starpicks.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: starpicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 16:44:19 GMT
Location: https://www.marriott.com/travel-deals/last-minute-hotel-deals?clusterCode=corp&corporateCode=MEB&program=spg&reset=true
Content-Length: 0
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4443
Expires: Mon, 05 Dec 2022 17:58:22 GMT
Date: Mon, 05 Dec 2022 16:44:19 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1336
Cache-Control: max-age=151756
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:19 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:53:35 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 16:18:30 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1549
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20180
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 16:44:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: k5HCFV+ZUC0WpZAc6Wit3ReVpJdSD/ggeX1kDvzUUI0VkjKOXNOzNqZT7qb7lY4yLkzqND4tzJs=
x-amz-request-id: NW33JBP7JSV0F64K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 15:48:02 GMT
age: 3377
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:44:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 16:11:19 GMT
cache-control: public,max-age=3600
age: 1981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1323
Cache-Control: max-age=146675
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:20 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:28:55 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
www.marriott.com/travel-deals/last-minute-hotel-deals?clusterCode=corp&corporateCode=MEB&program=spg&reset=true
301 Moved Permanently 0 B URL HTTP/2 www.marriott.com/travel-deals/last-minute-hotel-deals?clusterCode=corp&corporateCode=MEB&program=spg&reset=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /travel-deals/last-minute-hotel-deals?clusterCode=corp&corporateCode=MEB&program=spg&reset=true HTTP/1.1
Host: www.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: MI_Visitor=1188C65C-7470-544F-A24B-7B6EF5422498; JVMID=aries-play-rewards-app-green-23-vhhdb; AKA_A2=A; _abck=CE62AB4473D11D9D3329CB4F7666E75D~0~YAAQJXchF8gcgHWEAQAAojsk4wl3Paa/qRvkyM2/scH6vxOqUqIB9SBfkjGh6HLkZyWApfg/60JD2v8MqGsRtEpCaG1lDT6a6YNJivisMLqJg75uSZCtWb4Yy30R/0pHyz6e/idpSIhWxRMJFHnwxncPpJB0rMlW3RfL6ku8Mp2spp2c78mWa9xjhj3O2Urq+jhp4+lRTJq40TPds6qmZIErXN0KvCelvVJuvjcVpj9ppZLCiKECNAW1XMT5AZRpb+Qv+DHUZfPWMIRbj6atT+YPwqW4/vaecwhipiz8q46sDw/JA+sHmK8itBzlSLDBjOfDR6sf58yRyBzYolJJLXro4dl3XM1jmV8wesBVt+QIopBDYe+szF6jE0f2Fvop5LKRupaozkxl3ghUFOwohNQ1//uoNZSaxLxo~-1~||-1||~-1; ak_bmsc=9B22A50F17F9F7759A189126CB27FCD1~000000000000000000000000000000~YAAQJXchF54cgHWEAQAAGTYk4xImTJIK4PGEzRZTryq7ev6G1CekJvnNMWqDY4e6JXtrTvNdZt0dAe6luNxZyu64FOfBQXauSQTbElRF4yaDW7kCswm8SYhmpSrNcsfyFpC3BnWPuluOUZM2wutUTGksbp2XiXVU0dK3ueH1ayTw8y0Cro/3YxXNJHgk9jQuBL8GqXQUerkwwCQrXZ9IBVBl5bnvdlQH5TLsiGs+pwR7LDNT0oo1eH1JMB0myoWRiLSLwsWSRPgoIHpZUsf8btWY/3S/qfaWxYW1aCcV14Y1hLccctdKz9DWEveT7bEjBHIYxSrACIaOf/HydHtwg8Zri/7o/ctaSRUJjncJ5zzAVMi0i8cSRKZ897I8iRCqpA6nRqqUwfYDL/omF41IvfJDG23pxrpmSyVDiSTf6MAPfUE052ruhMWrF8GiIyaUQR5SC/wzmvbndOGGkVGn89ODsNhWdy5lhzbFP/2wuwumAVn+RDMr2ulfpgc=; bm_sz=80BF0438212679F328D12BFA8B0AD557~YAAQJXchF3IcgHWEAQAAeSsk4xIztNvlbsU6pnyGPu0U+CiiV77UErknJGOEJoQkzEVNH7th8Wftb8quvB8Z4AfvaC/IZw9dNriC9KVmwk87eJUJGVRrAxACa5OxZHVQlm3pCq/DgJIUT0gKu+9mIt6HWzFjo+Peq4Gu+M3Ft5Z7Ph/uVRox+ppF+jQYKVDKKPhwc0+4XPC30B2+aZi7aDqYuZvDWrR0LQlaQ8lAEUXePbpnSz6bJSMwBKWxfnr/zpAmzotnKKfKuT0pnkSdg+/I9xa9oFrzz2NTP9k42ve5W22qPQ==~3159609~4408121; AMCV_664516D751E565010A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C76274957061129678444027448478228687350%7CMCAID%7CNONE%7CMCOPTOUT-1670265310s%7CNONE%7CMCAAMLH-1670862910%7C6%7CMCAAMB-1670862910%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; mbox=session#c5ea0df62c1f456480296e31b9203cdc#1670259969|PC#c5ea0df62c1f456480296e31b9203cdc.37_0#1733502911; bm_sv=6332E3CB501672F4DAEEFFB953285B24~YAAQJXchF6kcgHWEAQAACTgk4xKvatmbGP2W7Wds4jioQi9yoc5kmRQ2k88Q3Eduo6ITm0xn+u8Vy0C2kITlzw5yKaklij9h6GFNyj5qolOQP32iMNUCChGk1TsoAccO4LsSlKJxpBEwOTx1MwfbpNFgfdBbQ/TtI/CDr0t6Gmg/3GIo1nGvyRbCio/vHdJRkMK/U04aqkCVN6k1op3j2HZYsqqvvc+PhXAOc1KhDlVmET2WtRwcT5V8m3v+gutntjY=~1; mdLogger=false; kampyle_userid=711b-161c-212c-d3b0-0093-eb18-d07f-89ed; kampyleUserSession=1670258109814; kampyleSessionPageCounter=1; kampyleUserSessionsCount=1; s_ecid=MCMID%7C76274957061129678444027448478228687350; s_tbm=true; aam_uuid=76191958296237861893999974781107660703; mboxEdgeCluster=37; merchViewed=allOtherPagesFooterBanner-unlockYourStay1120|; demdex=76191958296237861893999974781107660703; OptanonConsent=isGpcEnabled=0&datestamp=Mon+Dec+05+2022+16%3A35%3A13+GMT%2B0000+(Coordinated+Universal+Time)&version=6.26.0&isIABGlobal=false&hosts=&consentId=64521acc-b9f5-4c46-82d3-a4a94cb0ec62&interactionCount=1&landingPath=https%3A%2F%2Fwww.marriott.com%2Fprofile%2Femail%2Funsubscribe.mi%3Fnck%3D75204183%26ck%3D49874073%26lk%3D1000542512%26dtm_user_id%3Dd40de8cd58ec840fa4902d9c5c4b06ef6c03f63b0ba60dad8695b4604e765db0&groups=1%3A1%2C3%3A0%2C4%3A0%2C6%3A1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
content-type: text/html
content-length: 0
x-request-id: /travel-deals/last-minute-hotel-deals~X~7ae3569704200af0d8cc21cc1372e907
x-service-id: ram-nginx-auto-green-27-7xxmh
location: https://hotel-deals.marriott.com/last-minute-hotel-deals/
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
cache-control: private
x-xss-protection: 1; mode=block, 1; mode=block
date: Mon, 05 Dec 2022 16:44:20 GMT
set-cookie: sessionID=BB00E333-AA75-505A-B293-437497BB080C;path=/;SameSite=None;Secure
tntId=1188C65C-7470-544F-A24B-7B6EF5422498.34_0; Path=/
JVMID=aries-play-common-app-green-57-ghsrl; Max-Age=31540000; Expires=Tue, 05 Dec 2023 17:51:00 GMT; SameSite=None; Path=/; Secure
7f43ca11c4dc21bb60196804ca3a8e4a=5404ce0b7f1b0cc1e02daa515a9ef5ec; path=/; HttpOnly
MI_SITE=prod13;path=/;SameSite=None;Secure
x-mi-tag=rel-R22.11.4;path=/;SameSite=None;Secure
a57b2616814e0f1487309dd765f09aac=8c65e0d4ef0f2834f48c5b95ac349ef3; path=/; HttpOnly; Secure; SameSite=None
bm_sv=6332E3CB501672F4DAEEFFB953285B24~YAAQDU8kF3Ys8YGEAQAAs5Us4xKhrnY+6XHJH8Q2vht06M9/s1mlRrQZwpKF8rJ8idIdevA+MXchMvvf9T9H3IT6hCnVDn/Va1fMZvrc9TeroEm8kuKU9k9UGj4yoJbUFDyFwxI+mLapVS2nT8/xCm0AvhIvL5qxXMgBs2OSD9XzFUyxXglBkGx6dU5pljN14Z8t3JJz9gJkuypSSRTZBVf8WtAEayveHpbpCEJ5uwv7rw/k6qiJSF5Tr4YQNjpu3RU=~1; Domain=.marriott.com; Path=/; Expires=Mon, 05 Dec 2022 18:35:11 GMT; Max-Age=6651; Secure
retry-after: 28800, 28800
strict-transport-security: max-age=86400 ; includeSubDomains
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YhA09jOxZKgnSg9gSri2TA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8u7ftCf8Xvp3Si0WlKixOG+eLdw=
ocsp.digicert.com/
200 OK 278 B IP
Hash 53cfaa8acd46019b4812e5732c219fd5
cf583d5ed5dbdf10cfac264f354f9a2be324be2c
2c9b4ca65acad31845398b2f58ac6b7e8b50a0b835120543a3a816a15f8b1ff0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=130955
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:21 GMT
Etag: "638d7c70-116"
Expires: Wed, 07 Dec 2022 05:06:56 GMT
Last-Modified: Mon, 05 Dec 2022 05:06:56 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash 53cfaa8acd46019b4812e5732c219fd5
cf583d5ed5dbdf10cfac264f354f9a2be324be2c
2c9b4ca65acad31845398b2f58ac6b7e8b50a0b835120543a3a816a15f8b1ff0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=130955
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:21 GMT
Etag: "638d7c70-116"
Expires: Wed, 07 Dec 2022 05:06:56 GMT
Last-Modified: Mon, 05 Dec 2022 05:06:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278
assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js?ver=1
200 OK 116 kB URL HTTP/2 assets.adobedtm.com/launch-EN3963523be4674e5591a9c4d516697352.min.js?ver=1
IP
File type ASCII text, with very long lines (32741)
Size 116 kB (115510 bytes)
Hash 4f862e3dd0120c1c3cb18073d977f545
4cc35c433cda2160ae2a2226a2c938df40c49911
e0a274d2232c9cfd90a0f10710c3e9b0c003ce80c8f74d5d68c87bd0fc510737
GET /launch-EN3963523be4674e5591a9c4d516697352.min.js?ver=1 HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "2ee87a2b7f15406222a2661e6d5692e3:1668520147.222491"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:21 GMT
date: Mon, 05 Dec 2022 16:44:21 GMT
content-length: 115510
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Mon, 05 Dec 2022 17:23:32 GMT
Date: Mon, 05 Dec 2022 16:44:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Mon, 05 Dec 2022 17:23:32 GMT
Date: Mon, 05 Dec 2022 16:44:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 196 kB IP
ASN #20940 Akamai International B.V.
Size 196 kB (195738 bytes)
Hash b5ee37c86229f9b9131c6ff10a588c1d
2242c903f9d0128a6c6742e75734c4d185f459ea
33dc6d64002cab9a1993aee78b34de9ca6fc60638ec5b973fd7ede9f8bfb7053
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Mon, 05 Dec 2022 17:23:32 GMT
Date: Mon, 05 Dec 2022 16:44:22 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 4.8 kB IP
ASN #20940 Akamai International B.V.
Hash 3e47d8d26fde6b801a21d94f12d33b15
6ab9c315ce554af2be3a4bf93ddc3b27c50dff44
e115b2f22fbc5817eb2978f10feb692fd1d82ac32a71680399a51f86510e0682
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2350
Expires: Mon, 05 Dec 2022 17:23:32 GMT
Date: Mon, 05 Dec 2022 16:44:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 68421
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
Hash 80df92d564112b6d079b1f14d04b4536
43839a1a472f0d3a61571c7d5e969b6f050a3375
34f037328d5f56ec27402ea9739e748c26d45cc9e0ac6d71dc089a3183474a76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 67901
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 67894
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 67281
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
200 OK 40 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
Hash b9d21a86c7931ffaf9e4544e815964fd
46895b15bb51c7dc0820d6339fd8d94a68f586c5
45307be01e8153c1081e95ffdf44640d70d0dac6c5c70377459213a3392478ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Og6pnDOmEW5oc9EtvKD8BtBojepI-ZSde8xxYGThfF6QNl-ZTQWqQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 68316
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cefedc4583864e81ce91d9ac4344010
cdbd2e1c3c3afe7de3da0173747e0e31f799d8aa
0547a7d9ae068c4455301bb22115951a0801afc39b5ac3365603718f15ac2c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10946
x-amzn-requestid: 8d645cf9-e79d-451c-ada7-cf9fd4c1eb29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsvZGkBIAMF2Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc195-619ed6194f29e8de7ebd307e;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M8odQFbH99g-dSx8P1VmvsW1bDcTivamIi5_12u1C00tmM9GRlRd7A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:01:47 GMT
age: 67355
etag: "cdbd2e1c3c3afe7de3da0173747e0e31f799d8aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nexus.ensighten.com/marriott/prod-thirdpartysites/Bootstrap.js
200 OK 15 B URL HTTP/2 nexus.ensighten.com/marriott/prod-thirdpartysites/Bootstrap.js
IP
Hash ffe905f50d9b47e6353b68513c4d48ac
d2c2ee4201cca3be67abf771ed1f1922fa94d083
c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633
GET /marriott/prod-thirdpartysites/Bootstrap.js HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 15
date: Mon, 05 Dec 2022 16:44:23 GMT
x-amz-replication-status: COMPLETED
last-modified: Fri, 22 Jul 2022 23:48:01 GMT
etag: "ffe905f50d9b47e6353b68513c4d48ac"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL
accept-ranges: bytes
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mQsnxu-FYLrFlvSrNMu6kx1L9ZaEQ52bZ3zYwaGK7hVG_5C1soI1Vg==
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
200 OK 13 kB URL HTTP/2 assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js
IP
File type ASCII text, with very long lines (32757)
Hash 8298d10a60c49ca920e2212c4e39cb46
30f0d2e2f18b01cad6ad6269c6bbb5da37e59c60
8ca91491502c82c7b2cc621516b063ba7c0dd753b4cae0c06e91e3e47075c584
GET /extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "72404253c27255247028f0ba11022cf8:1559603012"
last-modified: Mon, 03 Jun 2019 23:03:32 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12916
expires: Mon, 05 Dec 2022 17:44:22 GMT
date: Mon, 05 Dec 2022 16:44:22 GMT
cache-control: no-cache
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
cache.marriott.com/aka-fonts/MarriottDigital/proxima-nova-regular.ttf
200 OK 251 kB URL HTTP/2 cache.marriott.com/aka-fonts/MarriottDigital/proxima-nova-regular.ttf
IP
File type TrueType Font data, 19 tables, 1st "BASE", 29 names, Macintosh, type 1 string, proxima-nova-regular WebFont\012- data
Size 251 kB (251264 bytes)
Hash 97aa0d1ca1953805f0b7731601370941
ac4219e402b8bdb17fa0cdca6557034bd88b1bb0
ef582da6c2d45e3f85044f2f55be1c10d264ac64d42aba9cd1a53d953fd2e6e2
GET /aka-fonts/MarriottDigital/proxima-nova-regular.ttf HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/ttf
etag: "97aa0d1ca1953805f0b7731601370941:1524079086"
last-modified: Wed, 18 Apr 2018 19:18:06 GMT
server: AkamaiNetStorage
content-length: 251264
cache-control: max-age=1648563
expires: Sat, 24 Dec 2022 18:40:25 GMT
date: Mon, 05 Dec 2022 16:44:22 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cache.marriott.com/aka-fonts/MarriottDigital/proxima-nova-bold.ttf
200 OK 258 kB URL HTTP/2 cache.marriott.com/aka-fonts/MarriottDigital/proxima-nova-bold.ttf
IP
File type TrueType Font data, 19 tables, 1st "BASE", 29 names, Macintosh, type 1 string, proxima-nova-bold WebFont\012- data
Size 258 kB (257636 bytes)
Hash 35c0a35ab1e12d401c942591eeff5dfb
d9f5a5268f3da1d6077ece73497f0e1758f66909
596abbd37cc93e22661c95eecf5026ca0184421a0be193f6c7b18620e1a890ba
GET /aka-fonts/MarriottDigital/proxima-nova-bold.ttf HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/ttf
etag: "35c0a35ab1e12d401c942591eeff5dfb:1524079102"
last-modified: Wed, 18 Apr 2018 19:18:22 GMT
server: AkamaiNetStorage
content-length: 257636
cache-control: max-age=272107
expires: Thu, 08 Dec 2022 20:19:29 GMT
date: Mon, 05 Dec 2022 16:44:22 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cache.marriott.com/aka-fonts/MarriottDigital/proxima-nova-semibold.ttf
200 OK 152 kB URL HTTP/2 cache.marriott.com/aka-fonts/MarriottDigital/proxima-nova-semibold.ttf
IP
File type TrueType Font data, 16 tables, 1st "BASE", 31 names, Macintosh, type 1 string, proxima-nova-semibold WebFont\012- data
Size 152 kB (151700 bytes)
Hash 2c1b6eb8de9b37165e55d1e881e32e0c
2a49d19d974a7d83470d7a9f42e7ac9043308387
a9c0dcdf28cab864d690d109eaeb218db07a75ace0da74dd8fb740a7e4a21941
GET /aka-fonts/MarriottDigital/proxima-nova-semibold.ttf HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: font/ttf
etag: "2c1b6eb8de9b37165e55d1e881e32e0c:1524079073"
last-modified: Wed, 18 Apr 2018 19:17:53 GMT
server: AkamaiNetStorage
content-length: 151700
cache-control: max-age=1325702
expires: Wed, 21 Dec 2022 00:59:24 GMT
date: Mon, 05 Dec 2022 16:44:22 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC78d2ab32ef0d4ee6a18f0b50fcc75be4-source.min.js
200 OK 335 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC78d2ab32ef0d4ee6a18f0b50fcc75be4-source.min.js
IP
File type ASCII text, with very long lines (426)
Hash f19f9dd4f504bdb4f65dc448c5256eaa
7002ea69dbf7118bbfa398a1f3c44e1d2669dda7
5859c2c87f9b55f09843169324f4773f86d4e9f8ee0cd173e36efb489283a030
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC78d2ab32ef0d4ee6a18f0b50fcc75be4-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 335
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCa5ed73b2eef54820a2200065c47aced4-source.min.js
200 OK 780 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCa5ed73b2eef54820a2200065c47aced4-source.min.js
IP
File type ASCII text, with very long lines (1551)
Hash 03d6e014516aa8a7e9604551ccc38cfd
c268970d99c8a33a4fcdb8ec6b06a546472cd10f
731519d8974d8ae2a075b82c707da9ad7f1e6355699b442b024fa4c1ad83b904
GET /697d0c070f1e/d405339bb010/6d901d57d819/RCa5ed73b2eef54820a2200065c47aced4-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 780
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
200 OK 8.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js
IP
File type exported SGML document, ASCII text, with very long lines (25042)
Hash 641a795b67797b0c45fa9e3cdfe9be48
e5e33adcb04a3b66027bf5d62f7046194f18995f
e3de82ba7d0a2ed47990b11b2be8a5244a00bc2ff4426ded8eab451736f3d719
GET /extensions/EP971e6ad26efe44ab86e98d3905a44621/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "e539ea6425ae55fa9f68995bc5a68886:1559603018"
last-modified: Mon, 03 Jun 2019 23:03:35 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 8640
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
cache-control: no-cache
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash b967016c92599586200298d67c900ac5
14a6fd8d84b435e154c0ae357a9f8dc24c16e9eb
b266fccee1baec0b93927cf1385b1a3e6987424f00cbf0ac879fcc8f212df56c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1066
Cache-Control: max-age=135616
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:23 GMT
Etag: "638d8a7e-1d7"
Expires: Wed, 07 Dec 2022 06:24:39 GMT
Last-Modified: Mon, 05 Dec 2022 06:06:54 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?1817029531352438.8
200 OK 6.9 kB URL HTTP/2 cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?1817029531352438.8
IP
File type ASCII text, with very long lines (20884)
Hash 5b659555dab4aa444de9651e45619401
12409bdbb526656fdeb4d5279a5843a76b1d6a3a
6cca76915139d3a4f75006830d07976aac58e4151727e5810c74a5da8c7314cd
GET /aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/otSDKStub.js?1817029531352438.8 HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Cookie: AKA_A2=A; _abck=CE62AB4473D11D9D3329CB4F7666E75D~0~YAAQJXchF8gcgHWEAQAAojsk4wl3Paa/qRvkyM2/scH6vxOqUqIB9SBfkjGh6HLkZyWApfg/60JD2v8MqGsRtEpCaG1lDT6a6YNJivisMLqJg75uSZCtWb4Yy30R/0pHyz6e/idpSIhWxRMJFHnwxncPpJB0rMlW3RfL6ku8Mp2spp2c78mWa9xjhj3O2Urq+jhp4+lRTJq40TPds6qmZIErXN0KvCelvVJuvjcVpj9ppZLCiKECNAW1XMT5AZRpb+Qv+DHUZfPWMIRbj6atT+YPwqW4/vaecwhipiz8q46sDw/JA+sHmK8itBzlSLDBjOfDR6sf58yRyBzYolJJLXro4dl3XM1jmV8wesBVt+QIopBDYe+szF6jE0f2Fvop5LKRupaozkxl3ghUFOwohNQ1//uoNZSaxLxo~-1~||-1||~-1; ak_bmsc=9B22A50F17F9F7759A189126CB27FCD1~000000000000000000000000000000~YAAQJXchF54cgHWEAQAAGTYk4xImTJIK4PGEzRZTryq7ev6G1CekJvnNMWqDY4e6JXtrTvNdZt0dAe6luNxZyu64FOfBQXauSQTbElRF4yaDW7kCswm8SYhmpSrNcsfyFpC3BnWPuluOUZM2wutUTGksbp2XiXVU0dK3ueH1ayTw8y0Cro/3YxXNJHgk9jQuBL8GqXQUerkwwCQrXZ9IBVBl5bnvdlQH5TLsiGs+pwR7LDNT0oo1eH1JMB0myoWRiLSLwsWSRPgoIHpZUsf8btWY/3S/qfaWxYW1aCcV14Y1hLccctdKz9DWEveT7bEjBHIYxSrACIaOf/HydHtwg8Zri/7o/ctaSRUJjncJ5zzAVMi0i8cSRKZ897I8iRCqpA6nRqqUwfYDL/omF41IvfJDG23pxrpmSyVDiSTf6MAPfUE052ruhMWrF8GiIyaUQR5SC/wzmvbndOGGkVGn89ODsNhWdy5lhzbFP/2wuwumAVn+RDMr2ulfpgc=; bm_sz=80BF0438212679F328D12BFA8B0AD557~YAAQJXchF3IcgHWEAQAAeSsk4xIztNvlbsU6pnyGPu0U+CiiV77UErknJGOEJoQkzEVNH7th8Wftb8quvB8Z4AfvaC/IZw9dNriC9KVmwk87eJUJGVRrAxACa5OxZHVQlm3pCq/DgJIUT0gKu+9mIt6HWzFjo+Peq4Gu+M3Ft5Z7Ph/uVRox+ppF+jQYKVDKKPhwc0+4XPC30B2+aZi7aDqYuZvDWrR0LQlaQ8lAEUXePbpnSz6bJSMwBKWxfnr/zpAmzotnKKfKuT0pnkSdg+/I9xa9oFrzz2NTP9k42ve5W22qPQ==~3159609~4408121; AMCV_664516D751E565010A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C76274957061129678444027448478228687350%7CMCAID%7CNONE%7CMCOPTOUT-1670265310s%7CNONE%7CMCAAMLH-1670862910%7C6%7CMCAAMB-1670862910%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; mbox=session#c5ea0df62c1f456480296e31b9203cdc#1670259969|PC#c5ea0df62c1f456480296e31b9203cdc.37_0#1733502911; bm_sv=6332E3CB501672F4DAEEFFB953285B24~YAAQDU8kF3Ys8YGEAQAAs5Us4xKhrnY+6XHJH8Q2vht06M9/s1mlRrQZwpKF8rJ8idIdevA+MXchMvvf9T9H3IT6hCnVDn/Va1fMZvrc9TeroEm8kuKU9k9UGj4yoJbUFDyFwxI+mLapVS2nT8/xCm0AvhIvL5qxXMgBs2OSD9XzFUyxXglBkGx6dU5pljN14Z8t3JJz9gJkuypSSRTZBVf8WtAEayveHpbpCEJ5uwv7rw/k6qiJSF5Tr4YQNjpu3RU=~1; s_ecid=MCMID%7C76274957061129678444027448478228687350; s_tbm=true; aam_uuid=76191958296237861893999974781107660703; mboxEdgeCluster=37; demdex=76191958296237861893999974781107660703
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "67b989d4e95276950bf7da56f7c0598d:1654544327.296254"
last-modified: Mon, 06 Jun 2022 19:38:47 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=783676
expires: Wed, 14 Dec 2022 18:25:39 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 6886
access-control-allow-origin: *
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&d_mid=76274957061129678444027448478228687350&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1670258660165
200 OK 1.7 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&d_mid=76274957061129678444027448478228687350&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1670258660165
IP
File type JSON data\012- , ASCII text, with very long lines (5453), with no line terminators
Hash 148e215282265966a97875382892c1e0
113b2bb87a001ac93fe3ddc3b8fdec39c6eef81c
c7c86f849cf3b368245f8c3bd1fb0eb23e3228946549478e92dbc237b067fa50
GET /id?d_visid_ver=4.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&d_mid=76274957061129678444027448478228687350&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1670258660165 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotel-deals.marriott.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=62207743299667399623785748584444970585; Max-Age=15552000; Expires=Sat, 03 Jun 2023 16:44:23 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: oCVG52AQTGU=
Content-Length: 1712
Connection: keep-alive
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json
200 OK 4.0 kB URL HTTP/2 cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json
IP
File type JSON data\012- , ASCII text, with very long lines (4006), with no line terminators
Hash 2f1c841426300bd3781a1752ab891f7c
244c8de27dc9cc1e149bd8cd0394bcbab2c735e6
7316c1dfbc9f061b2280befce5285d9576624d84376031f96583df11d82ea916
GET /aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test.json HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/json
etag: "2f1c841426300bd3781a1752ab891f7c:1654545293.924385"
last-modified: Mon, 06 Jun 2022 19:54:53 GMT
server: AkamaiNetStorage
content-length: 4006
cache-control: max-age=112353
expires: Tue, 06 Dec 2022 23:56:56 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
access-control-allow-origin: *
set-cookie: _abck=CF29B930B51FC6691968EFF996692044~-1~YAAQDU8kFx8t8YGEAQAA054s4wlV3V6AbKluXmxsHjHw6KyC0qriBhx5U+PDR7C6FIINnhpgftnYx4DVcricjbYV1Z36/OrU0doQ7PM5864YKwvKOJR2TCkTHn9/leryQpN1wjAiK1nrmsZseqQ/lx6F+XNK/88y7UsXVCQa94llmVQU0uR0Qw1EeOyQHv7fXv8izr62hR7umgbeqRVvMP8QswPY9OamUtRQLJ4zs6FnfTk071MB5d3bDA2kwtOgNMUUa9yrbrfqIPo3OdiOtbfAl1ufoYKH81Wlqc0JT+w0c2O2jiOOspPZzdbgzZjax5MObwwz+GytJo8QfrZif+FlrX7FlcPxDxYdv9FecZ/19OAPWLhoIdOrXRyWXjM=~-1~-1~-1; Domain=.marriott.com; Path=/; Expires=Tue, 05 Dec 2023 16:44:23 GMT; Max-Age=31536000; Secure
ak_bmsc=2D63C361B0DEA033977ABD56D94DED90~000000000000000000000000000000~YAAQDU8kFyAt8YGEAQAA054s4xJrXuE2Cvwz+sA0rDIVaIDXNm3uXlj0eJNYCNXpMatsSwrPMTXZqfrO4LYX4Auo4VjIpwMSOY+Qq2ik0SL8vuwSUaMKJSQXo4izCv5l3QyMTuo8C2GUfbj1XX/i+GsPPpWFTSWwlSIZiYSy1fKX38l7c9UOEIsZWAkr4ogmlHPutSBRAAOWL9A66i1Lg/qJ+NkeCvBYniG/4xIYiOmx0GMPUxtDpUFC+9jZuN/4M/UlwjE/CiiAVDJHfpcbgetr08uWV4jBAXx8oARW7nH9ufSOjOOqf6MAqjmfKDxeqQf53h34w1yTCA2sHSmaEVoDaZxr0hECRtiF3Gvs2nbYN0kWaORo6fJr7eQR7L6zCn1mTLmL6BAraC0=; Domain=.marriott.com; Path=/; Expires=Mon, 05 Dec 2022 18:44:23 GMT; Max-Age=7200; HttpOnly
bm_sz=DD018ABFCA532ABC30247264AB7821CF~YAAQDU8kFyEt8YGEAQAA054s4xJqEISj040zE5ZcV1HhMnxyDD59hZZwXbyQBLh68Smnnc11TohcjwSU/+qjabFlrI5dvRYvO0e7CR2LICtWi3d1pAOMtk2W20rQFrAuv4SQMZjAX0ITiZT1QzJf8RrFVMhy+mRQShLwc8QMZd6o0jITFmV/KM7vxE7LMhyUgPL6dxneIl9Knz5jIj5+syDCqEOX38d8gF49GXxR/+20QAILZ7d4qvKoGAUguZ4gjzCd3NqwYv3lsGycnu60xrsqicrVdNvzL+42ROb9IYoyEq6Yuw==~3293752~3227952; Domain=.marriott.com; Path=/; Expires=Mon, 05 Dec 2022 20:44:23 GMT; Max-Age=14400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&d_mid=76274957061129678444027448478228687350&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1670258660593
200 OK 1.7 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&d_mid=76274957061129678444027448478228687350&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1670258660593
IP
File type JSON data\012- , ASCII text, with very long lines (5453), with no line terminators
Hash 538a3cdf4d4ddb126f280ed331fd0c7e
edc91ee4bbb5808769f6531e6636a1814a09d125
e2870af1d6a81108b226c9e9ea7d939380552754a32ce184816a5f63eb141b75
GET /id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=664516D751E565010A490D4C%40AdobeOrg&d_nsid=0&d_mid=76274957061129678444027448478228687350&d_blob=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&ts=1670258660593 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotel-deals.marriott.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-0a637d725.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=65866103433558947454227564987483913118; Max-Age=15552000; Expires=Sat, 03 Jun 2023 16:44:23 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: q8uiOubHQKk=
Content-Length: 1710
Connection: keep-alive
maps.googleapis.com/maps/api/js?key=AIzaSyD23quAeL2gxUvFyKg8C-Csf7i3aM99RtY&language=en®ion=
200 OK 53 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyD23quAeL2gxUvFyKg8C-Csf7i3aM99RtY&language=en®ion=
IP
File type ASCII text, with very long lines (2462)
Hash 90ba86e71b12767988716b36adf81cbd
a8df03d688befff311941679318583e325b1c6e6
52769f4f9c5b454ef16e3fe804833da1529285b2a41119acee530478c139c82e
GET /maps/api/js?key=AIzaSyD23quAeL2gxUvFyKg8C-Csf7i3aM99RtY&language=en®ion= HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Mon, 05 Dec 2022 16:44:23 GMT
expires: Mon, 05 Dec 2022 17:14:23 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53421
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 280 B IP
Hash 8ab7a790cd2edb7ecc8fa7099507009e
be1dc1f767413ae160a7707e58fa6b77b770e377
1154ca1ff71f866b71887c962e0857733a8ce2be9a69abd1c6972379cd8f8166
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 805
Cache-Control: max-age=156622
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:23 GMT
Etag: "638ddd90-118"
Expires: Wed, 07 Dec 2022 12:14:45 GMT
Last-Modified: Mon, 05 Dec 2022 12:01:20 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
marriottinternationa.demdex.net/dest5.html?d_nsid=0
200 OK 2.8 kB URL HTTP/1.1 marriottinternationa.demdex.net/dest5.html?d_nsid=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: marriottinternationa.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 5 Dec 2022 16:44:23 GMT
DCS: dcs-prod-irl1-2-v045-00960800d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 13:34:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: enTk9gXeQ64=
transfer-encoding: chunked
Connection: keep-alive
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
200 OK 559 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
Hash 80828dd8fa42c7aded58d3fc188978e9
087df80ad6b8870972e1d6476577edffe9794f50
1ba3d6f2ee0bd44d609e732f6cbc569ef948661aade070b4a893ffd8e8734102
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:23 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774e3f06b89c0b06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LCXS/s38318378027807?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F11%2F2022%2016%3A44%3A20%201%200&d.&nsid=0&jsonv=1&.d&mid=76274957061129678444027448478228687350&aamlh=6&ce=UTF-8&pageName=hotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&g=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&cc=USD&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c5=Hotel-Deals&c8=D%3Dv15&v15=Weekday%20%3A%20Monday%20%3A%2011%3A30AM&c26=Launch&v41=Hotel-Deals&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=hotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&v237=en-US&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1
200 OK 5.4 kB URL HTTP/2 smetrics.marriott.com/b/ss/marriottglobal/10/JS-2.14.0-LCXS/s38318378027807?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F11%2F2022%2016%3A44%3A20%201%200&d.&nsid=0&jsonv=1&.d&mid=76274957061129678444027448478228687350&aamlh=6&ce=UTF-8&pageName=hotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&g=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&cc=USD&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c5=Hotel-Deals&c8=D%3Dv15&v15=Weekday%20%3A%20Monday%20%3A%2011%3A30AM&c26=Launch&v41=Hotel-Deals&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=hotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&v237=en-US&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1
IP
File type ASCII text, with very long lines (5396)
Hash 2256aa503ca15976bdfa0cda691aa39f
d6131c40e814f55051921d8df441409fa3f7405b
8e18a4b5fadf4a1764fa4ac70002ca6f4013d5e50d0eb61491955c055ac97d90
GET /b/ss/marriottglobal/10/JS-2.14.0-LCXS/s38318378027807?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F11%2F2022%2016%3A44%3A20%201%200&d.&nsid=0&jsonv=1&.d&mid=76274957061129678444027448478228687350&aamlh=6&ce=UTF-8&pageName=hotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&g=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&cc=USD&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c5=Hotel-Deals&c8=D%3Dv15&v15=Weekday%20%3A%20Monday%20%3A%2011%3A30AM&c26=Launch&v41=Hotel-Deals&c71=Off-Platform%20Basic&v101=Default%20Cookie%20Opt-in&v192=hotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&v237=en-US&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=664516D751E565010A490D4C%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetrics.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Cookie: AKA_A2=A; _abck=CE62AB4473D11D9D3329CB4F7666E75D~0~YAAQJXchF8gcgHWEAQAAojsk4wl3Paa/qRvkyM2/scH6vxOqUqIB9SBfkjGh6HLkZyWApfg/60JD2v8MqGsRtEpCaG1lDT6a6YNJivisMLqJg75uSZCtWb4Yy30R/0pHyz6e/idpSIhWxRMJFHnwxncPpJB0rMlW3RfL6ku8Mp2spp2c78mWa9xjhj3O2Urq+jhp4+lRTJq40TPds6qmZIErXN0KvCelvVJuvjcVpj9ppZLCiKECNAW1XMT5AZRpb+Qv+DHUZfPWMIRbj6atT+YPwqW4/vaecwhipiz8q46sDw/JA+sHmK8itBzlSLDBjOfDR6sf58yRyBzYolJJLXro4dl3XM1jmV8wesBVt+QIopBDYe+szF6jE0f2Fvop5LKRupaozkxl3ghUFOwohNQ1//uoNZSaxLxo~-1~||-1||~-1; ak_bmsc=9B22A50F17F9F7759A189126CB27FCD1~000000000000000000000000000000~YAAQJXchF54cgHWEAQAAGTYk4xImTJIK4PGEzRZTryq7ev6G1CekJvnNMWqDY4e6JXtrTvNdZt0dAe6luNxZyu64FOfBQXauSQTbElRF4yaDW7kCswm8SYhmpSrNcsfyFpC3BnWPuluOUZM2wutUTGksbp2XiXVU0dK3ueH1ayTw8y0Cro/3YxXNJHgk9jQuBL8GqXQUerkwwCQrXZ9IBVBl5bnvdlQH5TLsiGs+pwR7LDNT0oo1eH1JMB0myoWRiLSLwsWSRPgoIHpZUsf8btWY/3S/qfaWxYW1aCcV14Y1hLccctdKz9DWEveT7bEjBHIYxSrACIaOf/HydHtwg8Zri/7o/ctaSRUJjncJ5zzAVMi0i8cSRKZ897I8iRCqpA6nRqqUwfYDL/omF41IvfJDG23pxrpmSyVDiSTf6MAPfUE052ruhMWrF8GiIyaUQR5SC/wzmvbndOGGkVGn89ODsNhWdy5lhzbFP/2wuwumAVn+RDMr2ulfpgc=; bm_sz=80BF0438212679F328D12BFA8B0AD557~YAAQJXchF3IcgHWEAQAAeSsk4xIztNvlbsU6pnyGPu0U+CiiV77UErknJGOEJoQkzEVNH7th8Wftb8quvB8Z4AfvaC/IZw9dNriC9KVmwk87eJUJGVRrAxACa5OxZHVQlm3pCq/DgJIUT0gKu+9mIt6HWzFjo+Peq4Gu+M3Ft5Z7Ph/uVRox+ppF+jQYKVDKKPhwc0+4XPC30B2+aZi7aDqYuZvDWrR0LQlaQ8lAEUXePbpnSz6bJSMwBKWxfnr/zpAmzotnKKfKuT0pnkSdg+/I9xa9oFrzz2NTP9k42ve5W22qPQ==~3159609~4408121; AMCV_664516D751E565010A490D4C%40AdobeOrg=-1712354808%7CMCIDTS%7C19332%7CMCMID%7C76274957061129678444027448478228687350%7CMCAID%7CNONE%7CMCOPTOUT-1670265860s%7CNONE%7CMCAAMLH-1670863460%7C6%7CMCAAMB-1670863460%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.3.0; mbox=session#c5ea0df62c1f456480296e31b9203cdc#1670259969|PC#c5ea0df62c1f456480296e31b9203cdc.37_0#1733502911; bm_sv=6332E3CB501672F4DAEEFFB953285B24~YAAQDU8kF3Ys8YGEAQAAs5Us4xKhrnY+6XHJH8Q2vht06M9/s1mlRrQZwpKF8rJ8idIdevA+MXchMvvf9T9H3IT6hCnVDn/Va1fMZvrc9TeroEm8kuKU9k9UGj4yoJbUFDyFwxI+mLapVS2nT8/xCm0AvhIvL5qxXMgBs2OSD9XzFUyxXglBkGx6dU5pljN14Z8t3JJz9gJkuypSSRTZBVf8WtAEayveHpbpCEJ5uwv7rw/k6qiJSF5Tr4YQNjpu3RU=~1; s_ecid=MCMID%7C76274957061129678444027448478228687350; s_tbm=true; aam_uuid=76191958296237861893999974781107660703; mboxEdgeCluster=37; demdex=76191958296237861893999974781107660703; AMCVS_664516D751E565010A490D4C%40AdobeOrg=1; s_cc=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-origin: *
date: Mon, 05 Dec 2022 16:44:23 GMT
expires: Sun, 04 Dec 2022 16:44:23 GMT
last-modified: Tue, 06 Dec 2022 16:44:23 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C76274957061129678444027448478228687350; Path=/; Domain=marriott.com; Max-Age=63072000; Expires=Wed, 04 Dec 2024 16:44:44 GMT;
etag: 3586853168631119872-4619661679450042002
vary: *
dcs: dcs-prod-irl1-1-v045-04c35fc5e.edge-irl1.demdex.com 8 ms
x-aam-tid: J6dP0/yPR0Y=
content-type: application/x-javascript;charset=utf-8
content-length: 5397
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 16:44:23 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://hotel-deals.marriott.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/3509a96c-aa3e-429d-8eeb-04eaf007b8d5/en-us.json
200 OK 166 kB URL HTTP/2 cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/3509a96c-aa3e-429d-8eeb-04eaf007b8d5/en-us.json
IP
File type Unicode text, UTF-8 text, with very long lines (587)
Size 166 kB (165543 bytes)
Hash dbb2aa8b84b9e6905494a6f738e5c21a
5a09b79c278e0deb7604295e24ab2046357bbb1e
872003a2c78cb831da61c92350e7b130fb0ee1caef3776813c8d049ee0dd6676
GET /aka-fonts/OneTrust/R1.3/oneTrust_test/consent/b9c54897-9a69-45f1-bbe2-55b2ae0ba593-test/3509a96c-aa3e-429d-8eeb-04eaf007b8d5/en-us.json HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/json
etag: "dbb2aa8b84b9e6905494a6f738e5c21a:1670005610.691245"
last-modified: Fri, 02 Dec 2022 18:26:50 GMT
server: AkamaiNetStorage
content-length: 165543
cache-control: max-age=125084
expires: Wed, 07 Dec 2022 03:29:07 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
access-control-allow-origin: *
set-cookie: _abck=270E57F0066715262B0E104A7EDC4565~-1~YAAQDU8kF40t8YGEAQAAwqEs4wkXcJemb73wMDItwb+5PGsoEkKaZ6kzwVpK7M6re4jQU1iXfMpBLIv0+9EKakSS1d65oe+cH7lb/eIyue7kxebRGSaOP3TTieGsxpfPIAhSClnKEF38tWBWZEG//3FrEyFe+ERSUbxs4oCggNiUQDydT0xgi/Gtgdl5jfz/Lg76ODSRpGv7MSHMVbNO7Vx4APHVxlv/akDih4tWPtAFDLs1Wm6BNsIOp8iUKznNit9X3U/s/DD6s3zyWtumSyEO+qaIczu8B/XIjDVdHSX85rUXUhA4UENrqMmxkYsfpBjjD8xx09ppwIubkcK5g+bbXq/umvnL72i3oFp0DQGZrijhYbWlnE585lm1a+w=~-1~-1~-1; Domain=.marriott.com; Path=/; Expires=Tue, 05 Dec 2023 16:44:23 GMT; Max-Age=31536000; Secure
ak_bmsc=431B1A242918FA835B4103BC7827D791~000000000000000000000000000000~YAAQDU8kF44t8YGEAQAAwqEs4xLuU7Qti1CM6Ltz7Pv8y0dkS0MMJGHe7uM1vlNW00uQrSui/IF6+89KnDRuGnnpd1rX3cqCWWOCYsNNKu/mf7Jec0ckqwVVOW2w/e/+Q//M+nwjdfds2RxbbKEz1AT8BpgJ5MeB02XzfTfWodo4Ut0DkgzFuQ/qBYbkxirgfxe+2LdTh+YLgZbM+8lh/+8ryMRSm/SyJ4FqYmpzzUIF6vzy2J15LL70TL1jgvJoGdYXYeujaUqwtWBWLv+Tomg5Du6HqbnvzU9zemoBeF50z4GSdWf8ZIe8BRanCeGvSG6coF8KVG2+6PX1M1ECSAuy4t/qlqBI7EjCej3Fl1CvcyqHR+Yjf+rtBmya+9h93K6Fp9BAVzvU0f8=; Domain=.marriott.com; Path=/; Expires=Mon, 05 Dec 2022 18:44:23 GMT; Max-Age=7200; HttpOnly
bm_sz=F474F2B983B3D969D6420B37A83D75C1~YAAQDU8kF48t8YGEAQAAwqEs4xKOYBMIHiSPGP2wBcywOv/EoJeCTpP+C0nPwgURh39vqcr/el9fYFGJc7heeBlhbqG9urefosUeM36qGqgsI40wkiz0VA6PbGwv/Roe+SyFP9+c//iCMpdxV8l/RjPO1j9PCLSxylzbYe5LmZow7RvcvzPXj+C34dh/RelOk540fvk3XumhGrjcKAaptMpw0nJHF2mS42zkONKZ9kx+PUV1oHHS2nVwJW1EouBMQ/NGSoMUwH7tvtLGatBXxVtL2MutkKz7RIWFjoe4d310zvLH1g==~3293752~3227952; Domain=.marriott.com; Path=/; Expires=Mon, 05 Dec 2022 20:44:23 GMT; Max-Age=14400
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC13a65ced67c44530b4e082ec22d40a56-source.min.js
200 OK 5.1 kB URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC13a65ced67c44530b4e082ec22d40a56-source.min.js
IP
Hash 8577f6578b0cfb9648c9534c02ff9b9e
7aea69b8aae39fb834efb87cae89875c4c4c6a7a
179edffbebc27f2a5d1db4c92a47858e50d9c0202822be4f574389b6f4522a41
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC13a65ced67c44530b4e082ec22d40a56-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 546
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
200 OK 78 kB URL HTTP/2 cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js
IP
File type ASCII text, with very long lines (65455)
Hash b6ca96a2235a129c0c1006a90379dc7b
5a1a2eba52efe7a695b6e3c133788d3c86a5d451
5a9da446aa55a96523845bce2917e815150b288783e14fe3cb2e330c2cede9bc
GET /aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/otBannerSdk.js HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Cookie: AKA_A2=A; _abck=CE62AB4473D11D9D3329CB4F7666E75D~0~YAAQJXchF8gcgHWEAQAAojsk4wl3Paa/qRvkyM2/scH6vxOqUqIB9SBfkjGh6HLkZyWApfg/60JD2v8MqGsRtEpCaG1lDT6a6YNJivisMLqJg75uSZCtWb4Yy30R/0pHyz6e/idpSIhWxRMJFHnwxncPpJB0rMlW3RfL6ku8Mp2spp2c78mWa9xjhj3O2Urq+jhp4+lRTJq40TPds6qmZIErXN0KvCelvVJuvjcVpj9ppZLCiKECNAW1XMT5AZRpb+Qv+DHUZfPWMIRbj6atT+YPwqW4/vaecwhipiz8q46sDw/JA+sHmK8itBzlSLDBjOfDR6sf58yRyBzYolJJLXro4dl3XM1jmV8wesBVt+QIopBDYe+szF6jE0f2Fvop5LKRupaozkxl3ghUFOwohNQ1//uoNZSaxLxo~-1~||-1||~-1; ak_bmsc=9B22A50F17F9F7759A189126CB27FCD1~000000000000000000000000000000~YAAQJXchF54cgHWEAQAAGTYk4xImTJIK4PGEzRZTryq7ev6G1CekJvnNMWqDY4e6JXtrTvNdZt0dAe6luNxZyu64FOfBQXauSQTbElRF4yaDW7kCswm8SYhmpSrNcsfyFpC3BnWPuluOUZM2wutUTGksbp2XiXVU0dK3ueH1ayTw8y0Cro/3YxXNJHgk9jQuBL8GqXQUerkwwCQrXZ9IBVBl5bnvdlQH5TLsiGs+pwR7LDNT0oo1eH1JMB0myoWRiLSLwsWSRPgoIHpZUsf8btWY/3S/qfaWxYW1aCcV14Y1hLccctdKz9DWEveT7bEjBHIYxSrACIaOf/HydHtwg8Zri/7o/ctaSRUJjncJ5zzAVMi0i8cSRKZ897I8iRCqpA6nRqqUwfYDL/omF41IvfJDG23pxrpmSyVDiSTf6MAPfUE052ruhMWrF8GiIyaUQR5SC/wzmvbndOGGkVGn89ODsNhWdy5lhzbFP/2wuwumAVn+RDMr2ulfpgc=; bm_sz=80BF0438212679F328D12BFA8B0AD557~YAAQJXchF3IcgHWEAQAAeSsk4xIztNvlbsU6pnyGPu0U+CiiV77UErknJGOEJoQkzEVNH7th8Wftb8quvB8Z4AfvaC/IZw9dNriC9KVmwk87eJUJGVRrAxACa5OxZHVQlm3pCq/DgJIUT0gKu+9mIt6HWzFjo+Peq4Gu+M3Ft5Z7Ph/uVRox+ppF+jQYKVDKKPhwc0+4XPC30B2+aZi7aDqYuZvDWrR0LQlaQ8lAEUXePbpnSz6bJSMwBKWxfnr/zpAmzotnKKfKuT0pnkSdg+/I9xa9oFrzz2NTP9k42ve5W22qPQ==~3159609~4408121; AMCV_664516D751E565010A490D4C%40AdobeOrg=-1712354808%7CMCIDTS%7C19332%7CMCMID%7C76274957061129678444027448478228687350%7CMCAID%7CNONE%7CMCOPTOUT-1670265860s%7CNONE%7CMCAAMLH-1670863460%7C6%7CMCAAMB-1670863460%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.3.0; mbox=session#c5ea0df62c1f456480296e31b9203cdc#1670259969|PC#c5ea0df62c1f456480296e31b9203cdc.37_0#1733502911; bm_sv=6332E3CB501672F4DAEEFFB953285B24~YAAQDU8kF3Ys8YGEAQAAs5Us4xKhrnY+6XHJH8Q2vht06M9/s1mlRrQZwpKF8rJ8idIdevA+MXchMvvf9T9H3IT6hCnVDn/Va1fMZvrc9TeroEm8kuKU9k9UGj4yoJbUFDyFwxI+mLapVS2nT8/xCm0AvhIvL5qxXMgBs2OSD9XzFUyxXglBkGx6dU5pljN14Z8t3JJz9gJkuypSSRTZBVf8WtAEayveHpbpCEJ5uwv7rw/k6qiJSF5Tr4YQNjpu3RU=~1; s_ecid=MCMID%7C76274957061129678444027448478228687350; s_tbm=true; aam_uuid=76191958296237861893999974781107660703; mboxEdgeCluster=37; demdex=76191958296237861893999974781107660703; AMCVS_664516D751E565010A490D4C%40AdobeOrg=1; s_cc=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "aa2e3ff705d27b77a2480d446a15e46b:1654544357.83096"
last-modified: Mon, 06 Jun 2022 19:39:17 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=803239
expires: Wed, 14 Dec 2022 23:51:42 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js
200 OK 717 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js
IP
File type ASCII text, with very long lines (1227)
Hash 1ff7542411e69e1ecc5f9dd5739c9feb
0cf34a238c1ce78c579b195676cb94763d360671
c63286bbc1a208fbb6d0dca557a85696117cd3696263df3153a6e50916f67030
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC9cb1ec8ecf2a461187113443b47b5896-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 717
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC7702a88f33944e368fcae3a8c042e3bd-source.min.js
200 OK 660 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC7702a88f33944e368fcae3a8c042e3bd-source.min.js
IP
File type ASCII text, with very long lines (2046)
Hash 8ff057ace0b7da7cc9923657df652f5f
084513bfeea9ea9035ef80be690557b59b8ad911
9c9af8da843ddeb41507cb89c34561d82c2f50af3c00a08ce55f99f86530e7db
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC7702a88f33944e368fcae3a8c042e3bd-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 660
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js
200 OK 726 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js
IP
File type ASCII text, with very long lines (1670)
Hash 790d497e892a1186f90a61ec44c9a765
1d60850a490179fe1d2b6bb6928895745aea995a
12f0b16920b069cbcaf7e510afcc3e9ed1f5dc25f1eca991603b17c7a727a675
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC28f29f2c23a143e0acc4cd8133230ddf-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 726
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCd7e9122fc9cc48c2af7cf984cc97d57c-source.min.js
200 OK 406 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCd7e9122fc9cc48c2af7cf984cc97d57c-source.min.js
IP
File type ASCII text, with very long lines (484)
Hash 52094d861b0c014ea99b0e176c0fe79c
a94a8f06ab35bb4ac047a685057327211446b07f
28f17f599fd1d0510695443a36bf2f1324fca0777a17586aefd9b9eab700fadf
GET /697d0c070f1e/d405339bb010/6d901d57d819/RCd7e9122fc9cc48c2af7cf984cc97d57c-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 406
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC5144740cc710431e95a7dd7c05b8b386-source.min.js
200 OK 678 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC5144740cc710431e95a7dd7c05b8b386-source.min.js
IP
File type ASCII text, with very long lines (1304)
Hash 0dae8acf5301da2949d82d08770b3357
1cb9cc0dd7bb2744d4335902822b4057e98f224e
086ba1845d462ed3625cd1bdf9f242df7037b7884dcae9c926386ff4dcb8a417
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC5144740cc710431e95a7dd7c05b8b386-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 678
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js
200 OK 905 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js
IP
File type ASCII text, with very long lines (2026)
Hash ab0c68f32cd44b6587421714936ebf18
1da73ee374786631677b10fa6905c50843bb5b9d
c1a07bdc3327861aef26102e100ac00af38f674181f6387dd3df7e6191adb17b
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC9f906a1934ae46f6b85351f19bfa52f0-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 905
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCb6c3578477864b5583591694fb0c7548-source.min.js
200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCb6c3578477864b5583591694fb0c7548-source.min.js
IP
File type ASCII text, with very long lines (3602)
Hash 21dcb8cbb64012e7864d21d239d9573e
39029d5489d90222f1787adcf6de2b8881a2e2a7
81255d2415df7c4017fbf964161f58082dbb1fb1f9fd3c239c76ced55475f339
GET /697d0c070f1e/d405339bb010/6d901d57d819/RCb6c3578477864b5583591694fb0c7548-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 1130
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC1b12bbad598c4c1380765438bb0467a9-source.min.js
200 OK 454 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC1b12bbad598c4c1380765438bb0467a9-source.min.js
IP
File type ASCII text, with very long lines (571)
Hash 47ae6c221d11cd873889a94028c56662
9ff1cc2edef1ab67d325b4ffe08c4bab1b2e54cc
5100cda600d22f43e6c0305d62eb4fc98d5eac9db69cee0b4fcd692e698265d7
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC1b12bbad598c4c1380765438bb0467a9-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 454
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCb12bd1abf26341f99678f8b654526b0f-source.min.js
200 OK 1.8 kB URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCb12bd1abf26341f99678f8b654526b0f-source.min.js
IP
Hash 270fb77140b5ba357cc8aef477690e81
29fa25ef6cc2cd0adbf5e2a85cdbbbbace5f75f2
48d929e402794fd593dec9da183e35005eea898286c79b5891dd1dd61fdb8598
GET /697d0c070f1e/d405339bb010/6d901d57d819/RCb12bd1abf26341f99678f8b654526b0f-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 616
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCc37891c0d65e4f2581d609fc16498257-source.min.js
200 OK 297 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCc37891c0d65e4f2581d609fc16498257-source.min.js
IP
File type ASCII text, with very long lines (401)
Hash 3e5f00657c04c45bfcc8b85f8605cbbf
c0636b1266745e76a901c725508a6aad7dbc77b2
c8b6bf5f4382ec3673950ca1e14c609d9a830f89b6a7639e7c535bb2a8ced380
GET /697d0c070f1e/d405339bb010/6d901d57d819/RCc37891c0d65e4f2581d609fc16498257-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 297
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js
200 OK 496 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js
IP
File type ASCII text, with very long lines (629)
Hash d16004c0c7375068f37638c128c83949
6ebc9d3deff798e4672be0b94349e9551511d5fb
7c1608fe3cb56b5f7a0bc885494de7171cc199d07ce2501311571c3fc04ae7c4
GET /697d0c070f1e/d405339bb010/6d901d57d819/RCe7ed036bb4cb4dc89bdf084029e843a5-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 496
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCb70d7bef713543b09b57afbc6f9e056a-source.min.js
200 OK 1.1 kB URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RCb70d7bef713543b09b57afbc6f9e056a-source.min.js
IP
File type ASCII text, with very long lines (2791)
Hash 0a43438ab7498ab5d1cddfddecd8843c
27371607a726866e9f67549b1cfcc5e2555dcf8d
c2fcbb6feca03c1878fcd5df02c6dc184167f292eb428bd4067234428cf61a59
GET /697d0c070f1e/d405339bb010/6d901d57d819/RCb70d7bef713543b09b57afbc6f9e056a-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 1098
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js
200 OK 410 B URL HTTP/2 assets.adobedtm.com/697d0c070f1e/d405339bb010/6d901d57d819/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js
IP
File type ASCII text, with very long lines (501)
Hash 99d6c9ab3b9113dcadfd2f3ad6c0ca63
9bd776603d9f376b59248424d1908ff9545b923c
d240ce515aac390a81160caa131d2c2fac95c06b0b773458439958c11ee22ed7
GET /697d0c070f1e/d405339bb010/6d901d57d819/RC62a22fd426a0470dad9c40c7f2f4b2fb-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "7c1b87bd6a9c9aefb2eadfe80155267a:1668520147.947326"
last-modified: Tue, 15 Nov 2022 13:49:07 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 05 Dec 2022 17:44:23 GMT
date: Mon, 05 Dec 2022 16:44:23 GMT
content-length: 410
access-control-allow-origin: https://hotel-deals.marriott.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 47c05091908482bd90d5d1bfad017f43
af30acff69622ae562a504cc2ade9f5efa782596
0e5c6e13b68fb981bd7ab6dab3c24ca0964e24b815bb71cd9af9a5e5be0e4652
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1729
Cache-Control: max-age=133397
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638d7f3c-117"
Expires: Wed, 07 Dec 2022 05:47:41 GMT
Last-Modified: Mon, 05 Dec 2022 05:18:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-203334133-1&l=dataLayerB
IP
File type ASCII text, with very long lines (1921)
Hash 7cb4fc1341648271f129ef4aa3d8ac3c
d84fbe753812b55ce81d7aea482fd594383d90e0
5bd9508ab8d5fca1ab174ac5d50a7da6c45adf6c9e895021c18cd11c4d05cb7f
GET /gtag/js?id=UA-203334133-1&l=dataLayerB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 16:44:24 GMT
expires: Mon, 05 Dec 2022 16:44:24 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43644
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 1eff7e01ef0aa6e1e88129b837ce5385
708844087e420d43d6b6cd94621f8d1d35036d44
28af039f41bd6a4f062c0d9e35f8438aaab63de8ea211d4801be0b1d44ee5269
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1911
Cache-Control: max-age=149048
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638dbba9-1d7"
Expires: Wed, 07 Dec 2022 10:08:32 GMT
Last-Modified: Mon, 05 Dec 2022 09:36:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
200 OK 9.1 kB URL HTTP/2 static.sojern.com/marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash f3ec22f4b4c6c94a8fd54b333337b94c
c393a13e5d4860c66eb2224f622d70d01d308a5a
36ace21bc8477c7c421e6f69f575c1dbd38ad015f9a55e7e3646b5e4d3007fee
GET /marriott/mhotels.html?p=undefined&hprid=&hpr=&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&hl=&t=undefined&hr=undefined&hd1=&hd2=&hconfno=&hp=undefined&hcu=&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&cid= HTTP/1.1
Host: static.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv5kCoHVroZlzxQSnTctIkMk-utkFipGzst3j4jiQFZBE-7BI-cJgPPnr3DSuXWDtxoNbbo9RLq_pvLOs6Beiay0KdLkqpC
x-goog-generation: 1659620615206818
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9076
x-goog-hash: crc32c=X1IjNQ==, md5=8+wi9LTGyUqP1UszMze5TA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 9076
server: UploadServer
date: Mon, 05 Dec 2022 16:37:31 GMT
expires: Mon, 05 Dec 2022 17:37:31 GMT
cache-control: public, max-age=3600
age: 413
last-modified: Thu, 04 Aug 2022 13:43:35 GMT
etag: "f3ec22f4b4c6c94a8fd54b333337b94c"
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 1eff7e01ef0aa6e1e88129b837ce5385
708844087e420d43d6b6cd94621f8d1d35036d44
28af039f41bd6a4f062c0d9e35f8438aaab63de8ea211d4801be0b1d44ee5269
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1911
Cache-Control: max-age=149048
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638dbba9-1d7"
Expires: Wed, 07 Dec 2022 10:08:32 GMT
Last-Modified: Mon, 05 Dec 2022 09:36:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
sc-static.net/scevent.min.js
200 OK 12 kB URL HTTP/2 sc-static.net/scevent.min.js
IP
File type ASCII text, with very long lines (27646), with no line terminators
Hash 62585b7e4a4eab6ba3984a2cd4de5365
14e3b07044b095c9b8fd7b84bf00adb32233edb0
8e0a43da6d5b986bdf45ccdc4bfc11742086d59e2dbf2ae3a04701602c6b8bb7
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 11972
server: CloudFront
date: Mon, 05 Dec 2022 16:44:24 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Tue, 06 Dec 2022 15:10:36 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cvGxhCcjUvsotM9GOmZKP2V7lbt2fXcqHKl-hdKegQOSgL4p4mNMmw==
X-Firefox-Spdy: h2
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otFloatingRounded.json
200 OK 9.9 kB URL HTTP/2 cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otFloatingRounded.json
IP
File type JSON data\012- , ASCII text, with very long lines (7980)
Hash becf963d0b2b5f4544a5ec243252794c
f248653acbd8ffded09cdf61b9a16c23d12d2f59
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
GET /aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otFloatingRounded.json HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/json
etag: "becf963d0b2b5f4544a5ec243252794c:1654544379.603934"
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
content-length: 9894
cache-control: max-age=224384
expires: Thu, 08 Dec 2022 07:04:08 GMT
date: Mon, 05 Dec 2022 16:44:24 GMT
access-control-allow-origin: *
set-cookie: _abck=7A5CC45C42199151BED093B007B1023F~-1~YAAQDU8kF68t8YGEAQAAl6Ms4wlUT0TzyHqz0v1gvvkk++cxTQ1MWxC/5ySKg6DTgvTHR7bESigtoyjNtTS3MUicy0hbUZWIYPlW+NeZtAAnaCFg0Hk2J4bdW6jsYdj08V1WgF/HuG2y/cxVO9HzaoSPEvIMImHQU3AvZMnbq7Swr3/dXiHf8LziFz26y8jbVIvD7YvB3wMgbNEA0g2gvlmB2941eJDIoq1yY606Th3ARQONIo2/vU6HUB99/XRADicjJgiiReR4iQWP/fIZVyiJx8IpcIqBr+ePtwjcTYyAECCIqtWebokqYkoBJJi+z/OGu8FaKRPFHJORcR6YmXRk1Qfal/gw2PJ46x+dC33bq5yF7z6FcW46NeOS2uU=~-1~-1~-1; Domain=.marriott.com; Path=/; Expires=Tue, 05 Dec 2023 16:44:24 GMT; Max-Age=31536000; Secure
ak_bmsc=7F74311CF9F44B348430D310B5B16B53~000000000000000000000000000000~YAAQDU8kF7At8YGEAQAAl6Ms4xIfSELXVEyr7ep6F2DFpaKemYuJjckOINDLSyj52nLJGw8+D499agxdJJtdxnYv6ZtdGCBjOQSK5KtHSslxC0En6+UXYhATG5pxTI+VKU+Fn3sYNxUqdf084hFpwrH6ttMx4z8dfub3lntLCa/jvSJdDo0Q30F/5XQbbt0JwG7IYtZWhmaMXu6WhIOJLqdOjywQg2TSLpG740FXV9gG03ZCvy/Jd1GkdSUKoA11ZZeQ4yDXsJmNKSH2j6XDBA1o6StIjfhCxtU8IRNLnj7DBCGnXKwZ8dkvL/tQe5JtJQfroHMeKM0ZK0N648oaoNB8B8clua++Ud156G0NaR/sSIJjQJ6MLtV9FOCdu6qtIbRKwR8+yb9BIqA=; Domain=.marriott.com; Path=/; Expires=Mon, 05 Dec 2022 18:44:24 GMT; Max-Age=7200; HttpOnly
bm_sz=DD6354EE16B601AFB0D30690F6F053C5~YAAQDU8kF7Et8YGEAQAAl6Ms4xLl+LUgGtq7MpwwdwG2E5Cg2wzX87uFQf1pXL/pDeSEQcRfg8R6CcgcJKF0SL7zceVl7oC7CupX98kiWr7ebUpzvFQ3oih2HUwkdrnmK3kv/N+5pxREJ1ZEg5w0gAObGwd7fyqWhcTUXrsU0OFzs0GWex9a7AS/2bHPN7SAY84d5xott2uBHTXhAHPRvnPp1HMS4WQikyOo5QLYGBrP9/AOVKymYVg43xX0+o8SDcDuaYV00rWlVSgveVpTWbfMheo0McC1wifuaEncg+s7GcXifQ==~4534341~4339523; Domain=.marriott.com; Path=/; Expires=Mon, 05 Dec 2022 20:44:24 GMT; Max-Age=14400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash de79328a1d48d087d7046244f4f9efa6
772d519d2c7a73bcae93db6185c2d8b65389cf7e
62b66f507d7407b4723c71baddc6b01a08e3962722a787006c99b72f816c755c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:44:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 14:21:00 GMT
ETag: "772d519d2c7a73bcae93db6185c2d8b65389cf7e"
Last-Modified: Mon, 05 Dec 2022 14:21:01 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1079
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774e3f0c5e39b518-OSL
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/otPcTab.json
48 kB URL cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/otPcTab.json
IP
File type JSON data\012- , ASCII text, with very long lines (36077)
Hash 398ef3d808c735374c8e1b4d3984d51a
64a0f74836e637587829d25cbb3938e59aa0ed05
4efca4768dedb757f956b51f3620d1521be4e8f065080515489defc83c2de704
GET /aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/v2/otPcTab.json HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otCommonStyles.css
200 OK 4.1 kB URL HTTP/2 cache.marriott.com/aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otCommonStyles.css
IP
File type ASCII text, with very long lines (11123)
Hash fa9e2d2183e65ab108397973040bbd40
5250f3400e60bdacac3b759ba29f25ac390ac736
81099a71b62d0cf269f997baad75bbfa87a43a75f17e6b2923bed409e7e5b4c2
GET /aka-fonts/OneTrust/R1.3/oneTrust_test/scripttemplates/6.26.0/assets/otCommonStyles.css HTTP/1.1
Host: cache.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/css
etag: "61ee8e79970dcae1685a883b098b34d0:1654544379.290447"
last-modified: Mon, 06 Jun 2022 19:39:39 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1983103
expires: Wed, 28 Dec 2022 15:36:07 GMT
date: Mon, 05 Dec 2022 16:44:24 GMT
content-length: 4130
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4a840dbdc0f31b56ed73560641d68ab8
2dba8290e0c1412b4f62cd6d903b8102b1c50148
8610dc3dd55d253e4ef6f41cca2932576c1c303a7b0f32d92c0c57d0bab30306
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 322
Cache-Control: max-age=137409
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638d9467-1d7"
Expires: Wed, 07 Dec 2022 06:54:33 GMT
Last-Modified: Mon, 05 Dec 2022 06:49:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 4a840dbdc0f31b56ed73560641d68ab8
2dba8290e0c1412b4f62cd6d903b8102b1c50148
8610dc3dd55d253e4ef6f41cca2932576c1c303a7b0f32d92c0c57d0bab30306
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 322
Cache-Control: max-age=137409
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638d9467-1d7"
Expires: Wed, 07 Dec 2022 06:54:33 GMT
Last-Modified: Mon, 05 Dec 2022 06:49:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&fpc_status=
200 OK 181 B URL HTTP/2 login.dotomi.com/ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&fpc_status=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae5f5d9ecac33a3bfcc1b428d7e57393
371f7865180383bdbecde5066f96f4e96306091c
9170f96d6133c832c41b8243196ad1955708ecb7f17e8d3dd0797d6a96ed6189
GET /ucm/UCMController?dtm_com=28&dtm_cid=2814&dtm_cmagic=8e987c&dtm_format=5&dtm_fid=101&cli_promo_id=2&dtmc_marsha_code=&canonical_url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&dtm_user_token=&dtmc_ref=&dtmc_loc=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&fpc_status= HTTP/1.1
Host: login.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:44:24 GMT
content-type: text/html
content-length: 181
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
X-Firefox-Spdy: h2
tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=28ac1562-a407-4275-bac1-b0ffa32da006&u_sclid=8d222199-2c1e-49a9-ab7e-86a76091e94e
200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=28ac1562-a407-4275-bac1-b0ffa32da006&u_sclid=8d222199-2c1e-49a9-ab7e-86a76091e94e
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&u_scsid=28ac1562-a407-4275-bac1-b0ffa32da006&u_sclid=8d222199-2c1e-49a9-ab7e-86a76091e94e HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:24 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4a840dbdc0f31b56ed73560641d68ab8
2dba8290e0c1412b4f62cd6d903b8102b1c50148
8610dc3dd55d253e4ef6f41cca2932576c1c303a7b0f32d92c0c57d0bab30306
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 322
Cache-Control: max-age=137409
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638d9467-1d7"
Expires: Wed, 07 Dec 2022 06:54:33 GMT
Last-Modified: Mon, 05 Dec 2022 06:49:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/p
200 OK 68 B IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
POST /p HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 422
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:24 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIAgEsIlIQI7HcZDoFAxvK8cQikVS+gguj3aG0dXuCmSp5Yx48LJ0x/AHBG34azIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 4
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 47c05091908482bd90d5d1bfad017f43
af30acff69622ae562a504cc2ade9f5efa782596
0e5c6e13b68fb981bd7ab6dab3c24ca0964e24b815bb71cd9af9a5e5be0e4652
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1729
Cache-Control: max-age=133397
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638d7f3c-117"
Expires: Wed, 07 Dec 2022 05:47:41 GMT
Last-Modified: Mon, 05 Dec 2022 05:18:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&cid=
200 OK 838 B URL HTTP/2 beacon.sojern.com/pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&cid=
IP
Hash bddcb7103c185e2a921785f84ae3494a
d6ec8b3862beea69b854d30f93d849d1c8b7a5b0
9ecf24b6f4c84c5ed250fce47bf722a35e5027e6c41017b590bd30f7144394a2
GET /pixel/p/140436?f_v=v6_js&p_v=1&vid=hot&pc=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&cid= HTTP/1.1
Host: beacon.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
set-cookie: cid=a6db584d-65a5-90ef-d75f-7c8a345b35f5#1670803200000; Path=/; Domain=sojern.com; Max-Age=31536000; Secure; SameSite=None
vary: Accept-Encoding
date: Mon, 05 Dec 2022 16:44:24 GMT
content-length: 838
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
beacon.sojern.com/pixel/cp/213?f_v=cp_v3_js&p_v=4&cid=MGP_201904%7Cundefined%7Chttps%3A%2F%2Fhotel-deals.marriott.com%2F&p=undefined&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&pt=TRACKING&
200 OK 684 B URL HTTP/2 beacon.sojern.com/pixel/cp/213?f_v=cp_v3_js&p_v=4&cid=MGP_201904%7Cundefined%7Chttps%3A%2F%2Fhotel-deals.marriott.com%2F&p=undefined&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&pt=TRACKING&
IP
Hash 9968b73bb78e1cacff5d152c875097ec
1873a2576ab7f9bbe1e139ae0881dcf1d447b6f8
2917cbec409ca763346ca2ab269c4c521d77f847085f3f1fe44d179ccbbaee17
GET /pixel/cp/213?f_v=cp_v3_js&p_v=4&cid=MGP_201904%7Cundefined%7Chttps%3A%2F%2Fhotel-deals.marriott.com%2F&p=undefined&hb=undefined&hc1=undefined&hn1=undefined&hs1=undefined&ffl=undefined&t=undefined&hr=undefined&hp=undefined&hrp=undefined&hdc=undefined&rew=undefined&l=undefined&vid=hot&pt=TRACKING& HTTP/1.1
Host: beacon.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
set-cookie: cid=0c27f2e3-e7a5-3559-abb8-3cef9345ff9e#1670803200000; Path=/; Domain=sojern.com; Max-Age=31536000; Secure; SameSite=None
vary: Accept-Encoding
date: Mon, 05 Dec 2022 16:44:24 GMT
content-length: 684
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 16:19:20 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _HTZ78bE3CDCTxkX7-QNDTqBj5LpehDhYa1XQ4VXuDfopKP9tivSGA==
Age: 1505
bat.bing.com/bat.js
200 OK 11 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=25033F3D01846FD61B952D4C00D36EC8; domain=.bing.com; expires=Sat, 30-Dec-2023 16:44:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31FE21C9C3C44D3BA11CBE2D97E02998 Ref B: OSL30EDGE0309 Ref C: 2022-12-05T16:44:24Z
date: Mon, 05 Dec 2022 16:44:23 GMT
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=16931
date: Mon, 05 Dec 2022 16:44:24 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 05 Dec 2022 16:44:24 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 05 Dec 2022 16:41:08 GMT
expires: Mon, 05 Dec 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 196
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 832
Cache-Control: max-age=164905
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 14:32:49 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: pKZBVlpQKzw8MruKqKrk8w4TvgTEgWO0axYTomJiitJWEiAeP2NV5yXs7yk1WBCRH8wTS7mv3ZSnNRlU/DINaw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Mon, 05 Dec 2022 16:44:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
200 OK 1.1 kB IP
File type ASCII text, with very long lines (1146), with no line terminators
Hash 8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1146
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_cm=true&google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939
302 Found 461 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_cm=true&google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 47d3c2356eea155df1d6a48e3f8d0ed0
1dc54b368bf38441a050f5793ae79e3af82c69fe
59a447e31ca8e5b6a8cc29edddf016c027fa323deabee4c82b2fc09ab7c2117f
GET /pixel?google_cm=true&google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939&google_tc=
date: Mon, 05 Dec 2022 16:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 461
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 16:59:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 832
Cache-Control: max-age=164905
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 14:32:49 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F?
302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 16:59:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 5fbb8a462a5425f11a151e28732c5778
fcb8f67ecf2a813ad00fc67cece39ff04d16da66
d9875059cff2ad45a3a94bea50374ef025b42cad4a958942c5b17f021b846f44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5567
Cache-Control: max-age=169300
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Etag: "638dfc7d-1d7"
Expires: Wed, 07 Dec 2022 15:46:04 GMT
Last-Modified: Mon, 05 Dec 2022 14:13:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F?
302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 16:59:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern_adh
302 Found 305 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern_adh
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash cb33c5330ffa4ac526041d6ac5852477
ebc5fef030eed2b4b0d8a573be31dcf8672ec565
bdabf5270aa86d7817a95218b4d3a777b6224664797c2f7585c3d91dba349c38
GET /pixel?google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern_adh HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern_adh&google_tc=
date: Mon, 05 Dec 2022 16:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 305
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 16:59:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa- HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DNR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-
AN-X-Request-Uuid: cda6fa4e-c94e-48cc-b13e-daac517ccd8e
Set-Cookie: uuid2=8382802908852574517; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:24 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/px?id=1228256&t=1
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1228256&t=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1228256&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1228256%26t%3D1
AN-X-Request-Uuid: cdf39f74-f649-4bfb-b54e-4a90ed5f15c8
Set-Cookie: uuid2=7995317104158883815; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:24 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_cm=true&google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939&google_tc=
302 Found 370 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_cm=true&google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1b89b55c3dbcb88d645f832a61f60b85
37c769dfc83d8cbe8d85b68b5d3e4fed6e1b76a2
fcc5c25c3c7eacf60a9b42a10cfdd7aff4f4a0255294554f061458799b47b49f
GET /pixel?google_cm=true&google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&sjrn_ula=824794939&google_error=3
date: Mon, 05 Dec 2022 16:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DNR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DNR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DNR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa- HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:24 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://pixel.sojern.com/idsync/apn?id=0&sjrn_id=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-
AN-X-Request-Uuid: 20c40ef8-9ff5-442c-ab2d-819b7f0356f4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern_adh&google_tc=
302 Found 247 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern_adh&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6663c4e96572aa227be6da6b6c13cc8f
f502f1eb980f339b01f00bea96d61c1ed1fddf25
2047fa6b2f448fe92c1ba8527f3e3a549ab8ae35f7a7bd9ce380aba58134d759
GET /pixel?google_hm=DCfy4-elNVmruDzvk0X_ng&google_nid=sojern_adh&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://pixel.sojern.com/idsync/adh?google_error=3
date: Mon, 05 Dec 2022 16:44:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1228256%26t%3D1
200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1228256%26t%3D1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1228256%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:24 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: bf7117cd-1bfb-4bac-856f-35e07e78d3cd
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=NR7pnUwZG1QEn1KkV7NgzwoUmzEZYT00Au-76rPciQ_iFEHfzZawcW7PK32Hfsa-&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:24 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 4bb3271312f6e8f23fc93b387d0f0e71
681c40dfacb7c444c308357c7f134c043988dcbc
486e6837e668739ac7502ab22683f9e15814b1f7077468643e6290638d209136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6007
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Last-Modified: Mon, 05 Dec 2022 15:04:18 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
secure.adnxs.com/seg?add=21126164&t=1
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=21126164&t=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=21126164&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.sojern.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21126164%26t%3D1
AN-X-Request-Uuid: 89338efa-eca6-4792-b8bb-f1de0f6160d7
Set-Cookie: uuid2=1919227079621427743; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:24 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pxl.jivox.com/tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=N/A&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=hotel-deals.marriott.com/last-minute-hotel-deals/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A
200 OK 43 B URL HTTP/2 pxl.jivox.com/tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=N/A&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=hotel-deals.marriott.com/last-minute-hotel-deals/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /tags/re/pxrc.php?px=958deafa6b01b7&ret=img&cData=N/A&px_558deaefe29b99=N/A&px_45c37cd1a3ffb5=%27%27&px_75c37cd56820dd=N/A%20&px_65c37cdd1171be=1&px_95c37ce084b3e1=1&px_15b33b35ba04d9=N/A&px_65b33b372611c8=hotel-deals.marriott.com/last-minute-hotel-deals/&px_45b33b3b62bcfa=N/A&px_25b33b3e68bd91=N/A&px_05b33b3f8d42f0=N/A&px_25d820700bc474=%27%27&px_25b33b410cb604=N/A&px_25d8208f4381f8=N/A HTTP/1.1
Host: pxl.jivox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:25 GMT
content-type: image/gif
content-length: 43
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
pragma: no-cache
access-control-allow-origin: *
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'
access-control-allow-headers: content-type
set-cookie: jvxsync=tpa38PWN59si; Path=/; Domain=.jivox.com; Expires=Sun, 05-Mar-2023 16:44:25 GMT; Max-Age=7776000; Secure; SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Jetty(9.4.39.v20210325)
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=tLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=tLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=tLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DtLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF
AN-X-Request-Uuid: 5d07069a-c9f3-4143-85c6-687d0cc30b76
Set-Cookie: uuid2=2197449876651036920; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/px?id=1565798&t=1
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/px?id=1565798&t=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?id=1565798&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1
AN-X-Request-Uuid: da8088ca-59a2-4a51-b7e0-44b458b70755
Set-Cookie: uuid2=1935496650031936518; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/seg?add=29464183&t=1
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=29464183&t=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=29464183&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1
AN-X-Request-Uuid: 379c9e2b-3686-4f76-a77f-b924cbc8666d
Set-Cookie: uuid2=642872693610731688; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1286c804-d820-4d4f-8bb4-7c526620d8ba&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54d1b1ea-d1b4-46ed-b7bf-8fa034bb9ea3&tw_document_href=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&tw_iframe_status=0&txn_id=o4xzr&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1286c804-d820-4d4f-8bb4-7c526620d8ba&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54d1b1ea-d1b4-46ed-b7bf-8fa034bb9ea3&tw_document_href=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&tw_iframe_status=0&txn_id=o4xzr&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1286c804-d820-4d4f-8bb4-7c526620d8ba&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54d1b1ea-d1b4-46ed-b7bf-8fa034bb9ea3&tw_document_href=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&tw_iframe_status=0&txn_id=o4xzr&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:24 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=7034c369-08a7-4bd0-9186-d1eaaec3a2d3; Max-Age=63072000; Expires=Wed, 04 Dec 2024 16:44:25 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 871c5e2b903bae6c
strict-transport-security: max-age=0
x-response-time: 102
x-connection-hash: 440174c9a0b5c3f12bf4b06342d9d317092b09b7233a9c9d809c27aa28a6fb04
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=tLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=tLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=tLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:25 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5140893&tm=al001&Ver=2&mid=c57acc6a-046c-44cb-b87b-ef2b787f85df&sid=11ee3ef074bc11edbf9f15e8a9b76470&vid=11ee433074bc11edac11457f52146e71&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&p=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&r=<=4419&pt=1670258656876,,,,,1234,1235,1299,1299,1583,1302,1583,2080,2080,2090,3327,3420,3428,4365,4365,4419&pn=0,0&evt=pageLoad&sv=1&rn=955072
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5140893&tm=al001&Ver=2&mid=c57acc6a-046c-44cb-b87b-ef2b787f85df&sid=11ee3ef074bc11edbf9f15e8a9b76470&vid=11ee433074bc11edac11457f52146e71&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&p=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&r=<=4419&pt=1670258656876,,,,,1234,1235,1299,1299,1583,1302,1583,2080,2080,2090,3327,3420,3428,4365,4365,4419&pn=0,0&evt=pageLoad&sv=1&rn=955072
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5140893&tm=al001&Ver=2&mid=c57acc6a-046c-44cb-b87b-ef2b787f85df&sid=11ee3ef074bc11edbf9f15e8a9b76470&vid=11ee433074bc11edac11457f52146e71&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&p=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&r=<=4419&pt=1670258656876,,,,,1234,1235,1299,1299,1583,1302,1583,2080,2080,2090,3327,3420,3428,4365,4365,4419&pn=0,0&evt=pageLoad&sv=1&rn=955072 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=25C5CD3EDC5A6100094CDF4FDD0D601D; domain=.bing.com; expires=Sat, 30-Dec-2023 16:44:25 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D57470424E84F488F651DF65F09BD2E Ref B: OSL30EDGE0309 Ref C: 2022-12-05T16:44:25Z
date: Mon, 05 Dec 2022 16:44:24 GMT
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21126164%26t%3D1
200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D21126164%26t%3D1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D21126164%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.sojern.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: c21bece8-e16c-4962-b5e8-0cffa25feff2
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?fx.dY[!]tbP6j2F-XstGt!@E6n%.c->; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&upid=byw7ch4&upv=1.1.0
200 OK 472 B URL HTTP/2 match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&upid=byw7ch4&upv=1.1.0
IP
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
GET /track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&upid=byw7ch4&upv=1.1.0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:25 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash e43934754757e60c0ef28a287f9408e9
c319e63380f1bc639b65b64f1c571163564373a2
4ac2294b8551262271d4665fdd1e719063756146b76d6006a3b0f979eeb4e716
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5733
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Last-Modified: Mon, 05 Dec 2022 15:08:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
s.pinimg.com/ct/lib/main.9a94ee76.js
200 OK 21 kB URL HTTP/2 s.pinimg.com/ct/lib/main.9a94ee76.js
IP
File type Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Hash e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98
GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 20728
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/p/action/5140893.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5140893.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5140893.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=0848DDFAA2BE644E1B69CF8BA3E96507; domain=.bing.com; expires=Sat, 30-Dec-2023 16:44:25 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9773BE1D5CEB44BF80C4E02CE4AEEE8D Ref B: OSL30EDGE0309 Ref C: 2022-12-05T16:44:25Z
date: Mon, 05 Dec 2022 16:44:24 GMT
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/360572/domain/hotel-deals.marriott.com/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/360572/domain/hotel-deals.marriott.com/token
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/360572/domain/hotel-deals.marriott.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://hotel-deals.marriott.com/
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Mon, 05 Dec 2022 04:23:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NAYxnj2CCpOvKZ4L6zfXE2EpA9Y85WEgN4EgKBHg00nmkqjKRmDY9A==
age: 44478
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1670258662205&url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1670258662205&url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=360572&time=1670258662205&url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1670258662205%26url%3Dhttps%253A%252F%252Fhotel-deals.marriott.com%252Flast-minute-hotel-deals%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLPkIMs5x-7fQAAAYTjLKcUTEiHkzBKjzbLZJ-c5zJ1IekseuYkVznRMa6GXpXL7T_Q7Xq_omKHZQ; Max-Age=2592000; Expires=Wed, 04 Jan 2023 16:44:25 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKfQWMp4HwAqAAAAYTjLKcUce6MkzIKVdIalefaC6p8uW-SuuGGupC4h45at4OlbF765GtdvLEa8JsWXDbkCg; Max-Age=2592000; Expires=Wed, 04 Jan 2023 16:44:25 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&d3f8f52d-5a67-431c-8087-bc36577f13a6"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 05-Dec-2023 16:44:25 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1670258665:t=1670345065:v=2:sig=AQE71aAGrToHLa_LWIYhzlap3NaP1fjZ"; Expires=Tue, 06 Dec 2022 16:44:25 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXvF2Zshok35uMC7aAhKA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CCE87A5F08134B79929B6A1A05429CF5 Ref B: OSL30EDGE0410 Ref C: 2022-12-05T16:44:25Z
date: Mon, 05 Dec 2022 16:44:24 GMT
content-length: 0
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1286c804-d820-4d4f-8bb4-7c526620d8ba&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54d1b1ea-d1b4-46ed-b7bf-8fa034bb9ea3&tw_document_href=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&tw_iframe_status=0&txn_id=o4xzr&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1286c804-d820-4d4f-8bb4-7c526620d8ba&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54d1b1ea-d1b4-46ed-b7bf-8fa034bb9ea3&tw_document_href=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&tw_iframe_status=0&txn_id=o4xzr&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1286c804-d820-4d4f-8bb4-7c526620d8ba&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=54d1b1ea-d1b4-46ed-b7bf-8fa034bb9ea3&tw_document_href=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&tw_iframe_status=0&txn_id=o4xzr&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:24 GMT
perf: 7626143928
server: tsa_o
set-cookie: guest_id_marketing=v1%3A167025866527817878; Max-Age=63072000; Expires=Wed, 04 Dec 2024 16:44:25 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id_ads=v1%3A167025866527817878; Max-Age=63072000; Expires=Wed, 04 Dec 2024 16:44:25 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
personalization_id="v1_IsYyaxSUW29zvItEKLiuHw=="; Max-Age=63072000; Expires=Wed, 04 Dec 2024 16:44:25 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id=v1%3A167025866527817878; Max-Age=63072000; Expires=Wed, 04 Dec 2024 16:44:25 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: ddb529662634f868
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 7922142c4aaa69f17893aea9a6b223beaf3860e938a0e313294a393bb935672a
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&gjid=431529796&_gid=1055784339.1670258662&npa=1&_u=4GDAAUAAAAAAACAAI~&z=1949639374
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&gjid=431529796&_gid=1055784339.1670258662&npa=1&_u=4GDAAUAAAAAAACAAI~&z=1949639374
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&gjid=431529796&_gid=1055784339.1670258662&npa=1&_u=4GDAAUAAAAAAACAAI~&z=1949639374 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hotel-deals.marriott.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1
200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fpx%3Fid%3D1565798%26t%3D1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fpx%3Fid%3D1565798%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 4ba205db-d4bb-4bc8-9d13-44249d257897
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DtLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DtLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DtLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://pixel.sojern.com/idsync/apn?id=0&sjrn_id=tLlUPFQb0PV43HO3ucXQPEQixNt5uBq76o3NyEJqwmYNn6aERt1f21jUsgRjR3TF
AN-X-Request-Uuid: 00b73ebe-553a-4ae0-a894-6970a19ba162
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1
200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29464183%26t%3D1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D29464183%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: bdc9e38d-c991-40af-9f92-dbf346d0ab9d
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2E?fx.dY[!]tbP6j2F-XstGt!@E6n%.c->; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 05-Mar-2023 16:44:25 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
s.yimg.com/wi/config/405909.json
200 OK 44 B URL HTTP/2 s.yimg.com/wi/config/405909.json
IP
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash bef1253818c00b6e13b42804c46f2014
db6b66ebe34ec37ff27f8883143d7fbe21829661
fad2b41a387ad2bff0c05ed1475f79529e13a17163eb6e36f8953822d96ded88
GET /wi/config/405909.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Af2TOdVDU+0oeKe4n4EbFnSofnYDWffBoU4vn0BPxuEJj8JoIEgbSoaShKjYlrzZzAIxxksvd8Y=
x-amz-request-id: FX64V02CCPCQG2GA
date: Mon, 05 Dec 2022 16:44:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Thu, 23 Jun 2022 20:00:54 GMT
x-amz-expiration: expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "bef1253818c00b6e13b42804c46f2014"
x-amz-server-side-encryption: AES256
x-amz-version-id: 50Tr4LaAL2FlcpH6YjQKudKvwqwxbYro
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 44
referrer-policy: no-referrer-when-downgrade
age: 0
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4fa1aef444a465d050c24359c41324cb
97be10faa3d938985393b0bff90ca7d3c4334f9d
212e54ef24ee3c5b8a462565e624001b40e219353f85aea2363d9cfae042e7fd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90869
Date: Mon, 05 Dec 2022 16:44:25 GMT
Etag: "638cdd81-1d7"
Expires: Tue, 06 Dec 2022 17:58:54 GMT
Last-Modified: Sun, 04 Dec 2022 17:48:49 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jnv2QrCVMnXMLZI1m8a3EoD0g1ezlZ8LV8k4bk_X393jkEkbzCet8g==
Age: 606
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4fa1aef444a465d050c24359c41324cb
97be10faa3d938985393b0bff90ca7d3c4334f9d
212e54ef24ee3c5b8a462565e624001b40e219353f85aea2363d9cfae042e7fd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90736
Date: Mon, 05 Dec 2022 16:44:25 GMT
Etag: "638cdd81-1d7"
Expires: Tue, 06 Dec 2022 17:56:41 GMT
Last-Modified: Sun, 04 Dec 2022 17:48:49 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BmL1veZnJsmEMSZgX8dCl7DAYP4SFhMDPAUJYv8HnKZG7VjJmXAenQ==
Age: 472
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&npa=1&_u=4GDAAUAAAAAAACAAI~&z=2016039516
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&npa=1&_u=4GDAAUAAAAAAACAAI~&z=2016039516
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&npa=1&_u=4GDAAUAAAAAAACAAI~&z=2016039516 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&rl=&if=false&ts=1670258662709&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670258662708.1848471712&it=1670258662259&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&rl=&if=false&ts=1670258662709&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670258662708.1848471712&it=1670258662259&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=836072006419889&ev=PageView&dl=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&rl=&if=false&ts=1670258662709&cd[brand]=brand&cd[level]=&cd[signin]=&cd[language]=&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670258662708.1848471712&it=1670258662259&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 05 Dec 2022 16:44:25 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1670258662205%26url%3Dhttps%253A%252F%252Fhotel-deals.marriott.com%252Flast-minute-hotel-deals%252F%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1670258662205%26url%3Dhttps%253A%252F%252Fhotel-deals.marriott.com%252Flast-minute-hotel-deals%252F%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D360572%26time%3D1670258662205%26url%3Dhttps%253A%252F%252Fhotel-deals.marriott.com%252Flast-minute-hotel-deals%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1670258662205&url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&58d48fab-ab07-4d1b-893c-a32998dac570"; Domain=.linkedin.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2022120516442570f88099-57fd-40fa-8963-210b774af356AQGP9noe1zgOh-TEJiX6z7jn8-AGmdfU"; Domain=.www.linkedin.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzAyNTg2NjU7MjswMjHC8Xtv+ImKLwVa/N5RT3Fahzh0O5Tmo6KCcTmwtXc+pQ==; Domain=.linkedin.com; Expires=Sat, 03 Jun 2023 16:44:25 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1670258665:t=1670345065:v=2:sig=AQE71aAGrToHLa_LWIYhzlap3NaP1fjZ"; Expires=Tue, 06 Dec 2022 16:44:25 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXvF2Zw03CnaT+fwXH+6A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6793EF036CEB4C7BBE504812B901A6A5 Ref B: OSL30EDGE0410 Ref C: 2022-12-05T16:44:25Z
date: Mon, 05 Dec 2022 16:44:24 GMT
content-length: 0
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
200 OK 0 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotel-deals.marriott.com/
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:25 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://hotel-deals.marriott.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&npa=1&_u=4GDAAUAAAAAAACAAI~&z=2016039516
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&npa=1&_u=4GDAAUAAAAAAACAAI~&z=2016039516
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-203334133-1&cid=918888182.1670258662&jid=1210275366&npa=1&_u=4GDAAUAAAAAAACAAI~&z=2016039516 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ct.pinterest.com/user/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1670258662667&dep=5%2CEVENT_TAGS_ABSENT
200 OK 381 B URL HTTP/2 ct.pinterest.com/user/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1670258662667&dep=5%2CEVENT_TAGS_ABSENT
IP
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash e1bee89eff7a40b07cdecf34867bbb2d
22ff8dc4102ec9e1096b1044ac4a42120d505cfd
ddcde22b896fc7d2691810c1463ab90c033f295c5322a1dc607e7b700207c1dd
GET /user/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1670258662667&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVpqY3lNbU13WkRjdE4yWTFaUzAwTldVMExXRTJORGt0T1dZNU1qZzRPRFU0WkRVNQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 381
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 6979939813902811
date: Mon, 05 Dec 2022 16:44:25 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670258665.26a5000c
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?event=pagevisit&tid=2613977086519&cb=1670258662666&dep=5%2CEVENT_TAGS_ABSENT
200 OK 381 B URL HTTP/2 ct.pinterest.com/user/?event=pagevisit&tid=2613977086519&cb=1670258662666&dep=5%2CEVENT_TAGS_ABSENT
IP
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash e1bee89eff7a40b07cdecf34867bbb2d
22ff8dc4102ec9e1096b1044ac4a42120d505cfd
ddcde22b896fc7d2691810c1463ab90c033f295c5322a1dc607e7b700207c1dd
GET /user/?event=pagevisit&tid=2613977086519&cb=1670258662666&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVptWXpaVGszTVRrdFlUbGpOQzAwWWpka0xXRXhZemd0TkRJeVl6SmxNbVExTURrMg
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 381
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 8953942437464913
date: Mon, 05 Dec 2022 16:44:25 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670258665.26a50013
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/user/?tid=2613977086519&pd=%7B%7D&cb=1670258662666&dep=2%2CPAGE_LOAD
200 OK 381 B URL HTTP/2 ct.pinterest.com/user/?tid=2613977086519&pd=%7B%7D&cb=1670258662666&dep=2%2CPAGE_LOAD
IP
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash e1bee89eff7a40b07cdecf34867bbb2d
22ff8dc4102ec9e1096b1044ac4a42120d505cfd
ddcde22b896fc7d2691810c1463ab90c033f295c5322a1dc607e7b700207c1dd
GET /user/?tid=2613977086519&pd=%7B%7D&cb=1670258662666&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU5EVXpPREE1TldJdE5UUTVaUzAwTWpJeUxUbG1PV1l0TUdJelpUbGpPR0UyWkdVeQ
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 381
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 1006752275746272
date: Mon, 05 Dec 2022 16:44:25 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670258665.26a50012
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?tid=2613977086519&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670258662668
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613977086519&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670258662668
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613977086519&pd=%7B%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670258662668 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 3511131130765112
date: Mon, 05 Dec 2022 16:44:25 GMT
akamai-grn: 0.274f2417.1670258665.26a5002c
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ct.pinterest.com/v3/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1670258662970&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1670258662970&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=custom&ed=%7B%22value%22%3A334%2C%22currency%22%3A%22USD%22%7D&tid=2613977086519&cb=1670258662970&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 9654603379272493
date: Mon, 05 Dec 2022 16:44:25 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZvUTFaT2FHd1ZuWHFSU2ZsSUtXYitQYklhNExYd09XWlNiSWI5SE1oNTREM2dlWkcrZGlIcnNhWi9TZWdkQnBKcHorNWtZQmhlTm1EUlorRVFzck9UYU1FRGVNK2xOaWNXaFFadmp1VmkzST0mM05Hd2dKK09CYTJneDk4bzdxaGJzbnRkTHVFPQ=="; Expires=Tue, 05 Dec 2023 16:44:25 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1670258665.26a500f5
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=1359549;type=marri001;cat=m1m_g0;ord=1;num=5598809856562;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=pagevisit&tid=2613977086519&cb=1670258662977&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&tid=2613977086519&cb=1670258662977&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&tid=2613977086519&cb=1670258662977&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1223243611614881
date: Mon, 05 Dec 2022 16:44:25 GMT
set-cookie: _pinterest_ct_ua="TWc9PSY4R0FWMENJQVNNSGt3aFdXaVppZ2ZyQWtaalpOaWJ0RnduVk0vSVBrWFJpTnUwTk4yS0FPWm9uNW1YOGM5NjQ2TUNWYWxsWFZ4UTVBZzQrREhQNmMzK2hYdWJpbCsvbnNUa2dtbXJibTY3TT0mNFRyS0dNYXBFeVIvWG1jR3JJMkxETU5MVHlZPQ=="; Expires=Tue, 05 Dec 2023 16:44:25 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.274f2417.1670258665.26a500fa
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fhotel-deals.marriott.com%252Flast-minute-hotel-deals%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://hotel-deals.marriott.com/
200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fhotel-deals.marriott.com%252Flast-minute-hotel-deals%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://hotel-deals.marriott.com/
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=4810757;type=sales;cat=5myqls5f;qty=1;cost=0;u1=;u16=https%253A%252F%252Fhotel-deals.marriott.com%252Flast-minute-hotel-deals%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://hotel-deals.marriott.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&.yp=405909&f=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&.yp=405909&f=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&.yp=405909&f=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:25 GMT
expires: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOkfjmMCEJVBw4nGEHHoLE-uH8iR9YoFEgEBAQFxj2OYYwAAAAAA_eMAAA&S=AQAAAhZwasroeWzu_saKsPqdJcM; Expires=Tue, 5 Dec 2023 22:44:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ct.pinterest.com/ct.html
200 OK 323 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 6814388414157289
date: Mon, 05 Dec 2022 16:44:25 GMT
vary: Accept-Encoding
akamai-grn: 0.274f2417.1670258665.26a5010c
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2005%20Dec%202022%2016%3A44%3A22%20GMT&n=0&b=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&.yp=405909&f=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&enc=UTF-8&yv=1.13.0&hsr=&et=custom&ea=ViewProduct&cc=&cio=%7C&cid=&tagmgr=gtm%2Cadobe
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2005%20Dec%202022%2016%3A44%3A22%20GMT&n=0&b=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&.yp=405909&f=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&enc=UTF-8&yv=1.13.0&hsr=&et=custom&ea=ViewProduct&cc=&cio=%7C&cid=&tagmgr=gtm%2Cadobe
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Mon%2C%2005%20Dec%202022%2016%3A44%3A22%20GMT&n=0&b=Last%20Minute%20Hotel%20Deals%20this%20Weekend%20%7C%20Marriott%20International&.yp=405909&f=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&enc=UTF-8&yv=1.13.0&hsr=&et=custom&ea=ViewProduct&cc=&cio=%7C&cid=&tagmgr=gtm%2Cadobe HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:25 GMT
expires: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOkfjmMCEP2pst3Be-mOW99TMpL4ElYFEgEBAQFxj2OYYwAAAAAA_eMAAA&S=AQAAAqcj0YuNTgIM5Nd3VQ41sGg; Expires=Tue, 5 Dec 2023 22:44:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=1359549;type=marri003;cat=m1m_m0;ord=6584265210798;gtm=2odbu0;npa=1;auiddc=132763383.1670258662;u7=%2Flast-minute-hotel-deals%2F;~oref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 16:44:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
200 OK 2 B URL HTTP/2 p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
IP
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: p.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1825
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:25 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=9090fb95-f7b3-4b8b-a9a4-038fcda14642; Expires=Tue, 05 Dec 2023 16:44:25 GMT; Domain=tvpixel.com; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://hotel-deals.marriott.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://hotel-deals.marriott.com/last-minute-hotel-deals/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=
302 Found 0 B URL HTTP/2 tag.yieldoptimizer.com/ps/ps?t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://hotel-deals.marriott.com/last-minute-hotel-deals/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ps/ps?t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://hotel-deals.marriott.com/last-minute-hotel-deals/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem= HTTP/1.1
Host: tag.yieldoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache-Coyote/1.1
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
set-cookie: ph=%7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
fbh0=%7B%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
dph=%7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
gcma=%7B%22t%22%3A0%2C%22o%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
rmxc=%7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
cktst=622917643; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
pragma: no-cache
location: https://tag.yieldoptimizer.com/ps/ps?tc=622917643&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://hotel-deals.marriott.com/last-minute-hotel-deals/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=
content-length: 0
date: Mon, 05 Dec 2022 16:44:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tag.yieldoptimizer.com/ps/ps?tc=622917643&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://hotel-deals.marriott.com/last-minute-hotel-deals/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=
200 OK 2 B URL HTTP/2 tag.yieldoptimizer.com/ps/ps?tc=622917643&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://hotel-deals.marriott.com/last-minute-hotel-deals/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem=
IP
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /ps/ps?tc=622917643&t=s&p=1057&mprogpref=&mhcy=&mhst=&mhcr=&mhcd=&hmc=&brnd=&cchl=&ccplat=&hbplat=&ebrk=&p=&pg=ms&bd=&si=&mraltid=&ttl=&mzip=&mlvl=&scty=&sst=&sctry=&schin=&schout=&slstay=&sgst=&bhcty=&bhst=&bhctry=&bchin=&blstay=&bgst=&bhnr=&bhtlid=&bmktc=&bhbrnd=&bhtf=&bct=&brpc=&umb=&bconfonbr=&bcancelnbr=&shcty=&shst=&shctry=&shtlid=&smc=&shbrnd=&srate=&sct=&hcty=&hst=&hctry=&htlid=&dscy=&dscr=&chsign=&crrcrw=&ph=https://hotel-deals.marriott.com/last-minute-hotel-deals/&mhnm=&chbusn=&bchout=&bmc=&brate=&py=&mc=&dsst=&chprem= HTTP/1.1
Host: tag.yieldoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
set-cookie: ph=%7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
fbh0=%7B%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
dph=%7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure; SameSite=None
gcma=%7B%22t%22%3A0%2C%22o%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure
rmxc=%7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D; Domain=yieldoptimizer.com; Expires=Tue, 05-Dec-2023 16:44:25 GMT; Path=/; Secure
pragma: no-cache
content-type: text/javascript;charset=ISO-8859-1
content-length: 2
date: Mon, 05 Dec 2022 16:44:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1670258662205&url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=360572&time=1670258662205&url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=360572&time=1670258662205&url=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&745dae9d-5eb4-47db-8511-be24b3089ae5"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 05-Dec-2023 16:44:25 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2387:u=1:x=1:i=1670258665:t=1670345065:v=2:sig=AQFEinjeLEzu1ptNWmcjomLqFbzMwSLJ"; Expires=Tue, 06 Dec 2022 16:44:25 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXvF2Zz7UCtueHNsy481w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9CD06618598C4479B39CC79C9B1B9CFD Ref B: OSL30EDGE0410 Ref C: 2022-12-05T16:44:25Z
date: Mon, 05 Dec 2022 16:44:24 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 04276a3e3ce974b7cca2dd318cbf6317
ef285093105c1e35248b59428967753cc49cf924
087a28a691f01b520527fdc2aff1dc3656f0e2df58310519a21bf025129a743d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 16:44:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 01:34:20 GMT
Expires: Tue, 06 Dec 2022 01:34:20 GMT
ETag: "ef285093105c1e35248b59428967753cc49cf924"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 04276a3e3ce974b7cca2dd318cbf6317
ef285093105c1e35248b59428967753cc49cf924
087a28a691f01b520527fdc2aff1dc3656f0e2df58310519a21bf025129a743d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 05 Dec 2022 16:44:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 05 Dec 2022 01:34:20 GMT
Expires: Tue, 06 Dec 2022 01:34:20 GMT
ETag: "ef285093105c1e35248b59428967753cc49cf924"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
200 OK 279 B IP
Hash 8041992081de3f7fb8eb4c70a58c89c2
7809250b506791896468c3475165f570e8eebb5f
7957ab1937226eaa7b51c15eca22266396f9921a02fba456c07f3ac08326c748
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5711
Cache-Control: max-age=115438
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:44:29 GMT
Etag: "638d298c-117"
Expires: Wed, 07 Dec 2022 00:48:27 GMT
Last-Modified: Sun, 04 Dec 2022 23:13:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
pacsys.marriott.com/data/bonvoy_escapes_ALL_BRANDS_en-US.json
200 OK 0 B URL HTTP/2 pacsys.marriott.com/data/bonvoy_escapes_ALL_BRANDS_en-US.json
IP
ASN #209242 Cloudflare London, LLC
GET /data/bonvoy_escapes_ALL_BRANDS_en-US.json HTTP/1.1
Host: pacsys.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotel-deals.marriott.com/
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:24 GMT
content-type: application/json
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 04 Dec 2022 22:38:10 GMT
etag: W/"28fffa-5ef0839b9ed72"
x-powered-by: WP Engine
x-pass-why: custom-path
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4mltiRuWBeUFken9bG6i9DACmwKlBqyDYDX5C2HUrbUySLh%2FLqq6mMiehnKvx9OmbqACHBUOG7UGHj8IWulXUEMQJOaVbwTmdO158uEwbAoS9PjHNRG2IukjdGAMdLTLlKBEDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e3f0a2f42b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
200 OK 0 B URL HTTP/2 c.tvpixel.com/js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4
IP
GET /js/current/dpm_pixel_min.js?aid=marriott-0af76d19-dfba-4407-860e-54c7ed29bed4 HTTP/1.1
Host: c.tvpixel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
server: AmazonS3
content-encoding: gzip
date: Mon, 05 Dec 2022 02:58:29 GMT
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h4a9uzcHdyGkYoTvGN_xw2nYTUo079vOtwE_Cgp0dEcgO9bK7TG8Xg==
age: 49604
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&upid=byw7ch4&upv=1.1.0
302 Found 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=hbq9bjg&ref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&upid=byw7ch4&upv=1.1.0
IP
GET /track/up?adv=hbq9bjg&ref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&upid=byw7ch4&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 16:44:25 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=hbq9bjg&ref=https%3A%2F%2Fhotel-deals.marriott.com%2Flast-minute-hotel-deals%2F&upid=byw7ch4&upv=1.1.0
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=04873370-cfe9-442d-b7f5-4e657dc274f6; domain=.adsrvr.org; expires=Tue, 05-Dec-2023 16:44:25 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/360572/domain/hotel-deals.marriott.com/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/360572/domain/hotel-deals.marriott.com/token
IP
GET /partner/360572/domain/hotel-deals.marriott.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 05 Dec 2022 16:39:25 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bwo8zGXntbghVxI4XJrTvET2sOhz2Q2s8GVjCeq9xPJodr-eki_gBw==
age: 300
X-Firefox-Spdy: h2
hotel-deals.marriott.com/last-minute-hotel-deals/
200 OK 0 B URL HTTP/2 hotel-deals.marriott.com/last-minute-hotel-deals/
IP
ASN #209242 Cloudflare London, LLC
GET /last-minute-hotel-deals/ HTTP/1.1
Host: hotel-deals.marriott.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AKA_A2=A; _abck=CE62AB4473D11D9D3329CB4F7666E75D~0~YAAQJXchF8gcgHWEAQAAojsk4wl3Paa/qRvkyM2/scH6vxOqUqIB9SBfkjGh6HLkZyWApfg/60JD2v8MqGsRtEpCaG1lDT6a6YNJivisMLqJg75uSZCtWb4Yy30R/0pHyz6e/idpSIhWxRMJFHnwxncPpJB0rMlW3RfL6ku8Mp2spp2c78mWa9xjhj3O2Urq+jhp4+lRTJq40TPds6qmZIErXN0KvCelvVJuvjcVpj9ppZLCiKECNAW1XMT5AZRpb+Qv+DHUZfPWMIRbj6atT+YPwqW4/vaecwhipiz8q46sDw/JA+sHmK8itBzlSLDBjOfDR6sf58yRyBzYolJJLXro4dl3XM1jmV8wesBVt+QIopBDYe+szF6jE0f2Fvop5LKRupaozkxl3ghUFOwohNQ1//uoNZSaxLxo~-1~||-1||~-1; ak_bmsc=9B22A50F17F9F7759A189126CB27FCD1~000000000000000000000000000000~YAAQJXchF54cgHWEAQAAGTYk4xImTJIK4PGEzRZTryq7ev6G1CekJvnNMWqDY4e6JXtrTvNdZt0dAe6luNxZyu64FOfBQXauSQTbElRF4yaDW7kCswm8SYhmpSrNcsfyFpC3BnWPuluOUZM2wutUTGksbp2XiXVU0dK3ueH1ayTw8y0Cro/3YxXNJHgk9jQuBL8GqXQUerkwwCQrXZ9IBVBl5bnvdlQH5TLsiGs+pwR7LDNT0oo1eH1JMB0myoWRiLSLwsWSRPgoIHpZUsf8btWY/3S/qfaWxYW1aCcV14Y1hLccctdKz9DWEveT7bEjBHIYxSrACIaOf/HydHtwg8Zri/7o/ctaSRUJjncJ5zzAVMi0i8cSRKZ897I8iRCqpA6nRqqUwfYDL/omF41IvfJDG23pxrpmSyVDiSTf6MAPfUE052ruhMWrF8GiIyaUQR5SC/wzmvbndOGGkVGn89ODsNhWdy5lhzbFP/2wuwumAVn+RDMr2ulfpgc=; bm_sz=80BF0438212679F328D12BFA8B0AD557~YAAQJXchF3IcgHWEAQAAeSsk4xIztNvlbsU6pnyGPu0U+CiiV77UErknJGOEJoQkzEVNH7th8Wftb8quvB8Z4AfvaC/IZw9dNriC9KVmwk87eJUJGVRrAxACa5OxZHVQlm3pCq/DgJIUT0gKu+9mIt6HWzFjo+Peq4Gu+M3Ft5Z7Ph/uVRox+ppF+jQYKVDKKPhwc0+4XPC30B2+aZi7aDqYuZvDWrR0LQlaQ8lAEUXePbpnSz6bJSMwBKWxfnr/zpAmzotnKKfKuT0pnkSdg+/I9xa9oFrzz2NTP9k42ve5W22qPQ==~3159609~4408121; AMCV_664516D751E565010A490D4C%40AdobeOrg=1585540135%7CMCIDTS%7C19332%7CMCMID%7C76274957061129678444027448478228687350%7CMCAID%7CNONE%7CMCOPTOUT-1670265310s%7CNONE%7CMCAAMLH-1670862910%7C6%7CMCAAMB-1670862910%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCSYNCSOP%7C411-19339%7CvVersion%7C4.4.0; mbox=session#c5ea0df62c1f456480296e31b9203cdc#1670259969|PC#c5ea0df62c1f456480296e31b9203cdc.37_0#1733502911; bm_sv=6332E3CB501672F4DAEEFFB953285B24~YAAQDU8kF3Ys8YGEAQAAs5Us4xKhrnY+6XHJH8Q2vht06M9/s1mlRrQZwpKF8rJ8idIdevA+MXchMvvf9T9H3IT6hCnVDn/Va1fMZvrc9TeroEm8kuKU9k9UGj4yoJbUFDyFwxI+mLapVS2nT8/xCm0AvhIvL5qxXMgBs2OSD9XzFUyxXglBkGx6dU5pljN14Z8t3JJz9gJkuypSSRTZBVf8WtAEayveHpbpCEJ5uwv7rw/k6qiJSF5Tr4YQNjpu3RU=~1; s_ecid=MCMID%7C76274957061129678444027448478228687350; s_tbm=true; aam_uuid=76191958296237861893999974781107660703; mboxEdgeCluster=37; demdex=76191958296237861893999974781107660703
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://hotel-deals.marriott.com/wp-json/>; rel="https://api.w.org/", <https://hotel-deals.marriott.com/wp-json/wp/v2/pages/172357>; rel="alternate"; type="application/json", <https://hotel-deals.marriott.com/?p=172357>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 5
x-cache-group: normal
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6gY1UY3WYAL7y4sUqzSg%2F2EcqfI6Gv0d1UJ5y1lpXcZKCIJoFeux2s9Oz1%2BdwBTPTrFg%2BEq9kyiunvmaCqAisjA4XUDkWs06WJz0J1D%2FmkFelCCMmpuRTHp0uVeaSPV0HBHAejoWkdOJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e3ef82b271c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&tld=com
200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&tld=com
IP
GET /collector/is_enabled?pids=fbf5aa06-3f82-45b5-86ba-4c4fe9c75a96&tld=com HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotel-deals.marriott.com
Connection: keep-alive
Referer: https://hotel-deals.marriott.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:44:24 GMT
access-control-allow-origin: https://hotel-deals.marriott.com
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
165.160.13.20
185.89.211.132
23.36.76.121
157.240.221.16
3.248.100.224
64.158.223.137
151.101.244.157
104.18.21.226
188.114.99.234
15.188.95.229