urlscan.io logo urlscan.io
SecurityTrails logo

reservations.loewshotels.com Open in urlscan Pro
2600:9000:2251:4200:e:30c6:b580:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.loews-emails.com/?qs=c222724b49ef2818e69d05b812a69e9205a8c81c78ad2bb4d4cef006c18ad988b6321edaa606522d62259398e7bc...
Effective URL: https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_sou...
Submission: On February 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 33 HTTP transactions. The main IP is 2600:9000:2251:4200:e:30c6:b580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is reservations.loewshotels.com. The Cisco Umbrella rank of the primary domain is 890703.
TLS certificate: Issued by Amazon on December 13th 2021. Valid for: a year.
This is the only time reservations.loewshotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.18.12 22606 (EXACT-7)
9 2600:9000:225... 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.139.47 16509 (AMAZON-02)
4 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3.213.247.250 14618 (AMAZON-AES)
1 7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.15.119 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
1 151.101.193.182 54113 (FASTLY)
33 11
1    13.111.18.12 (United States)

ASN22606 (EXACT-7, US)
PTR: click.s10.exacttarget.com
click.loews-emails.com
9    2600:9000:2251:4200:e:30c6:b580:93a1 (United States)

ASN16509 (AMAZON-02, US)
reservations.loewshotels.com
7    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    18.66.139.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-47.fra60.r.cloudfront.net
wallet-sdk.mycheckapp.com
4    2a02:26f0:ef:284::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    3.213.247.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-247-250.compute-1.amazonaws.com
booking.nextguest.com
7    2606:4700:10::6816:2fa8 (United States)

ASN13335 (CLOUDFLARENET, US)
onboard.triptease.io
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    151.101.193.182 (United States)

ASN54113 (FASTLY, US)
static.triptease.io
Apex Domain
Subdomains		 Transfer
9 loewshotels.com
reservations.loewshotels.com — Cisco Umbrella Rank: 890703
529 KB
8 triptease.io
onboard.triptease.io — Cisco Umbrella Rank: 33906
static.triptease.io — Cisco Umbrella Rank: 39010
139 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 443
117 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 505
110 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1475
insight.adsrvr.org — Cisco Umbrella Rank: 607
3 KB
2 nextguest.com
booking.nextguest.com — Cisco Umbrella Rank: 762160
31 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 709
471 B
1 mycheckapp.com
wallet-sdk.mycheckapp.com — Cisco Umbrella Rank: 620226
528 KB
1 loews-emails.com
click.loews-emails.com
362 B
33 9
Domain Requested by
9 reservations.loewshotels.com reservations.loewshotels.com
7 onboard.triptease.io 1 redirects wallet-sdk.mycheckapp.com
onboard.triptease.io
7 cdn.cookielaw.org reservations.loewshotels.com
cdn.cookielaw.org
wallet-sdk.mycheckapp.com
4 assets.adobedtm.com reservations.loewshotels.com
assets.adobedtm.com
2 booking.nextguest.com wallet-sdk.mycheckapp.com
1 static.triptease.io onboard.triptease.io
1 insight.adsrvr.org js.adsrvr.org
1 js.adsrvr.org assets.adobedtm.com
1 geolocation.onetrust.com wallet-sdk.mycheckapp.com
1 wallet-sdk.mycheckapp.com reservations.loewshotels.com
1 click.loews-emails.com 1 redirects
33 11
Subject Issuer Validity Valid
reservations.loewshotels.com
Amazon		 2021-12-13 -
2023-01-11		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
mycheckapp.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
booking.nextguest.com
Amazon		 2021-07-06 -
2022-08-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-10 -
2022-07-09		 a year crt.sh
*.triptease.io
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh

This page contains 3 frames:

Primary Page: https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Frame ID: 62AD8FA703B89051EC0CA9CBA0F04048
Requests: 31 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=e90cfk0&ref=https%3A%2F%2Freservations.loewshotels.com%2F%3Fchebs%3DBrandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut%26utm_medium%3Demail%26utm_source%3DSFMC%26utm_campaign%3D22-02-28-Brandwide-SpringBreak%2F%23&upid=cyt5xmo&upv=1.1.0
Frame ID: 51990323CA91E54DBC07607DC1A6B673
Requests: 1 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v5349.55801/kernel-host.html?originHost=reservations.loewshotels.com
Frame ID: A4E051B629D7B92FCA9C242D267A1073
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loews Hotels: Luxury Hotels | Select DestinationBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. http://click.loews-emails.com/?qs=c222724b49ef2818e69d05b812a69e9205a8c81c78ad2bb4d4cef006c18ad988b6321eda... HTTP 302
    https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

33
Requests

97 %
HTTPS

45 %
IPv6

9
Domains

11
Subdomains

11
IPs

2
Countries

1458 kB
Transfer

5106 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.loews-emails.com/?qs=c222724b49ef2818e69d05b812a69e9205a8c81c78ad2bb4d4cef006c18ad988b6321edaa606522d62259398e7bc96f91e0be88991f3150cbc79f2221b011fee HTTP 302
    https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://onboard.triptease.io/bootstrap.js?integrationId=01DEYB5T3PZSYDT5ZWWHBBYE2J HTTP 307
  • https://onboard.triptease.io/bootstrap/v5349.55801/bootstrap.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
reservations.loewshotels.com/
Redirect Chain
  • http://click.loews-emails.com/?qs=c222724b49ef2818e69d05b812a69e9205a8c81c78ad2bb4d4cef006c18ad988b6321edaa606522d62259398e7bc96f91e0be88991f3150cbc79f2221b011fee
  • https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
936 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3e6e61addeac67dfab589b8b2902d77752f30c3e5f215183b8046ea4908730e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
content-length
936
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
x-amz-version-id
rjq18SJaWJBsH43KkgggDMdLwIzQAlLZ
accept-ranges
bytes
server
AmazonS3
date
Mon, 28 Feb 2022 20:31:00 GMT
etag
"354b6b416a8c86523edd98daed82e979"
x-cache
RefreshHit from cloudfront
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
r_uOFW96-m04P6dIGVLPFZS0Xy4dwKHnlsAEndjZQBuI1Ag9nxVElQ==

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/#
Date
Mon, 28 Feb 2022 20:30:58 GMT
X-Cnection
close
Content-Length
316
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
tIKwvumWYF6u8xFeFGeRKQ==
age
12696
vary
Accept-Encoding
content-length
6486
x-ms-lease-status
unlocked
last-modified
Mon, 28 Feb 2022 03:37:33 GMT
server
cloudflare
etag
0x8D9FA6BA80E9F12
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
91d703fd-b01e-0044-575f-2c048a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c69f4e9fa3748-MXP
sdk.js
wallet-sdk.mycheckapp.com/ 		2 MB
528 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wallet-sdk.mycheckapp.com/sdk.js
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-47.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a1763d577edd1d897a0428dabb3879f9f387bad23762c0a91341adc894b253f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 07:01:05 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 13:38:38 GMT
server
AmazonS3
age
48595
etag
"7ca695d192dd3845911f81cde22d7965"
x-cache
Hit from cloudfront
x-amz-version-id
null
via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
text/javascript
content-length
540051
x-amz-cf-id
YlTrcHIqmARIBA2rHx_t35hd9Z9uHD3AVJc4WeXiDPO4VT4ydCCtsw==
launch-c40de9192a71.min.js
assets.adobedtm.com/bb2c8619dc8e/a38724a78992/ 		339 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
42f1da874a8b9d35a5e540a37172c0c0a69be94c1982b047690a0f0e85c0a5f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:32:26 GMT
server
AkamaiNetStorage
etag
"e4e566c7ae672c1f827900e54b2996a4:1645731146.255052"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Feb 2022 21:30:59 GMT
index.js
reservations.loewshotels.com/ 		2 MB
446 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/index.js?22c31c23526685b941e6
Requested by
Host: reservations.loewshotels.com
URL: https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5c8149896f8092c913eadb8635e16e37762ad8b2daeb359d0f0ffd1ecbb2999

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
3HW2NXH4k1DvZQdQFY9iEBR2aloxPS.J
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"4cf551e6721a24dd40be97fd017dedb3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/x-javascript
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Mon, 28 Feb 2022 20:31:00 GMT
x-amz-cf-id
azwDrRs-VPQXQjHuitO9n5bpya5fbKUOl730hy5jLa_t_bzdi_QPEw==
0a9765e3-a574-41b5-a49b-d12291495d13.json
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689469fe62a37d66aacbbcfd69e9d0d3cca3bebc4ed3aba16231b739036a182d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
tRdPaPrT92Pe3l5ddqfgkQ==
age
5105
vary
Accept-Encoding
content-length
1495
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jul 2021 13:24:31 GMT
server
cloudflare
etag
0x8D95101DE4A03F3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d9be69e2-201e-0145-11d6-2c4322000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c69f5bbd1d61c-MXP
expires
Tue, 01 Mar 2022 00:30:59 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		182 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://reservations.loewshotels.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e4c69f64c428fee-FRA
access-control-allow-headers
Content-Type
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:01 GMT
server
AkamaiNetStorage
etag
"4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12188
expires
Mon, 28 Feb 2022 21:30:59 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:02 GMT
server
AkamaiNetStorage
etag
"8b210658d66894c896047ae490138f1c:1629320642.068491"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1593
expires
Mon, 28 Feb 2022 21:30:59 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.21.0/ 		311 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
pGGMtIN6zlnW55bGN1NE3w==
age
11478207
vary
Accept-Encoding
content-length
75797
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:45 GMT
server
cloudflare
etag
0x8D94D7D67DF8167
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0eb4a4a3-c01e-00ae-346c-c4fb8b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c69f67d893748-MXP
en.json
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/ 		60 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e55dbbd8759e1aaad6b13bfef8c7d7d42eb3ab60bb47baf33f749b6f5019bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
M97Bizp2l8fHkj7xn1xHdQ==
age
5102
vary
Accept-Encoding
content-length
14648
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jul 2021 13:24:40 GMT
server
cloudflare
etag
0x8D95101E37B6ECF
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4fc4e10d-001e-005d-02d6-2c28e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c69f6edf4d61c-MXP
expires
Tue, 01 Mar 2022 00:30:59 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otFlat.json
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
h27oznMDITC5RVEkLZtwKw==
age
5102
vary
Accept-Encoding
content-length
2950
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:39 GMT
server
cloudflare
etag
0x8D94D7D641A6DE0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3c7580ef-101e-016f-21d6-2c3667000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c69f72e77d61c-MXP
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/ 		47 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/otPcCenter.json
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584f895bb024b067b440328e4d92bb57ed91c91fccfdd464d20b078d5e6e2f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PUpMkq1SXMqV5yZBdrq2rw==
age
5102
vary
Accept-Encoding
content-length
11523
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:41 GMT
server
cloudflare
etag
0x8D94D7D65056FF9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
12dcceb1-901e-0094-65d6-2cb828000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e4c69f72e79d61c-MXP
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.21.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Feb 2022 20:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
F/Fs54+x9bQK/ULkNRp4fA==
age
5102
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Fri, 23 Jul 2021 01:58:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
ea0bf150-401e-0133-7ad6-2cc79e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6e4c69f72e7bd61c-MXP
truncated
/ 		817 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
gt-america-extended-thin.woff2
reservations.loewshotels.com/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/fonts/gt-america-extended-thin.woff2?7b0ba81d5494fd64d1d643f664b89605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6a9cd75e985cfb2c6014f6f6c923f6345cb56764fc01ff174a02e47de4f5081

Request headers

Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
xESXI4zLoLo0uGZqicpx460oOVOvgpLh
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"da07b8d83b528214daca256bf3954226"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
date
Mon, 28 Feb 2022 20:31:00 GMT
accept-ranges
bytes
content-length
24400
x-amz-cf-id
Hs225LJh_YFx_z42Cw4khJ9ZDIPNDyT8zgLnZxyv1L1sViY_9v87Ww==
gt-america-extended-medium.woff2
reservations.loewshotels.com/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/fonts/gt-america-extended-medium.woff2?dc6a2fab3ea89eba5ea49e856c8960d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d94d1f6dc53064b7da949ec42c15f4211a5894b7becdca7d801040d3af45b5f

Request headers

Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
c_pmFaATCgY1OE1FygRRNPPWm_8CkT3r
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"f411df658a483908abd1ac1cde89131e"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
date
Mon, 28 Feb 2022 20:31:01 GMT
accept-ranges
bytes
content-length
25096
x-amz-cf-id
AbQQaIwf1T5XHmltq9EZZCqEBdgRxFVjMcuuWX-BMhvt7sVQOHC7ig==
properties
booking.nextguest.com/api/v1/ 		22 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.nextguest.com/api/v1/properties?tenantId=11111111-1111-1111-1111111111111111&locale=en
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.247.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-247-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f10bbf220e113266e6e1ad6e667d83c71cab115eba814472c73d76e7ec267135

Request headers

Accept
application/json, text/plain, */*
Referer
https://reservations.loewshotels.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:00 GMT
server
nginx
x-ratelimit-remaining
27
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-data-cached
true
x-ratelimit-limit
60
x-served-by
ip-10-10-102-175.ec2.internal
configuration
booking.nextguest.com/api/v1/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://booking.nextguest.com/api/v1/configuration?tenantId=11111111-1111-1111-1111111111111111
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.247.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-247-250.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2c28a8e6f900d86e02f54eb80d11d10e2c21669d062ab8267ba8e482a28efbb8

Request headers

Accept
application/json, text/plain, */*
Referer
https://reservations.loewshotels.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:00 GMT
server
nginx
x-ratelimit-remaining
27
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-data-cached
false
x-ratelimit-limit
60
x-served-by
ip-10-10-103-170.ec2.internal
logo.svg
reservations.loewshotels.com/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/logo.svg?143b2150134d67f6c3f969c22e22be92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa4baf1a3e8a59b424d381fbc786593813015ed08af4a5dc5c00b9e7f54ac45f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
0X98pQ3km4EYtz.nl86wrfkS0I2hFDE9
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"6f8249a61f4fa7e7da16a62ae4ff339f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Mon, 28 Feb 2022 20:31:01 GMT
x-amz-cf-id
P9S21XGh4d5MXQ1_Ze1dAB31nHvLr14t08NE28E4wZ0G1Mo17xSqlQ==
logoDark.svg
reservations.loewshotels.com/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/logoDark.svg?139865d559cf6cbeacf4486d696f058b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f45590044fbdeff513e97284bf7680db553151819ee227c6ee4c896f4f85f35e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
m74L1XwvQMyrI3UrCCD_xX2TkWLObvus
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"4e6c26792221026f342f1dc6bd48bbb3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Mon, 28 Feb 2022 20:31:01 GMT
x-amz-cf-id
_tXVYoL9cEyE574G8j2oi5njva25AwpMO2u7trfGXAxHHsHRXXeZiQ==
footerlogo.svg
reservations.loewshotels.com/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/footerlogo.svg?740b63d786ed8e853ca2f1ef2f1bc9ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
901bde9899f5434bffe92ebc973d73d9b8447e62ebff51d107a0cf8dc2681eea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
00BA8axA5seNVbhkNREjsNnElIyLbXZB
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"9a22bcb801205e6fa1acb6c58d54b4e7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Mon, 28 Feb 2022 20:31:01 GMT
x-amz-cf-id
2m_s-hfkEqHVGKRsHZYukjzQnYp0jZbFGEOHvI4GODp_8RmFiI02ig==
amex.svg
reservations.loewshotels.com/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reservations.loewshotels.com/images/amex.svg?7243750110117bffd5b129cac4e6d0d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce3424a59b725dc106ee08ce63c5b8fde5f976ca64f27ee63e4db312b76ad779

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
niWcW60aq.sW1PZAPeyM__GwtKJ5rC3i
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
W/"444fa3395bf3f573fb16bdd30bfa1d2b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
date
Mon, 28 Feb 2022 20:31:01 GMT
x-amz-cf-id
w7eRta4oTy005Ihs8S4Xpj5QfyzA6n6_mmxS3TDs3NG8a3awwPjQXQ==
gt-america-extended-bold.woff2
reservations.loewshotels.com/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://reservations.loewshotels.com/fonts/gt-america-extended-bold.woff2?1370fafee71be7e9c7d559397917aa26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:4200:e:30c6:b580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
721720bc39ba3dd58bb38be24c025a455d79cfe268b6f6c9aec8a5b5b4856da3

Request headers

Referer
https://reservations.loewshotels.com/?chebs=Brandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut&utm_medium=email&utm_source=SFMC&utm_campaign=22-02-28-Brandwide-SpringBreak/
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
_96FUNNfwDWiSzDaIACHqMbx9G3Bf3i.
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
last-modified
Wed, 16 Feb 2022 11:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"d7826d26e824bb1d0fab2ca2bab4dd7d"
x-cache
RefreshHit from cloudfront
content-type
application/octet-stream
date
Mon, 28 Feb 2022 20:31:01 GMT
accept-ranges
bytes
content-length
25204
x-amz-cf-id
lGOxfUFlgUKOyoO0lUedeVLwKF_ZJ1BJkm2HKmMi1AhHs7z18dK6sw==
RC0fe18a7d3c654313a0d28b2a51f28980-source.min.js
assets.adobedtm.com/bb2c8619dc8e/a38724a78992/0b24f28ce25e/ 		670 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/0b24f28ce25e/RC0fe18a7d3c654313a0d28b2a51f28980-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef:284::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9a7b797be75acce791b094ebf09106bef6b6e75235d1c25733b1593f44959112

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:00 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:32:27 GMT
server
AkamaiNetStorage
etag
"7c211a728ae0d09d04fa14376021f20c:1645731147.125862"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
382
expires
Mon, 28 Feb 2022 21:31:00 GMT
bootstrap.js
onboard.triptease.io/bootstrap/v5349.55801/
Redirect Chain
  • https://onboard.triptease.io/bootstrap.js?integrationId=01DEYB5T3PZSYDT5ZWWHBBYE2J
  • https://onboard.triptease.io/bootstrap/v5349.55801/bootstrap.js
88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/bootstrap/v5349.55801/bootstrap.js
Protocol
H2
Server
2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6070b929f73ce2ff000de0293de0e86d210c031d3f58cefe1dce1a042134da91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-goog-meta-git-hash
2661c84012349f75002f6b03eeb9b35c66c119dc
x-guploader-uploadid
ADPycdsxq0FgIpVNZdWOYX1qNa0_aRV8iH-FDExN5Q0qkCLEpbd6RpylUemOnRo6aBZfoBSwQEB7X0pnnWNa0mC1AayZC0aMhg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-build-version
5349.55801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 28 Feb 2022 19:35:34 GMT
server
cloudflare
etag
W/"4b762be96bbeb0dcec296c018901d8be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
x-goog-hash
crc32c=Om6nuA==, md5=S3Yr6Wu+sNzsKWwBiQHYvg==
x-goog-generation
1646076934749098
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
90391
cf-ray
6e4c69fd9b729b57-FRA
expires
Tue, 28 Feb 2023 19:41:02 GMT

Redirect headers

date
Mon, 28 Feb 2022 20:31:00 GMT
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
location
https://onboard.triptease.io/bootstrap/v5349.55801/bootstrap.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=600
strict-transport-security
max-age=15552000
cf-ray
6e4c69fd2a469b57-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/bb2c8619dc8e/a38724a78992/launch-c40de9192a71.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 28 Feb 2022 03:31:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
61144
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
Gf62hP27Ya2wCvTmedPGMCs2h2_J-pT1eBoIKuzIu7gtAJ7F6yVnKg==
up
insight.adsrvr.org/track/ Frame 5199 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=e90cfk0&ref=https%3A%2F%2Freservations.loewshotels.com%2F%3Fchebs%3DBrandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut%26utm_medium%3Demail%26utm_source%3DSFMC%26utm_campaign%3D22-02-28-Brandwide-SpringBreak%2F%23&upid=cyt5xmo&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/

Response headers

date
Mon, 28 Feb 2022 20:31:01 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
identity
onboard.triptease.io/ 		161 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/identity
Requested by
Host: wallet-sdk.mycheckapp.com
URL: https://wallet-sdk.mycheckapp.com/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1074b5c183a6774912a270598d78ca11618221f4b998071b0ebbf94af598bd67
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:00 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reservations.loewshotels.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
strict-transport-security
max-age=15552000
cf-ray
6e4c69fe7d2f91d7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
kernel-host.html
onboard.triptease.io/kernel/v5349.55801/ Frame A4E0 		57 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/kernel/v5349.55801/kernel-host.html?originHost=reservations.loewshotels.com
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DEYB5T3PZSYDT5ZWWHBBYE2J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0dc57e85af77f661d45f53f4fdbf7c5392f667d1b9d5aa6d781e0fe0fd36cbd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://reservations.loewshotels.com/

Response headers

date
Mon, 28 Feb 2022 20:31:00 GMT
content-type
text/html; charset=utf-8
cf-ray
6e4c69fe7d3391d7-FRA
access-control-allow-origin
*
cache-control
public, max-age=31536000
expires
Tue, 28 Feb 2023 19:46:07 GMT
last-modified
Mon, 28 Feb 2022 19:35:48 GMT
strict-transport-security
max-age=15552000
vary
Accept-Encoding
cf-cache-status
MISS
access-control-expose-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation
1646076948877944
x-goog-hash
crc32c=yi1o/Q== md5=fihe8+pVB1WoqFNzFeWSBQ==
x-goog-meta-build-version
5349.55801
x-goog-meta-git-hash
2661c84012349f75002f6b03eeb9b35c66c119dc
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
58399
x-guploader-uploadid
ADPycdtfyrUQalThFttXSvmTo9LR3To1Jkhd4roZ2LBoNu6Iy4IjieVNIJXL8rr8OsfO_xvsWqys-2bzceeL8usd84D3vrbtKQ
server
cloudflare
content-encoding
br
kernel.js
onboard.triptease.io/kernel/v5349.55801/ Frame A4E0 		61 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/kernel/v5349.55801/kernel.js?
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/kernel/v5349.55801/kernel-host.html?originHost=reservations.loewshotels.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ddcc602710e002a9c4481ef871780b1beca27bacdd08afd7d7c24ac74781de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboard.triptease.io/kernel/v5349.55801/kernel-host.html?originHost=reservations.loewshotels.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-goog-meta-git-hash
2661c84012349f75002f6b03eeb9b35c66c119dc
age
2997
x-guploader-uploadid
ADPycdsyDFCgWbsubc4csO1mx-pHBOsEqUpt-LNLtMJqhokGTzPhjhnO2i4ToGpXFRkKP4QFixUlBZ40AmgcLo7QnZYYHXmZFw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-build-version
5349.55801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
6e4c69ff3ed391d7-FRA
last-modified
Mon, 28 Feb 2022 19:35:48 GMT
server
cloudflare
etag
W/"31e3657e5ab8b4663c1a1aece3c4cb6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
x-goog-hash
crc32c=Sn4KYQ==, md5=MeNlflq4tGY8Ghrs48TLbg==
x-goog-generation
1646076948887493
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
62134
content-type
application/javascript; charset=utf-8
expires
Tue, 28 Feb 2023 19:41:03 GMT
loews.js
onboard.triptease.io/integrations/v5349.55801/ 		142 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/integrations/v5349.55801/loews.js
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DEYB5T3PZSYDT5ZWWHBBYE2J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abbe6aeeff01abd1fb699f19b31526f8c1089510fba4467b2f8c3b0aecb08eec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://reservations.loewshotels.com/
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 28 Feb 2022 20:31:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
x-goog-meta-git-hash
2661c84012349f75002f6b03eeb9b35c66c119dc
x-guploader-uploadid
ADPycdtVF-7otRw0Ejv2mvFmnJgJs9r1QTuCjz-t9CLtRx5t81ZIqWrRmWWybFtZo8VmHZL8bKxPjJfYwwLdmfmvUg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-build-version
5349.55801
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 28 Feb 2022 19:39:19 GMT
server
cloudflare
etag
W/"f265eaf6d123cd64f0480085835a177f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
x-goog-hash
crc32c=5o6uAg==, md5=8mXq9tEjzWTwSACFg1oXfw==
x-goog-generation
1646077159587495
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000
x-goog-stored-content-length
145780
cf-ray
6e4c6a0618d85a25-MXP
expires
Tue, 28 Feb 2023 20:31:02 GMT
bootstrap-message-engine.js
static.triptease.io/message-porter/dist/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DEYB5T3PZSYDT5ZWWHBBYE2J
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.182 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ea974b99e3e42e61a6ef773640506f79e5c5c195d8a627e1945e4b04fca13584
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://reservations.loewshotels.com/
Origin
https://reservations.loewshotels.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-encoding
gzip
vary
Accept-Encoding
age
517
x-guploader-uploadid
ADPycduS1rsd_DIQI1p06YHp2Zy4Z3kpqNsBL5ElDMc-BB6JbNVqZMXo3L2bTfa9xDhXEeIxPCf6NSwFjVhUfivu0xH_gLQNUQ
x-goog-stored-content-encoding
identity
x-served-by
cache-hhn4027-HHN
x-timer
S1646080264.575164,VS0,VE0
etag
"8abb58f9bd85f242da2ad62294eab27e"
pseudo-session-id
090124eab80b52c252f47433266cdfc29208012b8e8e69ac92fc162fc0b22182
x-goog-generation
1646058715348885
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-cache, max-age=600
x-cache-hits
29
date
Mon, 28 Feb 2022 20:31:03 GMT
via
1.1 varnish
x-goog-meta-goog-reserved-file-mtime
1646058548
x-cache
HIT
x-goog-storage-class
STANDARD
backend-url
/message-porter/dist/bootstrap-message-engine.js
x-goog-metageneration
2
content-length
27089
last-modified
Mon, 28 Feb 2022 14:31:55 GMT
server
UploadServer
strict-transport-security
max-age=31557600
x-goog-hash
crc32c=2diDWQ==, md5=irtY+b2F8kLaKtYilOqyfg==
pseudo-device-id
34d361dd4ad21a1a26c75ab7e2d4bb130fd17c8b834e50faa2ed3f88fbfa0fc8
expires
Mon, 28 Feb 2022 19:52:23 GMT
x-goog-stored-content-length
80339
surrogate-key-debug
message-porter message-porter-bootstrap-message-engine message-porter-js
accept-ranges
bytes
timing-allow-origin
*
batch
onboard.triptease.io/message/ 		0
267 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://onboard.triptease.io/message/batch
Requested by
Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DEYB5T3PZSYDT5ZWWHBBYE2J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:2fa8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://reservations.loewshotels.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 28 Feb 2022 20:31:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
168921f9cbb336060a139b9209d8b281
strict-transport-security
max-age=15552000
cf-ray
6e4c6a110b7b91d7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper function| setImmediate function| clearImmediate object| __SENTRY__ object| regeneratorRuntime object| mycheckWallet object| isAmazonInit number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SECRET_EMOTION__ object| loggerInitialValues object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| otStubData object| appEventData number| _dataLayerOverwriteMonitor function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s object| Optanon object| OneTrust object| scCGSHMRCache function| _ function| ttd_dom_ready function| TTDUniversalPixelApi function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| triptease function| parcelRequire6cf2

3 Cookies

Domain/Path Name / Value
.loewshotels.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Feb+28+2022+20%3A30%3A59+GMT%2B0000+(GMT)&version=6.21.0&isIABGlobal=false&hosts=&consentId=4ecaa1c1-e271-403e-82d4-fce1f8a648b7&interactionCount=0&landingPath=https%3A%2F%2Freservations.loewshotels.com%2F%3Fchebs%3DBrandwide_SpringBreak~Default_OHare_0228_1402885_R6464958_resbut%26utm_medium%3Demail%26utm_source%3DSFMC%26utm_campaign%3D22-02-28-Brandwide-SpringBreak%2F%23&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.triptease.io/ Name: triptease-user-id
Value: 01FX10EYSKX813Y6CEEXDZQY83
.triptease.io/ Name: triptease-session-id
Value: 01FX10EYSKDDY1XQQ7GW04ZSMR

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
booking.nextguest.com
cdn.cookielaw.org
click.loews-emails.com
geolocation.onetrust.com
insight.adsrvr.org
js.adsrvr.org
onboard.triptease.io
reservations.loewshotels.com
static.triptease.io
wallet-sdk.mycheckapp.com
108.138.15.119
13.111.18.12
151.101.193.182
18.66.139.47
2600:9000:2251:4200:e:30c6:b580:93a1
2606:4700:10::6814:b844
2606:4700:10::6816:2fa8
2606:4700::6810:9440
2a02:26f0:ef:284::1e80
3.213.247.250
35.71.131.137
0068b328dc886133e94de712c57b93368f820f34c3dc9562792b36bace8599c0
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
1074b5c183a6774912a270598d78ca11618221f4b998071b0ebbf94af598bd67
2c28a8e6f900d86e02f54eb80d11d10e2c21669d062ab8267ba8e482a28efbb8
42f1da874a8b9d35a5e540a37172c0c0a69be94c1982b047690a0f0e85c0a5f5
584f895bb024b067b440328e4d92bb57ed91c91fccfdd464d20b078d5e6e2f7c
5d94d1f6dc53064b7da949ec42c15f4211a5894b7becdca7d801040d3af45b5f
6070b929f73ce2ff000de0293de0e86d210c031d3f58cefe1dce1a042134da91
689469fe62a37d66aacbbcfd69e9d0d3cca3bebc4ed3aba16231b739036a182d
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
721720bc39ba3dd58bb38be24c025a455d79cfe268b6f6c9aec8a5b5b4856da3
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
8a1763d577edd1d897a0428dabb3879f9f387bad23762c0a91341adc894b253f
901bde9899f5434bffe92ebc973d73d9b8447e62ebff51d107a0cf8dc2681eea
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
9a7b797be75acce791b094ebf09106bef6b6e75235d1c25733b1593f44959112
a0dc57e85af77f661d45f53f4fdbf7c5392f667d1b9d5aa6d781e0fe0fd36cbd
a5c8149896f8092c913eadb8635e16e37762ad8b2daeb359d0f0ffd1ecbb2999
a7ddcc602710e002a9c4481ef871780b1beca27bacdd08afd7d7c24ac74781de
abbe6aeeff01abd1fb699f19b31526f8c1089510fba4467b2f8c3b0aecb08eec
b3e6e61addeac67dfab589b8b2902d77752f30c3e5f215183b8046ea4908730e
ce3424a59b725dc106ee08ce63c5b8fde5f976ca64f27ee63e4db312b76ad779
d6a9cd75e985cfb2c6014f6f6c923f6345cb56764fc01ff174a02e47de4f5081
d8e55dbbd8759e1aaad6b13bfef8c7d7d42eb3ab60bb47baf33f749b6f5019bb
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea974b99e3e42e61a6ef773640506f79e5c5c195d8a627e1945e4b04fca13584
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
f10bbf220e113266e6e1ad6e667d83c71cab115eba814472c73d76e7ec267135
f45590044fbdeff513e97284bf7680db553151819ee227c6ee4c896f4f85f35e
fa4baf1a3e8a59b424d381fbc786593813015ed08af4a5dc5c00b9e7f54ac45f
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f