urlscan.io logo urlscan.io
SecurityTrails logo

reservations.loewshotels.com Open in urlscan Pro
2600:9000:2156:1800:e:30c6:b580:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.loews-emails.com/?qs=88ade2ae00addf2a450651db2d0bd5d714d3a2055554a8b3503d77990a2b5fb6aba94d5fb2f98ccdf8049b5c8a5f...
Effective URL: https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_me...
Submission: On February 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 2600:9000:2156:1800:e:30c6:b580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is reservations.loewshotels.com. The Cisco Umbrella rank of the primary domain is 890703.
TLS certificate: Issued by Amazon on December 13th 2021. Valid for: a year.
This is the only time reservations.loewshotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.18.12 22606 (EXACT-7)
10 2600:9000:215... 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.98.110 16509 (AMAZON-02)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.192.253.39 14618 (AMAZON-AES)
1 34.233.252.50 14618 (AMAZON-AES)
1 13.227.222.181 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
29 10
1    13.111.18.12 (United States)

ASN22606 (EXACT-7, US)
PTR: click.s10.exacttarget.com
click.loews-emails.com
10    2600:9000:2156:1800:e:30c6:b580:93a1 (United States)

ASN16509 (AMAZON-02, US)
reservations.loewshotels.com
7    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net
wallet-sdk.mycheckapp.com
4    2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    34.192.253.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-253-39.compute-1.amazonaws.com
booking.nextguest.com
1    34.233.252.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-252-50.compute-1.amazonaws.com
www.loewshotels.com
1    13.227.222.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-222-181.ams54.r.cloudfront.net
js.adsrvr.org
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
Apex Domain
Subdomains		 Transfer
11 loewshotels.com
reservations.loewshotels.com — Cisco Umbrella Rank: 890703
www.loewshotels.com — Cisco Umbrella Rank: 357753
549 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 443
117 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 505
110 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1475
insight.adsrvr.org — Cisco Umbrella Rank: 607
3 KB
2 nextguest.com
booking.nextguest.com — Cisco Umbrella Rank: 762160
31 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 709
457 B
1 mycheckapp.com
wallet-sdk.mycheckapp.com — Cisco Umbrella Rank: 620226
529 KB
1 loews-emails.com
click.loews-emails.com
378 B
29 8
Domain Requested by
10 reservations.loewshotels.com reservations.loewshotels.com
7 cdn.cookielaw.org reservations.loewshotels.com
cdn.cookielaw.org
wallet-sdk.mycheckapp.com
4 assets.adobedtm.com reservations.loewshotels.com
assets.adobedtm.com
2 booking.nextguest.com wallet-sdk.mycheckapp.com
1 insight.adsrvr.org js.adsrvr.org
1 js.adsrvr.org assets.adobedtm.com
1 www.loewshotels.com reservations.loewshotels.com
1 geolocation.onetrust.com wallet-sdk.mycheckapp.com
1 wallet-sdk.mycheckapp.com reservations.loewshotels.com
1 click.loews-emails.com 1 redirects
29 10
Subject Issuer Validity Valid
reservations.loewshotels.com
Amazon		 2021-12-13 -
2023-01-11		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
mycheckapp.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
booking.nextguest.com
Amazon		 2021-07-06 -
2022-08-04		 a year crt.sh
*.loewshotels.com
GeoTrust RSA CA 2018		 2020-07-23 -
2022-10-17		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Frame ID: C8F8298DD5CB66191FD0437FC7CA5065
Requests: 29 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=e90cfk0&ref=https%3A%2F%2Freservations.loewshotels.com%2Fdates%2Fchicago-ohare%3Fchebs%3DBrandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar%26utm_medium%3Demail%26utm_source%3DSFMC%26utm_campaign%3D22-02-28-Brandwide-SpringBreak&upid=cyt5xmo&upv=1.1.0
Frame ID: BEF940B0A73B21E49BF017FB481DBCC6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loews Hotels: Luxury Hotels | Select Stay DatesBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://click.loews-emails.com/?qs=88ade2ae00addf2a450651db2d0bd5d714d3a2055554a8b3503d77990a2b5fb6aba94d5f... HTTP 302
    https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

29
Requests

97 %
HTTPS

40 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

1338 kB
Transfer

4716 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.loews-emails.com/?qs=88ade2ae00addf2a450651db2d0bd5d714d3a2055554a8b3503d77990a2b5fb6aba94d5fb2f98ccdf8049b5c8a5fa87b97a0c5227a0931944542e3895fa60204 HTTP 302
    https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request chicago-ohare
reservations.loewshotels.com/dates/
Redirect Chain
  • http://click.loews-emails.com/?qs=88ade2ae00addf2a450651db2d0bd5d714d3a2055554a8b3503d77990a2b5fb6aba94d5fb2f98ccdf8049b5c8a5fa87b97a0c5227a0931944542e3895fa60204
  • https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-Sprin...
936 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3e6e61addeac67dfab589b8b2902d77752f30c3e5f215183b8046ea4908730e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
936
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
x-amz-version-id
rjq18SJaWJBsH43KkgggDMdLwIzQAlLZ
accept-ranges
bytes
server
AmazonS3
date
Mon, 28 Feb 2022 20:31:25 GMT
etag
"354b6b416a8c86523edd98daed82e979"
x-cache
Error from cloudfront
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
tz_N1F_BAaWHQ61szfACBbvMLVfP3UTLHGISyHpoVIWl5dMt1CiGSw==

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Date
Mon, 28 Feb 2022 20:31:24 GMT
X-Cnection
close
Content-Length
332
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:31:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
tIKwvumWYF6u8xFeFGeRKQ==
age
2652
vary
Accept-Encoding
content-length
6486
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 03:37:33 GMT
server
cloudflare
etag
0x8D9FA6BA80E9F12
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
992feb9a-901e-0058-6355-2cdc9d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c6a951d7a5b74-FRA
sdk.js
wallet-sdk.mycheckapp.com/ 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wallet-sdk.mycheckapp.com/sdk.js
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-110.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a1763d577edd1d897a0428dabb3879f9f387bad23762c0a91341adc894b253f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 07:01:05 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 13:38:38 GMT
server
AmazonS3
age
48620
etag
"7ca695d192dd3845911f81cde22d7965"
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/javascript
content-length
540051
x-amz-cf-id
qaFQJInFrmeiJo4HbuSTXBWZVQ2N68gVmnehKHpO4z8M6felZreSLg==
launch-c40de9192a71.min.js
assets.adobedtm.com/bb2c8619dc8e/a38724a78992/ 		339 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
42f1da874a8b9d35a5e540a37172c0c0a69be94c1982b047690a0f0e85c0a5f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:32:26 GMT
server
AkamaiNetStorage
etag
"e4e566c7ae672c1f827900e54b2996a4:1645731146.255052"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
96669
expires
Mon, 28 Feb 2022 21:31:25 GMT
index.js
reservations.loewshotels.com/ 		2 MB
446 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/index.js?22c31c23526685b941e6
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5c8149896f8092c913eadb8635e16e37762ad8b2daeb359d0f0ffd1ecbb2999

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
3HW2NXH4k1DvZQdQFY9iEBR2aloxPS.J
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"4cf551e6721a24dd40be97fd017dedb3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
date
Mon, 28 Feb 2022 20:31:26 GMT
x-amz-cf-id
HyZ0ShfJqE-JOtbfJCaTwhMOfJrwyGuuVXqimPtgg3hiTQej8wf59w==
0a9765e3-a574-41b5-a49b-d12291495d13.json
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689469fe62a37d66aacbbcfd69e9d0d3cca3bebc4ed3aba16231b739036a182d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
tRdPaPrT92Pe3l5ddqfgkQ==
vary
Accept-Encoding
content-length
1495
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jul 2021 13:24:31 GMT
server
cloudflare
etag
0x8D95101DE4A03F3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1daf16c4-701e-0052-6aa6-2cc514000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c6a957d4791d1-FRA
expires
Tue, 01 Mar 2022 00:31:25 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		182 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://reservations.loewshotels.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e4c6a96a8c99255-FRA
access-control-allow-headers
Content-Type
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:01 GMT
server
AkamaiNetStorage
etag
"4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12188
expires
Mon, 28 Feb 2022 21:31:25 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:02 GMT
server
AkamaiNetStorage
etag
"8b210658d66894c896047ae490138f1c:1629320642.068491"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1593
expires
Mon, 28 Feb 2022 21:31:25 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.21.0/ 		311 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pGGMtIN6zlnW55bGN1NE3w==
age
11478234
vary
Accept-Encoding
content-length
75797
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:45 GMT
server
cloudflare
etag
0x8D94D7D67DF8167
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
abde57ed-801e-0065-296c-c469bb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c6a96f8a85b74-FRA
en.json
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/ 		60 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e55dbbd8759e1aaad6b13bfef8c7d7d42eb3ab60bb47baf33f749b6f5019bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
M97Bizp2l8fHkj7xn1xHdQ==
vary
Accept-Encoding
content-length
14648
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jul 2021 13:24:40 GMT
server
cloudflare
etag
0x8D95101E37B6ECF
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f0e9b4bd-e01e-013e-13a6-2c2892000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c6a97286591d1-FRA
expires
Tue, 01 Mar 2022 00:31:25 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otFlat.json
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
h27oznMDITC5RVEkLZtwKw==
vary
Accept-Encoding
content-length
2950
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:39 GMT
server
cloudflare
etag
0x8D94D7D641A6DE0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
66be89cc-e01e-0171-65a6-2cec8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c6a988adb91d1-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/otPcCenter.json
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584f895bb024b067b440328e4d92bb57ed91c91fccfdd464d20b078d5e6e2f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
PUpMkq1SXMqV5yZBdrq2rw==
vary
Accept-Encoding
content-length
11523
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:41 GMT
server
cloudflare
etag
0x8D94D7D65056FF9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b7be5156-101e-00e3-54a6-2c3d69000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c6a988adc91d1-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:31:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
F/Fs54+x9bQK/ULkNRp4fA==
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
616acf08-f01e-00ad-1ea6-2cf88c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6e4c6a988ade91d1-FRA
properties
booking.nextguest.com/api/v1/ 		22 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.nextguest.com/api/v1/properties?tenantId=11111111-1111-1111-1111111111111111&locale=en
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.253.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-253-39.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f10bbf220e113266e6e1ad6e667d83c71cab115eba814472c73d76e7ec267135

Request headers

Accept
application/json, text/plain, */*
Referer
https://reservations.loewshotels.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:25 GMT
server
nginx
x-ratelimit-remaining
35
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-data-cached
true
x-ratelimit-limit
60
x-served-by
ip-10-10-102-94.ec2.internal
configuration
booking.nextguest.com/api/v1/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.nextguest.com/api/v1/configuration?tenantId=11111111-1111-1111-1111111111111111
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.253.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-253-39.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c28a8e6f900d86e02f54eb80d11d10e2c21669d062ab8267ba8e482a28efbb8

Request headers

Accept
application/json, text/plain, */*
Referer
https://reservations.loewshotels.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:25 GMT
server
nginx
x-ratelimit-remaining
35
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-data-cached
false
x-ratelimit-limit
60
x-served-by
ip-10-10-103-50.ec2.internal
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
gt-america-extended-thin.woff2
reservations.loewshotels.com/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/fonts/gt-america-extended-thin.woff2?7b0ba81d5494fd64d1d643f664b89605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6a9cd75e985cfb2c6014f6f6c923f6345cb56764fc01ff174a02e47de4f5081

Request headers

Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
xESXI4zLoLo0uGZqicpx460oOVOvgpLh
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"da07b8d83b528214daca256bf3954226"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
date
Mon, 28 Feb 2022 20:31:27 GMT
accept-ranges
bytes
content-length
24400
x-amz-cf-id
p6GHPmYd3Tpkm8zFt42gDhU-B1qHfw-JBz5LO6A10yDpY_D_Ayg21g==
gt-america-extended-medium.woff2
reservations.loewshotels.com/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/fonts/gt-america-extended-medium.woff2?dc6a2fab3ea89eba5ea49e856c8960d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d94d1f6dc53064b7da949ec42c15f4211a5894b7becdca7d801040d3af45b5f

Request headers

Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
c_pmFaATCgY1OE1FygRRNPPWm_8CkT3r
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"f411df658a483908abd1ac1cde89131e"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
date
Mon, 28 Feb 2022 20:31:27 GMT
accept-ranges
bytes
content-length
25096
x-amz-cf-id
G65ONuDkvehAAag809jxi6Eri0-DPSTH_UA4794xQ6xVuXUunklQnA==
logo.svg
reservations.loewshotels.com/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/logo.svg?143b2150134d67f6c3f969c22e22be92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa4baf1a3e8a59b424d381fbc786593813015ed08af4a5dc5c00b9e7f54ac45f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"6f8249a61f4fa7e7da16a62ae4ff339f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
0X98pQ3km4EYtz.nl86wrfkS0I2hFDE9
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
content-type
image/svg+xml
x-amz-cf-id
GgPWxBnMyBpUGrbKkW4dEQR2LDFSN-ZOjo_azrF8e1kSLbgCFHmqEg==
logoDark.svg
reservations.loewshotels.com/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/logoDark.svg?139865d559cf6cbeacf4486d696f058b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f45590044fbdeff513e97284bf7680db553151819ee227c6ee4c896f4f85f35e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"4e6c26792221026f342f1dc6bd48bbb3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
m74L1XwvQMyrI3UrCCD_xX2TkWLObvus
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
content-type
image/svg+xml
x-amz-cf-id
toqzj_syjawSf_JaNeKRi9Di7_2BvNRp40ews01jtZCYROQZCF7gIw==
footerlogo.svg
reservations.loewshotels.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/footerlogo.svg?740b63d786ed8e853ca2f1ef2f1bc9ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
901bde9899f5434bffe92ebc973d73d9b8447e62ebff51d107a0cf8dc2681eea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"9a22bcb801205e6fa1acb6c58d54b4e7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
00BA8axA5seNVbhkNREjsNnElIyLbXZB
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
content-type
image/svg+xml
x-amz-cf-id
gt4rvW8kUCVLfm_zIOXVybQmKTZYjWSQXvNbZWvZIHxx2FmHF9MEnQ==
amex.svg
reservations.loewshotels.com/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/amex.svg?7243750110117bffd5b129cac4e6d0d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce3424a59b725dc106ee08ce63c5b8fde5f976ca64f27ee63e4db312b76ad779

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
W/"444fa3395bf3f573fb16bdd30bfa1d2b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amz-version-id
niWcW60aq.sW1PZAPeyM__GwtKJ5rC3i
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
content-type
image/svg+xml
x-amz-cf-id
8kPvwbfCv6_pN8BA5LTHRREYuQKacBHwuCYE-18kXiX-vzZPWKAXlg==
gt-america-extended-bold.woff2
reservations.loewshotels.com/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/fonts/gt-america-extended-bold.woff2?1370fafee71be7e9c7d559397917aa26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
721720bc39ba3dd58bb38be24c025a455d79cfe268b6f6c9aec8a5b5b4856da3

Request headers

Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
_96FUNNfwDWiSzDaIACHqMbx9G3Bf3i.
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"d7826d26e824bb1d0fab2ca2bab4dd7d"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
date
Mon, 28 Feb 2022 20:31:27 GMT
accept-ranges
bytes
content-length
25204
x-amz-cf-id
qcbDR9ZlCa_bnyT5ZAoff0L0CJ_ChOHYmGbo9SB8IwKMKlXzhFoVCQ==
Helvetica-Neue-Bold-Condensed.woff2
reservations.loewshotels.com/fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/fonts/Helvetica-Neue-Bold-Condensed.woff2?49dbdbbfd5ed9390b6a8142adbced09e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:1800:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65382b5b2d89b743afd51bda37572be842b489704baa1ff88cc1fe5c2678d6f5

Request headers

Referer
https://reservations.loewshotels.com/dates/chicago-ohare?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:27 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"30a413ff1543927fb2f363ca6c2ae378"
x-cache
Miss from cloudfront
x-amz-version-id
ODV3pw_PhrrxuT7n1NhRlAAPIbxL7mXO
accept-ranges
bytes
content-type
application/octet-stream
content-length
12848
x-amz-cf-id
pygZJx_hSazTW3anVf5rqOKBCXmlXunDCVb2cL1ZYTsyBAmXsD8KqA==
RC0fe18a7d3c654313a0d28b2a51f28980-source.min.js
assets.adobedtm.com/bb2c8619dc8e/a38724a78992/0b24f28ce25e/ 		670 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/0b24f28ce25e/RC0fe18a7d3c654313a0d28b2a51f28980-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9a7b797be75acce791b094ebf09106bef6b6e75235d1c25733b1593f44959112

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:26 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:32:27 GMT
server
AkamaiNetStorage
etag
"7c211a728ae0d09d04fa14376021f20c:1645731147.125862"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
382
expires
Mon, 28 Feb 2022 21:31:26 GMT
ip.json
www.loewshotels.com/json/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.loewshotels.com/json/ip.json?callback=x&_=1646080286254&callback=axiosJsonpCallback1
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/index.js?22c31c23526685b941e6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.252.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-252-50.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
b4d5b8bba05fb6239b1e6b3d923aa37338a95909a0962a568e3431601e0d8d9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
x-hebs-cache-status
miss
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
loewshotels-com-003
x-trace-id
94137552-101
pragma
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"6ee139afb82789920359ed887ea8edba5014d882"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
https://www.loewshotels.com
cache-control
private, max-age=7200, must-revalidate, pre-check=30, post-check=30
content-security-policy
upgrade-insecure-requests
x-consent-required
0
expires
Mon, 28 Feb 2022 21:31:26 GMT
calendar
booking.nextguest.com/api/v1/availability/ 		0
0
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.227.222.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-222-181.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 03:31:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
61170
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 d3fdd96b3ada000b1a8c2d522534c124.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS54-C1
X-Amz-Cf-Id
FNIdhX6NijssxxpL5Zd1e6II5_z54r2ky1JZx5xAFb1rxZCYv6UgOA==
up
insight.adsrvr.org/track/ Frame BEF9 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=e90cfk0&ref=https%3A%2F%2Freservations.loewshotels.com%2Fdates%2Fchicago-ohare%3Fchebs%3DBrandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar%26utm_medium%3Demail%26utm_source%3DSFMC%26utm_campaign%3D22-02-28-Brandwide-SpringBreak&upid=cyt5xmo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/

Response headers

date
Mon, 28 Feb 2022 20:31:26 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
booking.nextguest.com
URL
https://booking.nextguest.com/api/v1/availability/calendar?tenantId=11111111-1111-1111-1111111111111111&propertyId=cf37c765-869b-48bb-ba9c-edeaf93fe4ed&startDate=2022-02-01&endDate=2022-03-31&rooms=1&adults=2&children=0

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper function| setImmediate function| clearImmediate object| __SENTRY__ object| regeneratorRuntime object| mycheckWallet object| isAmazonInit number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SECRET_EMOTION__ object| loggerInitialValues object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| otStubData object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s object| scCGSHMRCache function| _ object| Optanon object| OneTrust undefined| axiosJsonpCallback1 function| ttd_dom_ready function| TTDUniversalPixelApi

1 Cookies

Domain/Path Name / Value
.loewshotels.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Feb+28+2022+20%3A31%3A25+GMT%2B0000+(GMT)&version=6.21.0&isIABGlobal=false&hosts=&consentId=69fcc74b-6a3c-400b-ba5d-7199014ff64a&interactionCount=0&landingPath=https%3A%2F%2Freservations.loewshotels.com%2Fdates%2Fchicago-ohare%3Fchebs%3DBrandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_RBbar%26utm_medium%3Demail%26utm_source%3DSFMC%26utm_campaign%3D22-02-28-Brandwide-SpringBreak&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
booking.nextguest.com
cdn.cookielaw.org
click.loews-emails.com
geolocation.onetrust.com
insight.adsrvr.org
js.adsrvr.org
reservations.loewshotels.com
wallet-sdk.mycheckapp.com
www.loewshotels.com
booking.nextguest.com
13.111.18.12
13.227.222.181
143.204.98.110
15.197.193.217
2600:9000:2156:1800:e:30c6:b580:93a1
2606:4700:10::6814:b844
2606:4700::6810:9540
2a02:26f0:6c00:299::1e80
34.192.253.39
34.233.252.50
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
2c28a8e6f900d86e02f54eb80d11d10e2c21669d062ab8267ba8e482a28efbb8
42f1da874a8b9d35a5e540a37172c0c0a69be94c1982b047690a0f0e85c0a5f5
584f895bb024b067b440328e4d92bb57ed91c91fccfdd464d20b078d5e6e2f7c
5d94d1f6dc53064b7da949ec42c15f4211a5894b7becdca7d801040d3af45b5f
65382b5b2d89b743afd51bda37572be842b489704baa1ff88cc1fe5c2678d6f5
689469fe62a37d66aacbbcfd69e9d0d3cca3bebc4ed3aba16231b739036a182d
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
721720bc39ba3dd58bb38be24c025a455d79cfe268b6f6c9aec8a5b5b4856da3
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
8a1763d577edd1d897a0428dabb3879f9f387bad23762c0a91341adc894b253f
901bde9899f5434bffe92ebc973d73d9b8447e62ebff51d107a0cf8dc2681eea
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
9a7b797be75acce791b094ebf09106bef6b6e75235d1c25733b1593f44959112
a5c8149896f8092c913eadb8635e16e37762ad8b2daeb359d0f0ffd1ecbb2999
b3e6e61addeac67dfab589b8b2902d77752f30c3e5f215183b8046ea4908730e
b4d5b8bba05fb6239b1e6b3d923aa37338a95909a0962a568e3431601e0d8d9f
ce3424a59b725dc106ee08ce63c5b8fde5f976ca64f27ee63e4db312b76ad779
d6a9cd75e985cfb2c6014f6f6c923f6345cb56764fc01ff174a02e47de4f5081
d8e55dbbd8759e1aaad6b13bfef8c7d7d42eb3ab60bb47baf33f749b6f5019bb
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
f10bbf220e113266e6e1ad6e667d83c71cab115eba814472c73d76e7ec267135
f45590044fbdeff513e97284bf7680db553151819ee227c6ee4c896f4f85f35e
fa4baf1a3e8a59b424d381fbc786593813015ed08af4a5dc5c00b9e7f54ac45f
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f