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: private, no-transform, max-age=1396483
etag: "7ac316d0b2702849c7a0f4556f4878f5:1714411221.903954"
expires: Sat, 23 Nov 2024 00:44:10 GMT
access-control-allow-origin: *
content-length: 1166
date: Wed, 06 Nov 2024 20:49:27 GMT
last-modified: Fri, 27 Sep 2024 00:44:37 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 powered_by_logo.svg
cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/static/ 5 KB
5 KB 75ms
75ms Image
image/svg+xml 72.246.168.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.marriott.com/aka-fonts/OneTrust/R24.4.4/oneTrust_test/consent/f6f2227d-5318-43ca-8e66-30acdeffa99f-test/021f14d4-462d-41ba-b6a7-7f8f8e55a583/logos/static/powered_by_logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.168.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-168-84.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: max-age=95102
etag: "63e737d3544164d2b7f4fbca416ac807:1714411387.336904"
expires: Thu, 07 Nov 2024 23:14:29 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5194
date: Wed, 06 Nov 2024 20:49:27 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 17:23:07 GMT
server: AkamaiNetStorage

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 50ms
49ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F655SMQDS2&gtm=45je4au0v9124605564za200&_p=1730926161594&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&ul=de-de&sr=1600x1200&cid=39501880.1730926162&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=2&dl=https%3A%2F%2Fwtimessquare.idaypass.com%2F&dp=%2F&dt=W%20NEW%20YORK%20-%20TIMES%20SQUARE&sid=1730926162&sct=1&seg=1&en=page_view&_ee=1&ep.ua_dimension_2=W%20NEW%20YORK%20-%20TIMES%20SQUARE&_et=990&tfd=8639
Requested by: Host: wtimessquare.idaypass.com
URL: https://wtimessquare.idaypass.com/js/main.js?v=1730712431
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wtimessquare.idaypass.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wtimessquare.idaypass.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 06 Nov 2024 20:49:28 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 00:50:12	Name: X-AB Value: fbf07e0db2f4494e9db10cfd615ef56e
.idaypass.com/	1970-01-21 10:24:46	Name: _ga Value: GA1.2.39501880.1730926162
.idaypass.com/	1970-01-21 00:50:12	Name: _gid Value: GA1.2.709960340.1730926162
.idaypass.com/	1970-01-21 00:48:46	Name: _gat Value: 1
wtimessquare.idaypass.com/	1970-01-21 09:32:55	Name: csrftoken Value: zt8gRb7xRCyZLdMQlg5EbwHHRJ1scbq7RKfy8KlKbPbbkcpEOr0kOPm3nx0YXKsY
wtimessquare.idaypass.com/	1970-01-21 00:49:22	Name: sessionid Value: 2lgcq4d1wl5thtd8rglffl25accrdrvo
.idaypass.com/	1970-01-21 10:24:46	Name: _ga_F655SMQDS2 Value: GS1.2.1730926162.1.1.1730926163.0.0.0
.idaypass.com/	1970-01-21 02:58:22	Name: _gcl_au Value: 1.1.1578195551.1730926164
.demdex.net/	1970-01-21 05:07:58	Name: demdex Value: 74767002622005909070435240007560346813
.idaypass.com/	1969-12-31 23:59:59	Name: AMCVS_664516D751E565010A490D4C%40AdobeOrg Value: 1
.idaypass.com/	1970-01-21 00:48:47	Name: s_tbm Value: true
.idaypass.com/	1969-12-31 23:59:59	Name: s_campaign Value: Unpaid%20Referrals%3A%20Typed%2FBookmarked
.idaypass.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.idaypass.com/	1970-01-21 00:48:47	Name: _dpm_ses.9aaa Value: *
.idaypass.com/	1970-01-21 09:34:22	Name: _dpm_id.9aaa Value: 6188dc88-b776-4e48-8cbf-84cfb86545c6.1730926164.1.1730926164.1730926164.9a170fd5-4018-4216-b201-6541384ae7c7
.idaypass.com/	1970-01-21 10:18:32	Name: _scid Value: vTtJ64CIoE31_JlY1gkDzNhABWaQ8yp3
.idaypass.com/	1970-01-21 10:18:32	Name: _scid_r Value: vTtJ64CIoE31_JlY1gkDzNhABWaQ8yp3
.adsrvr.org/	1970-01-21 09:34:22	Name: TDID Value: 27f1ed7a-3b14-4a0e-a4ce-8689125e37b4
.jivox.com/	1970-01-21 02:58:22	Name: jvxsync Value: utnLMJc6APGy
.dpm.demdex.net/	1970-01-21 05:07:58	Name: dpm Value: 74767002622005909070435240007560346813
.adnxs.com/	1970-01-21 10:24:46	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:58:22	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVIp1STU!]tbP6j2F-XstGt!@E!O%$3KC
.idaypass.com/	1970-01-21 10:24:46	Name: AMCV_664516D751E565010A490D4C%40AdobeOrg Value: -1712354808%7CMCIDTS%7C20034%7CMCMID%7C74681112187210332980462978681894040276%7CMCAAMLH-1731530963%7C6%7CMCAAMB-1731530963%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1730933363s%7CNONE%7CMCSYNCSOP%7C411-20041%7CvVersion%7C4.3.0
.adnxs.com/	1970-01-21 02:58:22	Name: XANDR_PANID Value: JI-nMMDqtA-4U_uDSnej4Iv5DFvZVpeYaUUybqmkUiTEWDVLuZIRfB72Wswr6ftC4EsIABSSQH_7pCA69bCIb_Axk6Brf-qhmb-Hk_TGaqk.
.adnxs.com/	1970-01-21 02:58:22	Name: uuid2 Value: 8061010936713873030
.doubleclick.net/	1970-01-21 01:31:58	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 05:07:58	Name: receive-cookie-deprecation Value: 1
.marriott.com/	1970-01-21 02:58:22	Name: jvxsync Value: utnLMLSB0qjP
.adform.net/	1970-01-21 01:31:58	Name: C Value: 1
.pinterest.com/	1970-01-21 09:34:22	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 10:10:22	Name: IDE Value: AHWqTUlyDZonvOsfFbASJUgpSCW6lsJaUQkYZUGij7nU-igd8ZVus5st_Il0vZhB
.adform.net/	1970-01-21 02:15:10	Name: uid Value: 3170543564115380853
.linkedin.com/	1970-01-21 09:34:22	Name: bcookie Value: "v=2&f3708c3a-7452-4bdf-86c9-c6a71f1c1510"
.linkedin.com/	1970-01-21 05:07:58	Name: li_gc Value: MTswOzE3MzA5MjYxNjQ7MjswMjGADiyOV6v6nNDvePi+y2x+Wmp3a7/JfNlmsfOEcZ3OuA==
.linkedin.com/	1970-01-21 00:50:12	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3456:u=1:x=1:i=1730926164:t=1731012564:v=2:sig=AQHAV9xogfp2LplRUR-x--nXZS4XIQap"
.idaypass.com/	1970-01-21 02:58:22	Name: _fbp Value: fb.1.1730926164557.87677629555477133
.sojern.com/	1970-01-21 09:34:22	Name: cid Value: d6c030e3-e239-401c-8b62-e452da0b3987#1730851200000
.sojern.com/	1970-01-21 09:34:22	Name: adfid Value: 3170543564115380853
.wtimessquare.idaypass.com/	1970-01-21 09:34:22	Name: _pin_unauth Value: dWlkPU5qZGxZbVprWmpFdE1UQTJNQzAwWVRkbExUbGpOalF0WVRjd1kyWm1ZMkprWkRRNA
.idaypass.com/	1970-01-21 00:58:50	Name: _ScCbts Value: %5B%5D
.tvpixel.com/	1970-01-21 09:34:22	Name: sp Value: 7ee03016-0b0f-4a8b-973e-e28da7f2d217
.ct.pinterest.com/	1970-01-21 09:34:22	Name: _pinterest_ct_ua Value: "TWc9PSZBaTdkbmJJMVhveVVXQU1CSVFINFYrZGNmU0IzVkxOekYzZ1NNVmh2VlljUk5DSk9xY3o4M0tHaElBRkJuTjVsMmpIMm91T1hNSHhVYmQ3QWZjVlA1WjVvUXNlY2k0T1hQRHBzQzZYaGNXQT0mbDF3SCtTYUVtOEV4b2Z2aUVKRWdrNElqcUo4PQ=="
.demdex.net/	1970-01-21 05:07:58	Name: dextp Value: 358-1-1730926164080\|477-1-1730926164188\|771-1-1730926164302\|992-1-1730926164404\|903-1-1730926164505\|1957-1-1730926164607\|3047-1-1730926164708\|13870-1-1730926164810\|19360-1-1730926164911\|22054-1-1730926165011\|22069-1-1730926165111\|28645-1-1730926165212\|30646-1-1730926165312\|80742-1-1730926165413\|96420-1-1730926165513\|66757-1-1730926165614\|144230-1-1730926165714\|144231-1-1730926165815\|144232-1-1730926165915\|144233-1-1730926166016\|144234-1-1730926166116\|144235-1-1730926166219\|144236-1-1730926166320\|144237-1-1730926166425\|134084-1-1730926166525
.bing.com/	1970-01-21 10:10:22	Name: MUID Value: 2E965B5B9F9D66B30A0C4E749E1667ED
.c.bing.com/	1970-01-21 00:58:50	Name: MR Value: 0
.flashtalking.com/	1970-01-21 10:18:10	Name: flashtalkingad1 Value: "GUID=6154ACC324D7BD"
.innovid.com/	1970-01-21 02:58:22	Name: uuid Value: 2651325f-324a-4ad1-9ad3-f0f4b65def7f-20241106 15:49:27
.yieldoptimizer.com/	1970-01-21 09:34:22	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-21 09:34:22	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 09:34:22	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 09:34:22	Name: cktst Value: 189675124
.yieldoptimizer.com/	1970-01-21 09:34:22	Name: ckid Value: 3019420271383
.tribalfusion.com/	1970-01-21 02:58:22	Name: ANON_ID Value: a6noeUMZaACnpqGpU8I8bG99qfoYG6I3sHE4uAGix
wtimessquare.idaypass.com/	1970-01-21 05:07:58	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Nov+06+2024+21%3A49%3A27+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwtimessquare.idaypass.com%2F&groups=1%3A1%2C3%3A0%2C4%3A0%2C6%3A0
.yieldoptimizer.com/	1970-01-21 09:34:22	Name: dph Value: %7B%22t%22%3A%5B138932%2C138932%5D%2C%22dp%22%3A%5B1057%2C2233%5D%7D
.yieldoptimizer.com/	1970-01-21 09:34:22	Name: ph Value: %7B%22p%22%3A%5B1025%2C1490%2C39%2C1032%2C1022%5D%2C%22t%22%3A%5B138932%2C138932%2C138932%2C138932%2C138932%5D%7D
.ipinyou.com/	1970-01-21 10:14:41	Name: PYID Value: OB74mRECyiu

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://wtimessquare.idaypass.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F06C0134270000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
assets.adobedtm.com
bat.bing.com
bat.bing.net
beacon.sojern.com
c.tvpixel.com
c1.adform.net
cache.marriott.com
cdn.equalweb.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
fonts.googleapis.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
ipoolside-media.s3.amazonaws.com
js.adsrvr.org
jvxpxl.marriott.com
libs.fraud.elavon.com
login.dotomi.com
marriottinternationa.demdex.net
match.adsrvr.org
o436887.ingest.sentry.io
p.relay-t.io
p.tvpixel.com
pixel.sojern.com
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.jivox.com
region1.google-analytics.com
s.pinimg.com
s.yimg.com
sc-static.net
smetrics.marriott.com
snap.licdn.com
sp.analytics.yahoo.com
static.sojern.com
tag.yieldoptimizer.com
td.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
wtimessquare.idaypass.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
107.178.244.119
108.128.49.114
108.138.40.116
13.107.42.14
142.250.184.200
142.250.185.102
142.250.185.226
142.250.185.78
142.250.186.100
142.250.186.67
151.101.0.84
151.101.64.84
157.240.253.1
16.15.216.37
172.217.16.130
18.173.188.247
185.89.210.180
2001:4860:4802:32::36
216.58.212.162
2600:9000:2165:c000:1d:40aa:1fc0:93a1
2600:9000:225b:de00:1d:bf0a:0:93a1
2600:9000:26db:1e00:15:dbf7:4c80:93a1
2606:4700:20::ac43:4771
2606:4700:4400::6812:2089
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:831::2008
2a02:26f0:3500:10::210:a99
2a02:26f0:3500:c89::1e80
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::84
3.33.220.150
34.120.195.249
35.186.212.60
35.190.43.134
35.244.188.9
35.71.131.137
37.157.6.237
52.16.193.179
52.201.108.5
52.3.166.170
54.171.122.26
54.196.47.60
54.72.201.156
63.140.62.17
63.215.202.140
72.246.168.84
75.2.57.54
00c0c915d8250c454dba66ca8be37df9607bfe85110b38e14feda70e60202f63
01ce1e6429e6a1fa2d753f6e65c6fec0a20640879b51725d6fa11a986e41f1a1
03cfeab77ae89feafb1baaacbdece4080066010d7643eb9880f948d6c912f4ed
0807fa8baed2f7938346633b61e706e4c08e9760c57d339d92e91c5f4a04aa61
089030d8bec22aa48ae59e27516a4e8a1fcec666e9d783c7a1df47220b750dc1
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0ac5a43bd1498cea1f7899f761cbe21cd8a0a540bf2394bc5fe459f258d97aca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
1460bf3469f0decae76a2b1432c1dbefbef9643475e8ff97b6e1f19892b6404d
14849795f2342b3b0cc2b70c26a4298856acbbd78cc6f3529db84dfabf9b421e
149fbf15206579ff157a3b578766c3828810b0d3c2cf088aa3ec30f1a7b3dc3f
164db006110a8216f385e43f672709644c6487e6d0edb010cf398ecbfef4fc7b
180fa4a7c18fbb8dc8747ed85b955d8644c60f7db15710f8935a502664c4dff9
20701e0d48d0c18cded6071c8f337091ef965629f1bfed00afc9651565a78955
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
247fc189082160e979e84de9e2a591da28319423bc1b706e9a99f2fe3bced7af
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29181ef676dacfe42e71b28462d2929d4d4806cd33331ff8a76beb5781e3c94f
2aa45b8303a0d7a102478546b3a0ea86a5aa22838be3aa6da0c4bd40012bebb9
2e37065f9b9d3f97a3fae828a874d78cb543f3b363c1309e7a5e5efa127d3b28
313ca7f9de7305682b30b4d59749ad39d4e4ecfca3ca3a84bd91c22864b61413
31dac5db579ff87171e5dc80096f53f332c47f4db7bd64839030240322d638b8
329411bd81609e0bc23b6e00861122b7627e701ae5f38d96c933afadb43b2afd
32bc033e13e02d8809b2c8c97ac5a5110c5f375a830ed6cace5ce1202ab5b480
339100ef0fb7dbbd6483d48024908d52a862cd341ef39d58138f7cf49cea2378
34879a34f205cdac81574bc8a729d54ed7f6770c05847352fa925cbd76b14481
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3afb9988267a380488bd5d0cc82ef645c2c96093316c97c10b636a8c09b0682b
3b2e183cd3ed235b8dca670058e1d59c4ccce8c519f4d409e7ce67d917cd0151
3fad006c469f982166a48dc2c9297c506bb4b132dabb117a985275754a1dc3a2
42eb556748fab66fb88259b02c1f065621f4a06a2ccec56ccfd4b14bf7ef43f4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b6596e9fdedae08a61fed7b7512700c383b8eb822239d6691fa49e1eb372de
47c80ce233fa461d857b8202bdd5458f6c31b9a728e349ac2788b528cb3ed7e9
47cd76ff474afbe3fd2927514df932b704677377de742e1794c214e590a22aba
4a1dce6eeb6dbe84c403811768b526312e32e76a422d0f01bf4a198ca916cd62
4ab99c5f1dd5c8659f53fb22be0002378e5364d194877b7c15b6ef202b535b30
4abc6dae982d098d315efd0bfa7fa88afe40438acf7a540cc2fce38bc50cb39f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbae8b3d2a71b182f3aab701a08fc3c5f2bf734f9e09605c650b1c6506e9097
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55270971fdc4172d5cbba95dadd779074eadb9c50bf16c2b3253ccc6bc8fc363
56edcce22cf5108db3c8084fb42c5750a89f2e209761cc208307176f90fd1929
58ba841b04c89089a69c02ce9a02cac37a2d24677a518576412b5ecf96ca3d68
58e5fd5fdc433a0d63fb56c16a7354adb2c2c6560316058ebddbfaab7c8451b1
5a1216d11e2fba3c5157c0ca95899fc1d19a9749fa3b1fc7c5cd4db834e37c34
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
620292c706dc2569ba5dfb3127de87f03c772fe48a29bfeb836827390f79584f
639f775b7a630ade2f4e7d0a726079bc49e791ae0262f2f9d13270ffc29adcd9
6809abca6a41d3fda45b365d00b7683beb23de1a7e14c7b09357a60306ad3bb3
68f4d44b056db178a4a5683da873a2c3754afb055d3cea217afdd297b6162bee
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6bfefa8525dd424aece1f6e1bac4fd6e8fef2b13579bf09a4d58debf29afc096
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
70b48751ed188f249e4bcf1937413d480f6787e589bf8dd50cf245de1403f350
71c7fba3eac44436b09a1832e4f42793dbe61479cb5cbcf9ad26cbc83a8f875e
78791edc61c96a5ec8159e033473108958108c66296abe6a5b6896040dff9645
7e8a5143da6b8b8a2c3580f709d2aa735d5cbbd074f4a94bbd01e0733a3509e0
815845177259fa674dcda05bf0064f22e39ca7451aa464f573749c7f153e40ec
82750f27be03d4b9e57a91dfa19180873ddbb22dd81aba6854dd7b7ea08c1e9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845f8de0271cb49d747de3ce216d1f025c4dfd406d4abbb0e1d62a21c5be7c3a
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8a3c0e393f9218f4f23b69d934656e6254a38fad195f98a63878d1b5c940ae32
8a59881aae83948c79aad351b6c2b206f08360449c9a47e725f4523b57c5d5e4
8aa69ee6b2376505578d758bfbbc52aec88fa5e591f1a7cabd8adfa80a7b613a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
972670964765920ff0c87aed2613cf09ce2e920b78ca4153d54c234df024f1fa
973984f8b4377b365f790bc50453b556ce0875fb7f2ceebc069220efa480fb58
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a2f6bb0a1df0be51146c7da9f1c2318bd82666947b4ee78f9291acf78e1d34f4
a3a7843072d6183c555fac74191b3f39d982388798455306030d78464238830c
a56c17631640f1b0f23f489807bb99694935d75d9ff6d56e19d83276f14d8223
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ab066295593b54931f3626321d47be2c5e864721c2e151d0c9a38f8e467e9e60
acf810119d93e7f8635d3377ffb33293e0227109d3961b2da444f179a98bfa2f
ad78e8eb18687259ba548b75eba609f28ac8483ce80a86a86b9cbe3c19049b38
ae094581b02078545d1307829acbc067667d89a8ee4f334b767dfc82152844fc
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
afaed7c81302d1a08eef38549fc320ba36f714e366cbfe9ed1a492b98fc51790
b178a094aa675818c30336b05f33281544ac8ebf46773e8c9e0342efe77466be
b1ab7f5b143326ada33e6390ac30e8910eff824a143f868f2b55a807e65f16f4
b8616c6ac715b0b422786930a6e6a969bb192ccedb206fb62ec977d133e5c96e
ba8ace037b7166c713f54d37ee29f9234e29f2543919d1af2374a3c8f51f2a0c
bb9d9e64821aa32f205cbe5f2781ca5c7fd203ead988e73323f9d10a954587d8
bcc4ea27e4eed52715c226ebbaa6db04ef6baace6d9784983eac4f00a0ed4979
c0ed76555f0c56b40626bae8cf00b9b2aaf26a9dbbe1d2e3b65bec71f55c707c
c7fa96da8fdda65f661dab352194c1291fd3485613fbbdc356f03212c0908494
c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6
ceb18be4f71464b6cef1dbbd39472e8ffa9edafec1cfe3c3ba584ba38839ef18
cfe45b981d1b91b173361a34cfce5f60893dbd1ac4af2c3ac11fc17552c5401f
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
d201123b79435acabd61f3e6cac057fc511d1fd02ca383f30d84aee05364a17a
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d431a1bea049c7cde596966313cb6264cc9e0ebe24322f96763d2f9d50054620
d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0
da976af5823bc6ad759c9700904641c456b3c4df1ce61a333ab94187facbb2a9
dacc6ca3b43fcebe51561c46b183860e141dfea219a084a1e08386859987da9c
db866dd342c47c8ce58dd26ec220b91bcf6ae480a3c77f073bff5e8bcf892be5
dd85a2b2658e24fa2db14b8b90985f787bc0b3935ddf8ac8b42a76373e512580
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e266f7448ec14c233e0e9b92b6e8270a37e9fbfda62022949989d005c20927fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e7fa19c0a500f3bf2b7f7a35c217a719745097bdbef1a2486d986841b8eefb8f
e87f28c516c3a718744495121d2f3f5f6bc7bd48689df40017e9ad62bdd9d57f
ef0e3d5d384271257c3e400d910b9aff6ebfa8f3ef368c563cb70b8ea18e3b64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05d606520a925d806abe5f14bf2c8f2444be06370b26964b5b92bac2e35f27f
f10edd6b5939fa52302d695307a651d8d95207d89c7cf734681603cad7d58b2c
f4a95f3867a155a56cb4f968c5d608e7e598b5162e1013be965ec4f5de6ba2ca
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191
fae292c56f0ba34ad22703b446d30e97ec101dfba1a5657bab60cbb6f3d00b79
fdac922e21fafc6832815aecb44b417a6073ebc1e1b2215a1e264316d89504c5
ff6ed1816426b74236266b53606227ca523ffa1129685579857f3bee9e79d876

wtimessquare.idaypass.com Open in urlscan Pro 54.196.47.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

170 Requests

95 %HTTPS

34 %IPv6

37 Domains

52 Subdomains

51 IPs

6 Countries

9198 kBTransfer

24850 kBSize

57 Cookies

8 Outgoing links

Page URL History

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wtimessquare.idaypass.com Open in urlscan Pro
54.196.47.60 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

95 %
HTTPS

34 %
IPv6

37
Domains

52
Subdomains

51
IPs

6
Countries

9198 kB
Transfer

24850 kB
Size

57
Cookies

170 HTTP transactions
0 data transactions