firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 10:10:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ThmtRvqXn9hKjbXwgZffl6FcmNPtfG4eNjskffplCE8MP8gTy2XJCQ==
Age: 784
www.loewshotels.com/ventana-canyon/discover/tucson
301 Moved Permanently 178 B URL HTTP/1.1 www.loewshotels.com/ventana-canyon/discover/tucson
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /ventana-canyon/discover/tucson HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 10:23:27 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: https://www.loewshotels.com/ventana-canyon/discover/tucson
Access-Control-Allow-Origin: http://www.loewshotels.com
Access-Control-Allow-Methods: GET, POST
X-served-by: loewshotels-com-002
X-trace-id: 69344788-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Thu, 15 Sep 2022 11:00:01 GMT
Date: Thu, 15 Sep 2022 10:23:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iQlsKL3rpfEvajOIfsMutdjTZIasNZdXl1l0wRQojsmjYBkVlJWBFQ==
age: 20892
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash fc65dca3f7894c21351523ac8075e4bc
58c1ed6d54458484af9740a3a0561420acacca56
e6a924c0a7f68ed7dbbd1bf735c28c5b0450e244de35302c74cb5bde533a2469
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 367
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:27 GMT
Last-Modified: Thu, 15 Sep 2022 10:17:20 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 10:03:22 GMT
Expires: Thu, 15 Sep 2022 11:00:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZQ936uRXfQ8bGXCzdfly1NIjH02r4Pp7ymKtjV0SUJVzL77uI59xlg==
Age: 1205
assets.adobedtm.com/launch-EN979d0cb11a7a4d40955d513a23c2dc63.min.js
200 OK 123 kB URL HTTP/2 assets.adobedtm.com/launch-EN979d0cb11a7a4d40955d513a23c2dc63.min.js
IP
File type ASCII text, with very long lines (32766)
Size 123 kB (122691 bytes)
Hash 9e36267ecc57282d97f9a971e8adaf5c
ba52cd37352b7d1be76315a5807d45966ba9b21a
40eb1ae95dc703ad16358398d74286155facadb2fc12bef058629542bf5db3ac
GET /launch-EN979d0cb11a7a4d40955d513a23c2dc63.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "34abb0c7b34dae2dc5a8c17af9eae549:1660075971.768522"
last-modified: Tue, 09 Aug 2022 20:12:51 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Thu, 15 Sep 2022 11:23:27 GMT
date: Thu, 15 Sep 2022 10:23:27 GMT
content-length: 122691
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
File type ASCII text, with very long lines (21747)
Hash ec12a4ed6414d59f440cc6667f54fa56
dc045fd45a736db97db94c22d5b4d3a29aa10ea6
1a4fd42ea4ea00d7762d0a273e6094ac7967db784c736280fe77328025427373
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
last-modified: Wed, 14 Sep 2022 19:30:30 GMT
etag: 0x8DA968795FE8E83
x-ms-request-id: cc4d814a-101e-0024-4d8f-c841a8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 11805
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b0a5a68e0a0b39-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5761
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:27 GMT
Last-Modified: Thu, 15 Sep 2022 08:47:26 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/embed.js
200 OK 532 B URL HTTP/2 resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/embed.js
IP
File type ASCII text, with very long lines (594)
Hash d8a31cdcf1eeb4657fc699e616de9058
a767ca3f2a1ad54cb6810cf6259d5d9eedaec2f2
4eb28f289e9f46240e8f3cabcdb1d76ba8e9fc664bf10ced10a7c6850667c3f1
GET /wdcwest/175638/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fVKzz/Y8YIGNGopjW8ohUHz/Q57WP6gBQjmRoDbqEW8yiUlXvFu89JKNwumeNwv6xUMzDcsTEhY=
x-amz-request-id: PDC27JRGPZE6WAN0
last-modified: Mon, 29 Aug 2022 11:06:33 GMT
etag: "eff639f9d4d70b7a0784fcf6e453cc1d"
x-amz-version-id: dwwh_aARpJDQit6c0aYvQaanSYP8o9JY
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Thu, 15 Sep 2022 10:23:27 GMT
age: 966437
x-served-by: cache-sea4446-SEA, cache-bma1629-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663237408.835316,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 532
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
IP
File type ASCII text, with very long lines (32759)
Hash dbf589df4bd831d6548e8954e7556730
2bc550a57481a772c1a419541f1f79741e6cbf37
6abe28734929b843eb071472b578fc8d485465502bb3e4d94f11c589d747eb95
GET /extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "4635bffccc756e9a52eae8011adb9137:1629320641.842128"
last-modified: Wed, 18 Aug 2021 21:04:01 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 15 Sep 2022 11:23:27 GMT
date: Thu, 15 Sep 2022 10:23:27 GMT
content-length: 12188
cache-control: no-cache
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
IP
File type ASCII text, with very long lines (3157)
Hash 9b757c8ddda8add3d5d64f334666ea2d
97bf9df06f87f16500c80f45f536dc0269a883f5
f8f4b02295fdbc463dad91d02f03af1b8bd9f5e6c15732845ecb210cab062485
GET /extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "8b210658d66894c896047ae490138f1c:1629320642.068491"
last-modified: Wed, 18 Aug 2021 21:04:02 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Thu, 15 Sep 2022 11:23:27 GMT
date: Thu, 15 Sep 2022 10:23:27 GMT
content-length: 1593
cache-control: no-cache
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash ed97a4b82680caefc4ffdebf786e12fc
a638a68f346844709bac57a92bf3d2c28043165e
b81ed44963f5d8b54c62e7fe18db301d3c8eeaf8fbbfb099270562156e12fdc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.loewshotels.com/skins/loews/assets/desktop/images/logo-on-photo.png
200 OK 15 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/logo-on-photo.png
IP
File type PNG image data, 324 x 322, 8-bit colormap, non-interlaced\012- data
Hash 6585f71cbb54e316782291d91c5e26d1
7b8f20d4baa353bb7a8365719dcfb92fa5db5b72
55165f60ac3a33378060e8e676c2af77a86ba1c6b6ac7ebeaf6288997caa05f1
GET /skins/loews/assets/desktop/images/logo-on-photo.png HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: image/png
content-length: 14581
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-38f5"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-41
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json
200 OK 1.6 kB URL HTTP/2 cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json
IP
File type JSON data\012- , ASCII text, with very long lines (4014), with no line terminators
Hash c3661adafdead21af6f3cb37557c1d2f
c6fd33c5256bae79ef64a932409efdb66ace4cdb
e248a5f384cf011640743616435b64388dae2c19cbb0050ae896b4a2abf3a184
GET /consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/x-javascript
content-length: 1575
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: w2Ya2v3q0hr288s3VXwdLw==
last-modified: Wed, 20 Jul 2022 11:48:09 GMT
etag: 0x8DA6A45B7FCC495
x-ms-request-id: 17ab4307-301e-0137-783f-9c321c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 14:23:27 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b0a5a71f770af6-OSL
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
200 OK 557 B URL HTTP/2 www.google.com/recaptcha/api.js
IP
File type ASCII text, with very long lines (850), with no line terminators
Hash 2ccc89f867610ca13b2456db03928f05
d9816baef3ded701d95b61e184d8b7fe2f473c09
fb834adb29f4d3ba0653177176a82a136a06fd8cf8c55583372eabf7212eb25b
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 15 Sep 2022 10:23:27 GMT
date: Thu, 15 Sep 2022 10:23:27 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC7f72571ed4ab43ccaabc68c12ed1cd2a-source.min.js
200 OK 577 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC7f72571ed4ab43ccaabc68c12ed1cd2a-source.min.js
IP
File type ASCII text, with very long lines (766)
Hash 0c18d333f86273215ec94bb1772128c2
7739624c5be5326e84ca49b60956774647a70ae6
7d8ecb9f3d98fff053aa29b2bd18bdb7bed9a1166661e7d54ed10654df25b191
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC7f72571ed4ab43ccaabc68c12ed1cd2a-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Thu, 15 Sep 2022 11:23:28 GMT
date: Thu, 15 Sep 2022 10:23:28 GMT
content-length: 577
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC06f399f63d0f4fd1bf4c207d6611c671-source.min.js
200 OK 474 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC06f399f63d0f4fd1bf4c207d6611c671-source.min.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (674)
Hash d4c8c2e1571aa02dacba262d785d76a8
51d4953722eb1dd48f1ff052327bf9e1d44044db
1c097e7eace56d8dbe18ed7950d657f454b38878b6939427bc2fec0a253bbc5b
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC06f399f63d0f4fd1bf4c207d6611c671-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Thu, 15 Sep 2022 11:23:28 GMT
date: Thu, 15 Sep 2022 10:23:28 GMT
content-length: 474
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC92fd31a67912419fa60c658ac0e31179-source.min.js
200 OK 384 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC92fd31a67912419fa60c658ac0e31179-source.min.js
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (488)
Hash 9ad9d55fffac2955e7519da683d52b7f
9cd89a6a6ecf9b4c28f993fb4979f9d26d68e9ba
998ef4d97b36ba83b2a4560552534f499487763329e15f1f1604a756ad364e48
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC92fd31a67912419fa60c658ac0e31179-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Thu, 15 Sep 2022 11:23:28 GMT
date: Thu, 15 Sep 2022 10:23:28 GMT
content-length: 384
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RCb7784875096b494ca9cf2373002ce055-source.min.js
200 OK 759 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RCb7784875096b494ca9cf2373002ce055-source.min.js
IP
File type ASCII text, with very long lines (2618)
Hash 15146b2e1d3ef0edcef02568b67436b2
a2cf60daeaa3a344facc87fca0221447cdc632f1
c4fb6a1f08e7e4aa1fd24d9ceec3858456418660130be438199e07317c3d7e35
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RCb7784875096b494ca9cf2373002ce055-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 759
cache-control: max-age=3600
expires: Thu, 15 Sep 2022 11:23:28 GMT
date: Thu, 15 Sep 2022 10:23:28 GMT
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC4661b9690b2643e38bd72208a13cbedd-source.min.js
200 OK 333 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC4661b9690b2643e38bd72208a13cbedd-source.min.js
IP
File type ASCII text, with very long lines (435)
Hash 91ae6bfa3a7937e8120af73e354d9e75
dc8045abf08c8bac41791a74ef25bb4c384e46c9
51809d27b079a92ad5ece1c1dcdd8e0d3cd038784a7f81c1a82c48857912d1c1
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC4661b9690b2643e38bd72208a13cbedd-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Thu, 15 Sep 2022 11:23:28 GMT
date: Thu, 15 Sep 2022 10:23:28 GMT
content-length: 333
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c4abb7286de7e170dbb0016f3a2158a3
666e3deed35f25db5978e106b7bd25f03ed88b03
568eb5f987f82721643dbbda223ae7ea7c31cc415a8090ea80a5f316ba79a4cd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 10:23:27 GMT
Last-Modified: Thu, 15 Sep 2022 10:20:02 GMT
Server: ECS (dcb/7F3A)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7COlET8li4-S-EPgKN_MHyskpqeRqEzF6CYQBodtEBjGGamWx_BlGw==
Age: 205
alive5.com/js/a5app.js
200 OK 3.9 kB IP
File type ASCII text, with very long lines (6468)
Hash 75a6975d1c0787404531026adb6dcc4a
4fb52a9216e6ecdb6ed65b4732f4934abebc1548
c0c6bd094b6b1ec6fd3fea3f364634c17ec8cd9ec836cd57f25238678dee7eea
GET /js/a5app.js HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 3948
last-modified: Fri, 19 Aug 2022 05:05:29 GMT
content-encoding: gzip
x-amz-version-id: 3qtZkuPKg_eKDYFlAi.PEWNRN6rUeiXN
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Thu, 15 Sep 2022 05:22:49 GMT
etag: "75a6975d1c0787404531026adb6dcc4a"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Lp8qwK4tcIxjemZyGQ7InfRNQ06fJhyGlVZdcGguIOzoz5ByRH8cdw==
age: 19421
X-Firefox-Spdy: h2
alive5.com/js/widget-min.js?s=1660885508779
200 OK 11 kB URL HTTP/2 alive5.com/js/widget-min.js?s=1660885508779
IP
File type ASCII text, with very long lines (14435)
Hash f7ddd8b2cb7c201a856bb1f218e8c623
3d055ff01de94dfc4ee441c94ed90bf32ed71a41
2f267bba836640087c24bb1049b48ab1bf7dc3ef94d1d341d04d2e7a23cecf1f
GET /js/widget-min.js?s=1660885508779 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 11426
last-modified: Fri, 19 Aug 2022 05:05:29 GMT
content-encoding: gzip
x-amz-version-id: OzKg9aIfjM7gOvH4Hz8t2qJzyjG_L9Ej
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Thu, 15 Sep 2022 04:26:26 GMT
etag: "f7ddd8b2cb7c201a856bb1f218e8c623"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IPi2VfAQlQ637-xwbPN7VlFDv3sA31IiE0fXDqIBkweVDaneY4-6xw==
age: 22695
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-thin.woff2
200 OK 24 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-thin.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 24400, version 5.65\012- data
Hash da07b8d83b528214daca256bf3954226
5b4af80232dfa3b139fa604a2db07e47e0f88d16
d6a9cd75e985cfb2c6014f6f6c923f6345cb56764fc01ff174a02e47de4f5081
GET /skins/loews/assets/desktop/fonts/gt-america-extended-thin.woff2 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/octet-stream
content-length: 24400
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
etag: "63205932-5f50"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-medium.woff2
200 OK 25 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-medium.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25096, version 5.65\012- data
Hash f411df658a483908abd1ac1cde89131e
b47fc8c02bd5562f41f0e660de7362c85310eac5
5d94d1f6dc53064b7da949ec42c15f4211a5894b7becdca7d801040d3af45b5f
GET /skins/loews/assets/desktop/fonts/gt-america-extended-medium.woff2 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/octet-stream
content-length: 25096
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-6208"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-bold.woff2
200 OK 25 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-bold.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25204, version 5.65\012- data
Hash d7826d26e824bb1d0fab2ca2bab4dd7d
ecdc8fac52fdfac1be4cac14ed56e331f45248a1
721720bc39ba3dd58bb38be24c025a455d79cfe268b6f6c9aec8a5b5b4856da3
GET /skins/loews/assets/desktop/fonts/gt-america-extended-bold.woff2 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/octet-stream
content-length: 25204
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
etag: "63205932-6274"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
alive5.com/css/widget.bundle.css
200 OK 5.0 kB URL HTTP/2 alive5.com/css/widget.bundle.css
IP
File type ASCII text, with very long lines (29776)
Hash efa7bbc2b596ff511cac4660dd73afe6
157de11705d437da41bf1ce81843578ec64a30f4
fba229087784d983c1e082558bbb2635bcebc42af3e6e0a926673f75d9049c2f
GET /css/widget.bundle.css HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 5020
last-modified: Fri, 19 Aug 2022 05:05:30 GMT
content-encoding: gzip
x-amz-version-id: SO5LECqduj3Z9oBO7TIPjRklgGkc9QFK
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Thu, 15 Sep 2022 04:59:16 GMT
etag: "efa7bbc2b596ff511cac4660dd73afe6"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qKPrxI42xj-jbj5ggsz70bBV1qq-f0tH8UYF_ZYAmPXZTI_2bjgI6w==
age: 21034
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/booking-collection.svg
200 OK 1.1 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/booking-collection.svg
IP
Hash 66f8b5a66475ce1a4bfaa8d9e596e99b
089dde7f52f773a76d0ddc4b9e69188d33092654
149b7b9cfa2dc0c3ac46e41871e500213e619ebdf3a4a2c25e1f5fef399bfcd4
GET /skins/loews/assets/desktop/images/booking-collection.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
vary: Accept-Encoding
etag: W/"6320592c-5ea"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-43
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x5NCEZIl9ieVgxndyX9Fbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wcC3btzPKcSGZrLfUJyPEGrlRu4=
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 895813a505645be197968648e23e6be9
4a81e18f159352d104d8cb48f3020ef066240eae
a5c20e0f9fc761b88e97edaa6bd8ff92859d40612f9fad9f6054b4debc3da6cb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 10:23:28 GMT
Last-Modified: Thu, 15 Sep 2022 10:23:03 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Lwx6lotPlohjiI_JQM02-WeehyNzpjB_VdEDNhSjp3WrXWVuBlWQVA==
Age: 26
www.googletagmanager.com/gtag/js?id=DC-9408590
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9408590
IP
File type ASCII text, with very long lines (1720)
Hash ac3be23cbe1ecca971b1aa056ca83546
8c47a2fa0b856815acea5fe4ca981a28dd24eb96
2591dbaa95943ccb19383260311ce96c0bca677a84879fb3834afe61cab9a397
GET /gtag/js?id=DC-9408590 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 10:23:28 GMT
expires: Thu, 15 Sep 2022 10:23:28 GMT
cache-control: private, max-age=900
last-modified: Thu, 15 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 170fd81fcabd8132c83cddb494d21835
72589107029056efc6bad735a3a070fd68058b2e
d6c7c77e54d19699f636962395af2ef0e1c26e3eb04d255e9912764ecf146b44
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:28 GMT
Etag: "6322cade-1d7"
Server: ECS (amb/6B8E)
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 2e4274887f95549ded06df800b665444
330047f4b58c8bacf60288a4785aa0f76e3122e6
acf46c4d0402f9a856b8bfc013d1ac6e00c942d8e4342c41ea87039131a6b573
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:28 GMT
Last-Modified: Thu, 15 Sep 2022 08:49:33 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 2e4274887f95549ded06df800b665444
330047f4b58c8bacf60288a4785aa0f76e3122e6
acf46c4d0402f9a856b8bfc013d1ac6e00c942d8e4342c41ea87039131a6b573
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:28 GMT
Last-Modified: Thu, 15 Sep 2022 09:33:21 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed1a966e9770807ef8b4f57a5113d29a
d843a3d371ee0424004f68ccc32ce06e6bc6e6c7
4932c01d3db39a9ac2f0f7e2693af95e5a334697edfd8d078fd52e421ba43721
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=9c0aa6c73865465e808eeba165a5f441&mboxPC=&mboxPage=cfd14dbc369042ff8a0389680d074b96&mboxRid=5d1878078eeb4729b4680706c2515975&mboxVersion=1.8.2&mboxCount=2&mboxTime=1663237393061&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Ventana%20Canyon%20Resort%20-%20Resort%20Home%20%2F%20Experience%20%2F%20Neighborhood&step=Product%20Viewed&propertyID=lvcr&mboxMCSDID=684BCA09D9B2BB95-21CDB42A3E30DB5F
200 OK 96 B URL HTTP/2 loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=9c0aa6c73865465e808eeba165a5f441&mboxPC=&mboxPage=cfd14dbc369042ff8a0389680d074b96&mboxRid=5d1878078eeb4729b4680706c2515975&mboxVersion=1.8.2&mboxCount=2&mboxTime=1663237393061&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Ventana%20Canyon%20Resort%20-%20Resort%20Home%20%2F%20Experience%20%2F%20Neighborhood&step=Product%20Viewed&propertyID=lvcr&mboxMCSDID=684BCA09D9B2BB95-21CDB42A3E30DB5F
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 9bcf1d1c6629d99411e9c0a702f39731
4ef7ea7a151683a8a164dcfd6c418d7273960cee
f200699be26d20eb5c2460399e16461425a523f09153b38028c2369f230a024c
GET /m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=9c0aa6c73865465e808eeba165a5f441&mboxPC=&mboxPage=cfd14dbc369042ff8a0389680d074b96&mboxRid=5d1878078eeb4729b4680706c2515975&mboxVersion=1.8.2&mboxCount=2&mboxTime=1663237393061&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Ventana%20Canyon%20Resort%20-%20Resort%20Home%20%2F%20Experience%20%2F%20Neighborhood&step=Product%20Viewed&propertyID=lvcr&mboxMCSDID=684BCA09D9B2BB95-21CDB42A3E30DB5F HTTP/1.1
Host: loewshotels.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-credentials: true
x-request-id: 5d1878078eeb4729b4680706c2515975
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
set-cookie: loewshotels!mboxSession=9c0aa6c73865465e808eeba165a5f441; Max-Age=1860; Expires=Thu, 15-Sep-2022 10:54:28 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
loewshotels!mboxPC=9c0aa6c73865465e808eeba165a5f441.37_0; Max-Age=63244800; Expires=Mon, 16-Sep-2024 10:23:28 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=9c0aa6c73865465e808eeba165a5f441&mboxPC=&mboxPage=cfd14dbc369042ff8a0389680d074b96&mboxRid=7f3aa674558647819c0f74e05e2194a8&mboxVersion=1.8.2&mboxCount=1&mboxTime=1663237393043&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Ventana%20Canyon%20Resort%20-%20Resort%20Home%20%2F%20Experience%20%2F%20Neighborhood&mboxMCSDID=4622D31E0595EE4D-38DA8793EC7C8A44
200 OK 96 B URL HTTP/2 loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=9c0aa6c73865465e808eeba165a5f441&mboxPC=&mboxPage=cfd14dbc369042ff8a0389680d074b96&mboxRid=7f3aa674558647819c0f74e05e2194a8&mboxVersion=1.8.2&mboxCount=1&mboxTime=1663237393043&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Ventana%20Canyon%20Resort%20-%20Resort%20Home%20%2F%20Experience%20%2F%20Neighborhood&mboxMCSDID=4622D31E0595EE4D-38DA8793EC7C8A44
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 9bcf1d1c6629d99411e9c0a702f39731
4ef7ea7a151683a8a164dcfd6c418d7273960cee
f200699be26d20eb5c2460399e16461425a523f09153b38028c2369f230a024c
GET /m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=9c0aa6c73865465e808eeba165a5f441&mboxPC=&mboxPage=cfd14dbc369042ff8a0389680d074b96&mboxRid=7f3aa674558647819c0f74e05e2194a8&mboxVersion=1.8.2&mboxCount=1&mboxTime=1663237393043&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Ventana%20Canyon%20Resort%20-%20Resort%20Home%20%2F%20Experience%20%2F%20Neighborhood&mboxMCSDID=4622D31E0595EE4D-38DA8793EC7C8A44 HTTP/1.1
Host: loewshotels.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-credentials: true
x-request-id: 7f3aa674558647819c0f74e05e2194a8
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
set-cookie: loewshotels!mboxSession=9c0aa6c73865465e808eeba165a5f441; Max-Age=1860; Expires=Thu, 15-Sep-2022 10:54:28 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
loewshotels!mboxPC=9c0aa6c73865465e808eeba165a5f441.37_0; Max-Age=63244800; Expires=Mon, 16-Sep-2024 10:23:28 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
loewshotels.mpeasylink.com/mpel/mpel.js
200 1.7 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel.js
IP
File type ASCII text, with very long lines (515)
Hash 6fdd7985388a9a91f458c96ece692409
c655f98e175824e81802934d717e0607b25d906f
17936884b849d8d2f051fa0b88d5cb58466d78931b687900b1b90aecde32d977
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Thu, 15 Sep 2022 10:23:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"5096-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
Cache-Control: max-age=86400
Expires: Fri, 16 Sep 2022 10:23:28 GMT
vary: accept-encoding
Content-Encoding: gzip
fonts.googleapis.com/css?family=Work+Sans&display=swap
200 OK 23 kB URL HTTP/2 fonts.googleapis.com/css?family=Work+Sans&display=swap
IP
File type ASCII text, with very long lines (32144)
Hash 0f6c0bf9f90a2082e5605bbe3d14807b
d283dafb05b33734bae5b4ace37657721d85963e
e9d4e409e02a7b16590aac1e7b9bade5efa362a9daecea10ee2130de928ee5fe
GET /css?family=Work+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 15 Sep 2022 10:23:28 GMT
date: Thu, 15 Sep 2022 10:23:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson
200 1.2 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Thu, 15 Sep 2022 10:23:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
vary: accept-encoding
Content-Encoding: gzip
www.loewshotels.com/skins/loews/assets/desktop/images/logo-white.svg
200 OK 1.7 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/logo-white.svg
IP
Hash 59f260e46b288e6140f0d8ef78adde1b
bc336f0a737e9340119ecda9a12e0462b5d77ce5
440cf00806fc6060f5506e1758df3c65312f4bfcd41e803e0bf59093c0dcc443
GET /skins/loews/assets/desktop/images/logo-white.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
vary: Accept-Encoding
etag: W/"6320592c-c97"
expires: Fri, 15 Sep 2023 10:23:28 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-45
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/59074c916d877.jpg/1920x1080/fit;c:0,2318,5151,5215/80/a57da9734cf66e65936bc9fb51dcac34.webp
200 OK 406 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/59074c916d877.jpg/1920x1080/fit;c:0,2318,5151,5215/80/a57da9734cf66e65936bc9fb51dcac34.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 406 kB (406530 bytes)
Hash f0b56f8dafdf9167309c09fa4ae58947
e38088193d167e948db7859ab217364c9943cf32
b8f031e9e5757111a1dab6dee70b3fe8498c778dcd3f7da44bc99bde8461eef3
GET /loewshotels.com-2466770763/cms/cache/v2/59074c916d877.jpg/1920x1080/fit;c:0,2318,5151,5215/80/a57da9734cf66e65936bc9fb51dcac34.webp HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Cookie: at_check=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 406530
date: Thu, 15 Sep 2022 10:23:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Jun 2021 17:55:32 GMT
x-amz-version-id: tCzjN4jtbuQRUaZfPl9eO76cbNVoLuF5
etag: "f0b56f8dafdf9167309c09fa4ae58947"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sXgKWdrPP9pxBC_pKfjnQPH1yt74xkWBaam_aEbDg87zdrVZfGrRFQ==
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
200 OK 76 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
IP
File type ASCII text, with very long lines (65455)
Hash a4618cb4837ace59d6e796c6375344df
be7c1789ab600623f0ecd468a89aeb852f002ea2
c0e1bed7a1ae97342732651c422512f10d708f1722f1c683ebf33247d5a0414d
GET /scripttemplates/6.21.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/javascript
content-length: 75797
content-encoding: gzip
content-md5: pGGMtIN6zlnW55bGN1NE3w==
last-modified: Fri, 23 Jul 2021 01:58:45 GMT
etag: 0x8D94D7D67DF8167
x-ms-request-id: 291e792a-e01e-00b9-2e6c-c43be8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 28635346
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b0a5abdbb20b39-OSL
X-Firefox-Spdy: h2
cdn.auth0.com/js/auth0/9.10/auth0.min.js
200 OK 36 kB URL HTTP/2 cdn.auth0.com/js/auth0/9.10/auth0.min.js
IP
File type ASCII text, with very long lines (65454)
Hash b6ac317b69df28585f7516631c3fa8a5
002dc74749e5b848fb9f17c446e5952d356465f4
c472119855bf67b502617c054809cc85db9bd15d2360892e796073c3dec3a30a
GET /js/auth0/9.10/auth0.min.js HTTP/1.1
Host: cdn.auth0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Fri, 05 Jul 2019 14:01:39 GMT
x-amz-version-id: N4bT7uXCdMCtwWdt976B9W_2.xmJUGxV
server: AmazonS3
content-encoding: gzip
date: Thu, 15 Sep 2022 07:49:10 GMT
cache-control: max-age=10800,public
etag: W/"f0de5080963d571b87bc461bcd29a1f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3qKZlGNKng6wCAzYFrRK66zoRPkm5R3-NECHeuwuJ9XanGcXCyA5QQ==
age: 9258
X-Firefox-Spdy: h2
loewshotels.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
200 1.2 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP
File type ASCII text, with very long lines (1249), with no line terminators
Hash 5ebe8697c533edb8237998614ad60c29
6a68bc8ba585164ef670f8348dc803c6808dc7ee
e727366633d7e94b6e5295d2d14ce096314c2affd2802d5ab4c894eee7e4a5a8
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Thu, 15 Sep 2022 10:23:28 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1249
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json
200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json
IP
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash 5101b1f7fd74a94b30ebed5d1535e061
f8ec7932802807b387b3c929f7aac946007baac1
7dc77661a45c42536c398ffc2f5e3b84a4cbba8c6d5205bda6db7975082a6765
GET /consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/x-javascript
content-length: 17587
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: UQGx9/10qUsw6+1dFTXgYQ==
last-modified: Wed, 20 Jul 2022 11:48:25 GMT
etag: 0x8DA6A45C10A8EBD
x-ms-request-id: 43c9b206-a01e-00f1-4832-9c0975000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Thu, 15 Sep 2022 14:23:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b0a5ac3cf60af6-OSL
X-Firefox-Spdy: h2
alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
200 OK 8.2 kB URL HTTP/2 alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (27519), with no line terminators
Hash 530a1bc9be5805f87aa14652042cc18b
b8cca80d58c30a8b4148f8e564fecb4100545678
13d323525cb29b279038af0f59454addfe58c71ac76308a9643aa87103706ae9
GET /chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 8175
last-modified: Fri, 19 Aug 2022 05:05:27 GMT
content-encoding: gzip
x-amz-version-id: w6e_LUTdY1kT33Qx9tCj5pEardtqsVlb
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Thu, 15 Sep 2022 04:07:22 GMT
etag: "530a1bc9be5805f87aa14652042cc18b"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8RK-Hq14MPeCjWDYwZsTxhMjwTbKSdSNS2ewIy810PLHf-rZ7nvOHA==
age: 22567
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663066007/assets/desktop/scripts/lightbox.js
200 OK 7.1 kB URL HTTP/2 www.loewshotels.com/skins/loews/1663066007/assets/desktop/scripts/lightbox.js
IP
File type ASCII text, with very long lines (13070)
Hash 264c069ce2a0450aa0930cbf21ad7060
78a9f9650d71c86aaee34f65896a48a4dd14e4c8
abe380fec260a20b33144db2b4c9f3ac6cbdf95bf7c6a9b2370b123923270000
GET /skins/loews/1663066007/assets/desktop/scripts/lightbox.js HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-2365"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 68932946-11
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/imagepool/62d579ad9bbae.svg
200 OK 19 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/imagepool/62d579ad9bbae.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (44703)
Hash 5809fc5a98a7711322c63e7f94e00129
5cd671098a0a107cf3317be0d03b3154b6e50f46
48e99b8e9f71aa42056e3ef10b78ecd1c7ecab25bc0853b72ddc298bea10038b
GET /loewshotels.com-2466770763/cms/imagepool/62d579ad9bbae.svg HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 30 Aug 2022 12:33:55 GMT
cache-control: public, max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Mon, 18 Jul 2022 15:18:06 GMT
x-amz-version-id: 1VLW5Ckn7qzIxeEjrYHPzNkZRa.kA4YY
etag: W/"4056a3ac52a1e01e3f7b029727561314"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gy5xOOAFPathkXq5UxSwLnk5kB7SaAFJ7XeACajntGzM6cBSCS_dIw==
age: 1374573
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663066007/assets/desktop/scripts/scripts.min.js
200 OK 182 kB URL HTTP/2 www.loewshotels.com/skins/loews/1663066007/assets/desktop/scripts/scripts.min.js
IP
Size 182 kB (181527 bytes)
Hash c1dbc3449c1e31ec6094b944b7e1e05d
87e7364a189aadbbb14cf5c652f320acbc163782
f398590b6bdacb466733d12694e1ded90d28dde967adcc0e1e4995331e9f9844
GET /skins/loews/1663066007/assets/desktop/scripts/scripts.min.js HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-957b9"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 68933005-45
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
alive5.com/js/chat.bundle.js?s=1660885508779
200 OK 192 kB URL HTTP/2 alive5.com/js/chat.bundle.js?s=1660885508779
IP
File type Unicode text, UTF-8 text, with very long lines (37235)
Size 192 kB (192298 bytes)
Hash d05fb039195af7f1be0b027c90fb5d5b
35caa479ed579ba33f7e32855fbe0df0dd568b30
a5f99f4f3e437702c9e8fbe353a915265d2fd4a02ef975885ff18688f2e4261a
GET /js/chat.bundle.js?s=1660885508779 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 192298
last-modified: Fri, 19 Aug 2022 05:05:29 GMT
content-encoding: gzip
x-amz-version-id: Ao5pkbqYGikvsA9yZNbsUKa9V5jiU4CG
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Thu, 15 Sep 2022 01:18:46 GMT
etag: "d05fb039195af7f1be0b027c90fb5d5b"
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h4OOmNklmke5RaB6ip4kjmSwVEeMAlOOW7UN1P-bpl5mO-HqgHqq_g==
age: 33565
X-Firefox-Spdy: h2
api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=5f37739d-58b6-4465-8ccb-8f35bf4f595f
200 OK 3.6 kB URL HTTP/2 api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=5f37739d-58b6-4465-8ccb-8f35bf4f595f
IP
Hash c7ab19653c2ec47889a66c1312cd7dd3
88672428177ffaa4791f5c89547b71eade839fd9
ab457f2082c4da64d7fbba3115c0e0d91ac8d20a72d2c9aeb8b68c0f5f066e63
GET /1.0/widget-code/get-by-widget-id?id=5f37739d-58b6-4465-8ccb-8f35bf4f595f HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/json; charset=utf-8
set-cookie: AWSALB=k5WHPSQEOJUEc+EUkmNuZRZ+KlMGcBOQI63k6X6CCDzHjVytWpbdpCIj7qpWmyXzEljmDoyQO/DPfj/yXRe96THByqgcJqSQ6e4Oa0ZNdPeWgrYOpVYbvb0kY5Ep; Expires=Thu, 22 Sep 2022 10:23:28 GMT; Path=/
AWSALBCORS=k5WHPSQEOJUEc+EUkmNuZRZ+KlMGcBOQI63k6X6CCDzHjVytWpbdpCIj7qpWmyXzEljmDoyQO/DPfj/yXRe96THByqgcJqSQ6e4Oa0ZNdPeWgrYOpVYbvb0kY5Ep; Expires=Thu, 22 Sep 2022 10:23:28 GMT; Path=/; SameSite=None; Secure
server: nginx
access-control-allow-origin: https://www.loewshotels.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-expose-headers: Authorization,X-A5-APIKEY
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/"c21-lVfMBFzgt31h22qEB89wbvmITKM"
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js
200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js
IP
Hash 135f9deacb56eb37d33925ad28bd87e1
691e4402038b0285fb7f560f36d5cb555cc91cf3
fd139f430770963eff1823b07bb65fb2633073d9da9b52cf7a1d45e1f7f231d7
GET /ajax/libs/chocolat/1.0.4/js/chocolat.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 3965
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6039816b-6044"
last-modified: Fri, 26 Feb 2021 23:16:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8680971
expires: Tue, 05 Sep 2023 10:23:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0mnlJz1qH68vSTlj7qnbp10AlpDn7MNTtQ%2FFPBMGUoxe74bYQhHtILuEuO%2Bzgbq14EBKcmtnSNZ7nCnPv6LU2b56bcWwGaVS9jnh8s0a9wMZb%2FA%2FvNQ9WO%2FqQ5sxpnPpWD6pDCk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b0a5acf81dfac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js
200 OK 21 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js
IP
Hash fc5e31c93500eb38e2f99f0f4afbde40
2b318430f36836ecc3b822367fed0f84273108a9
8e46ac3c53469524a002371ec002602ef60012097bff6e4ea522d654e88b3856
GET /ajax/libs/socket.io/4.3.2/socket.io.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 20711
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "616b8b0a-50e7"
last-modified: Sun, 17 Oct 2021 02:31:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 26417488
expires: Tue, 05 Sep 2023 10:23:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp4%2BzHgL9xxuYb9JOZsJsXwP5Fc1olKV4i%2Be1lyHwu%2FlYLgVOEfdR42dOLBsraeXWnKuZY4UmB2JAGd6PaJqD2DgvKVrzqgWFZqxrIEt%2FRqbIbykFJ5NYx6MTHWTcX%2BQfBpepFG4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74b0a5acf821fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
loewshotels.mpeasylink.com/mpel/mpel_ssd.js
200 1.3 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel_ssd.js
IP
File type ASCII text, with very long lines (502)
Hash 4fe354f44890333094d42e6692a9808c
e1a42008fec69409f4bea5808bd332122d050023
658bf6429d750d6d084f0a618f5edbc78d0dc14e067da35a1a55d8e0b6e066fa
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_ssd.js HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Thu, 15 Sep 2022 10:23:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3276-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
Cache-Control: max-age=86400
Expires: Fri, 16 Sep 2022 10:23:28 GMT
vary: accept-encoding
Content-Encoding: gzip
cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/59074c916d877.jpg/1920x1080/fit;c:0,2318,5151,5215;fp:48,49/80/4371549f14271b97993ca6c1ad71d34e.jpg
200 OK 450 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/59074c916d877.jpg/1920x1080/fit;c:0,2318,5151,5215;fp:48,49/80/4371549f14271b97993ca6c1ad71d34e.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 450 kB (450410 bytes)
Hash fc7729e5bdd272696698a4b755d76332
327260776bd768b8ab8056528b23ef04eaf9401a
c783d000c313930277ae21cb317576d434e3ed365dce00a419f648ca46a944e9
GET /loewshotels.com-2466770763/cms/cache/v2/59074c916d877.jpg/1920x1080/fit;c:0,2318,5151,5215;fp:48,49/80/4371549f14271b97993ca6c1ad71d34e.jpg HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 450410
date: Thu, 15 Sep 2022 10:23:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Sep 2022 14:12:54 GMT
x-amz-version-id: uEKgYSRCtG2A3g13gYwsBvp.xsBo.KOU
etag: "fc7729e5bdd272696698a4b755d76332"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: niYWXwTIT9iZFRYJtylgs2bFSscsQ5VW_LdIUauSVbTsjdh357dQyg==
X-Firefox-Spdy: h2
loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&siteurl=www.loewshotels.com&lang=en&country=®ion=&sitelist=www.loewshotels.com,loewshotels.com,loewshotelsada.dev.hebsdigital.com,loewshotels.dev.hebsdigital.com,reservations.loewshotels.com;es.loewshotels.com,es.reservations.loewshotels.com;pt.loewshotels.com,pt.reservations.loewshotels.com;de.loewshotels.com,de.reservations.loewshotels.com;frca.loewshotels.com,frca.reservations.loewshotels.com¤cy=&nonMP=false&mode=&uuid=6c9be185a5a54d57a8030f93abcbd916
200 1.2 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&siteurl=www.loewshotels.com&lang=en&country=®ion=&sitelist=www.loewshotels.com,loewshotels.com,loewshotelsada.dev.hebsdigital.com,loewshotels.dev.hebsdigital.com,reservations.loewshotels.com;es.loewshotels.com,es.reservations.loewshotels.com;pt.loewshotels.com,pt.reservations.loewshotels.com;de.loewshotels.com,de.reservations.loewshotels.com;frca.loewshotels.com,frca.reservations.loewshotels.com¤cy=&nonMP=false&mode=&uuid=6c9be185a5a54d57a8030f93abcbd916
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&siteurl=www.loewshotels.com&lang=en&country=®ion=&sitelist=www.loewshotels.com,loewshotels.com,loewshotelsada.dev.hebsdigital.com,loewshotels.dev.hebsdigital.com,reservations.loewshotels.com;es.loewshotels.com,es.reservations.loewshotels.com;pt.loewshotels.com,pt.reservations.loewshotels.com;de.loewshotels.com,de.reservations.loewshotels.com;frca.loewshotels.com,frca.reservations.loewshotels.com¤cy=&nonMP=false&mode=&uuid=6c9be185a5a54d57a8030f93abcbd916 HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Thu, 15 Sep 2022 10:23:28 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
vary: accept-encoding
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 97faaf6005407548ff0272d9e1a98648
ba158be2e35066dea0fdd56dea458234c6d03cc7
a6d63a06f0c2df3de7f31591e450be08f230c5c7f13eed0dc135f0e6296dfa46
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 10:23:28 GMT
Last-Modified: Thu, 15 Sep 2022 09:31:06 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uYyfa-nWLiy_63bTBvM3uUg41dYECE0cZbiWioublMSQfwN0eNkI4g==
Age: 3142
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 97faaf6005407548ff0272d9e1a98648
ba158be2e35066dea0fdd56dea458234c6d03cc7
a6d63a06f0c2df3de7f31591e450be08f230c5c7f13eed0dc135f0e6296dfa46
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 10:23:28 GMT
Last-Modified: Thu, 15 Sep 2022 09:25:54 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 13sVHaEzAZfnUOqsh9cc3hS-ANVZ-bAVqR8IQWimaZo5AJdJmpPO9g==
Age: 3454
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 97faaf6005407548ff0272d9e1a98648
ba158be2e35066dea0fdd56dea458234c6d03cc7
a6d63a06f0c2df3de7f31591e450be08f230c5c7f13eed0dc135f0e6296dfa46
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 10:23:28 GMT
Last-Modified: Thu, 15 Sep 2022 08:55:38 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: auNcQchXdGA-CIWgErEmswAlzZt4umTCDNa77oClgWnV8DgjqCR6Gg==
Age: 5270
status.geotrust.com/
200 OK 471 B IP
Hash c3d85f383b507a816de46048b9d2c9a7
2f8cdf71f4e0caa31a9c174071bf959ece305540
96f28864513a779b818f84d6a1637d68e4c659f8f4fa7f624beb353f636210bc
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3837
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Last-Modified: Thu, 15 Sep 2022 09:19:32 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
cdn.cookielaw.org/scripttemplates/6.21.0/assets/otFlat.json
200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/assets/otFlat.json
IP
File type JSON data\012- , ASCII text, with very long lines (10843)
Hash 876ee8ce73032130b94551242d9b702b
295e0d8870639b948535953427a04db598e13a4f
4921d2bcffd42663e84a1dc7990eede1d17729ff8b1c2f14d6ab39dccad90115
GET /scripttemplates/6.21.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: application/json
content-length: 2950
content-encoding: gzip
content-md5: h27oznMDITC5RVEkLZtwKw==
last-modified: Fri, 23 Jul 2021 01:58:39 GMT
etag: 0x8D94D7D641A6DE0
x-ms-request-id: 1f5d3ab3-401e-0177-0745-ca1bf2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b0a5aeaf760af6-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/otPcCenter.json
200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/otPcCenter.json
IP
File type JSON data\012- , ASCII text, with very long lines (37251)
Hash 3d4a4c92ad525cca95e7264176bab6af
2e223f3dcd7a7048fc282fb149c6727d65e0129c
25b8484cb9cd880581d4af5bc54a445d000607249b80f092e26ea10785ce2707
GET /scripttemplates/6.21.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: application/json
content-length: 11523
content-encoding: gzip
content-md5: PUpMkq1SXMqV5yZBdrq2rw==
last-modified: Fri, 23 Jul 2021 01:58:41 GMT
etag: 0x8D94D7D65056FF9
x-ms-request-id: 7035051c-101e-0042-436d-c4f3f2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b0a5aeaf790af6-OSL
X-Firefox-Spdy: h2
api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c
204 No Content 0 B URL HTTP/2 api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://alive5.com/
Origin: https://alive5.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 15 Sep 2022 10:23:29 GMT
set-cookie: AWSALB=XmEBVUOEXPtxcxeGADZNRZVY2s8DKgKnIAiGN5SMAxapjl7wQtePJXVrS3fUA2bvpt1y9liqTnoqPkuOX66FVGTRPv17JGW35kCNovDarPUA+oTWGjF5r6T7ZCJ8; Expires=Thu, 22 Sep 2022 10:23:29 GMT; Path=/
AWSALBCORS=XmEBVUOEXPtxcxeGADZNRZVY2s8DKgKnIAiGN5SMAxapjl7wQtePJXVrS3fUA2bvpt1y9liqTnoqPkuOX66FVGTRPv17JGW35kCNovDarPUA+oTWGjF5r6T7ZCJ8; Expires=Thu, 22 Sep 2022 10:23:29 GMT; Path=/; SameSite=None; Secure
server: nginx
x-powered-by: Express
access-control-allow-origin: https://alive5.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-headers: Content-Type,Authorization,Content-Length,X-Requested-With,X-A5-APIKEY,x-xsrf-token,Cookie
access-control-max-age: 86400
access-control-expose-headers: Authorization,X-A5-APIKEY
X-Firefox-Spdy: h2
s3.amazonaws.com/alive5cdn/images/widgets/upload/ashfaqtest-wicon1544204526155.png
200 OK 1.5 kB URL HTTP/1.1 s3.amazonaws.com/alive5cdn/images/widgets/upload/ashfaqtest-wicon1544204526155.png
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f878c9733062f3e765504ed137d0bc6
f66a4a84230dfbf1e8000d1515d36f893c5f31f6
f2e60f36746d4efa38a43a662e146f7ca279803288f2852c14d1137de68002e5
GET /alive5cdn/images/widgets/upload/ashfaqtest-wicon1544204526155.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3cRM34w/+tRbg5/uRUnmMJj8t78dPKw0dBoqr8C/OdCSO66wWoYpd+TWBJrTK/G8Q9JtkE58D04=
x-amz-request-id: 10VQ88ZA36FAVHEV
Date: Thu, 15 Sep 2022 10:23:30 GMT
Last-Modified: Fri, 07 Dec 2018 12:42:11 GMT
ETag: "6f878c9733062f3e765504ed137d0bc6"
x-amz-version-id: JEJEiC9HGRttaRlxNnlXqTQphBO7xIRV
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 1455
s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1658292655764.png
200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1658292655764.png
IP
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 347519b71d8e3a972f3a6161a942fdb7
90f6fe12fdd5252d0a8e7519a1fdfe47d2242bf7
4c289b96c46e3b3160cccd5878c91eabe11dc181751188529f1daaf20d2545e7
GET /alive5cdn/images/widgets/upload/loewshotel-w1658292655764.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4o9pWTYPaT1rWV3b5ScOOWXgOO55Lk4fhsVMa8Tx4AkIGrZcVSh/28yAFI3GW6reSABP/05jdZ0=
x-amz-request-id: 10VM8GN6F7XHE1TD
Date: Thu, 15 Sep 2022 10:23:30 GMT
Last-Modified: Wed, 20 Jul 2022 04:50:56 GMT
ETag: "347519b71d8e3a972f3a6161a942fdb7"
x-amz-version-id: 1nAmUmazzSwKNE2Gr2wOWsZnlO3pHY7f
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2294
s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1650917487991.png
200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1650917487991.png
IP
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 347519b71d8e3a972f3a6161a942fdb7
90f6fe12fdd5252d0a8e7519a1fdfe47d2242bf7
4c289b96c46e3b3160cccd5878c91eabe11dc181751188529f1daaf20d2545e7
GET /alive5cdn/images/widgets/upload/loewshotel-w1650917487991.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: P2RkfgV2ZwQEQYRa/QMeQ7OVGnqQI4G7jKSK31vDr0PAgbXY+5xM4het6R8jSnsXbj6qJnL4vno=
x-amz-request-id: 10VQCZAA014PV3CK
Date: Thu, 15 Sep 2022 10:23:30 GMT
Last-Modified: Mon, 25 Apr 2022 20:11:29 GMT
ETag: "347519b71d8e3a972f3a6161a942fdb7"
x-amz-version-id: HmKOJgg968umazmGtsrK1kaT2uNHCw4h
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2294
analytics.convertlanguage.com/el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.loewshotels.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=6c9be185a5a54d57a8030f93abcbd916&ua=na&et=3&f_lang=&f_country=&f_curr=&hist=&tpl=e_T0FF_v3.13.0.0&url=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&
200 OK 35 B URL HTTP/2 analytics.convertlanguage.com/el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.loewshotels.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=6c9be185a5a54d57a8030f93abcbd916&ua=na&et=3&f_lang=&f_country=&f_curr=&hist=&tpl=e_T0FF_v3.13.0.0&url=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.loewshotels.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=6c9be185a5a54d57a8030f93abcbd916&ua=na&et=3&f_lang=&f_country=&f_curr=&hist=&tpl=e_T0FF_v3.13.0.0&url=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson& HTTP/1.1
Host: analytics.convertlanguage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: image/gif
content-length: 35
server: Apache
last-modified: Tue, 14 May 2019 17:36:29 GMT
etag: "23-588dc79153f13"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 39aa25d8411997d98f9093c19b0ccbca
3cb31e92d707cd561897042ed1a09de5a79e7108
f1b7b71241b580ec34281f5addc49d716eac9ecc46a3217e646c76e6dc8d4578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&external_user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&expiry=1694773408
302 Found 0 B URL HTTP/2 dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&external_user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&expiry=1694773408
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&external_user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&expiry=1694773408 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
location: /rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1694773408&external_user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&C=1
cf-ray: 74b0a5b03c9d1c0a-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YyL9IY2XfB6mzesuOtVsdQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 15 Sep 2023 10:23:29 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4368; Path=/; Domain=casalemedia.com; Expires=Wed, 14 Dec 2022 10:23:29 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4368; Path=/; Domain=casalemedia.com; Expires=Wed, 14 Dec 2022 10:23:29 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtkEZhMdVamhHMALB1Cwm0lDGW2QVFh%2FX%2BYVNpEILfIG0uhKSqFtO4y0DKwPxGxjXm2ps%2FtQq98dhS%2Bml%2F%2BItPUYFruDKwvyzJoZ7PUGFOotuDdN0%2FkYTJugENL3JEtRURzo9N4TFZi8dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/icon196x196.png
200 OK 101 B URL HTTP/2 www.loewshotels.com/skins/loews/icon196x196.png
IP
File type PNG image data, 196 x 196, 1-bit grayscale, non-interlaced\012- data
Hash b09faf3161e6e99941cb42098a966a82
00d44aa286caeec4a0efac14c5ef5926152f79be
b6b34a02e2312a78f36b8dfde0dcb36f063333863406dc9389b0b258466ee922
GET /skins/loews/icon196x196.png HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254|PC#9c0aa6c73865465e808eeba165a5f441.37_0#1726482194; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393; _spe_v=2ef75279-1cf0-4825-9794-798d3726e1bc; _spe_s=606e21b2-2008-4ffd-97b5-1de5772aa045; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Sep+15+2022+10%3A23%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e8b2af6e-b83e-49ea-abf9-b79753a84168&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: image/png
content-length: 101
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-65"
expires: Fri, 15 Sep 2023 10:23:29 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-47
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/favicon.ico
200 OK 34 kB URL HTTP/2 www.loewshotels.com/skins/loews/favicon.ico
IP
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash ff5c5bdbaa9011ca5ca554900110c951
36f3f0aaa57481f044762dc7fdb84a4a9a15a957
ede3b62d998abcb886e0ec59019598dd6b428955fdb92e29f761a3cdb9c66120
GET /skins/loews/favicon.ico HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254|PC#9c0aa6c73865465e808eeba165a5f441.37_0#1726482194; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393; _spe_v=2ef75279-1cf0-4825-9794-798d3726e1bc; _spe_s=606e21b2-2008-4ffd-97b5-1de5772aa045; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Sep+15+2022+10%3A23%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e8b2af6e-b83e-49ea-abf9-b79753a84168&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: image/x-icon
content-length: 34494
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
etag: "63205932-86be"
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 68933005-50
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3De081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 839f5d66-40f0-4784-afbe-b2b8094a1359
Set-Cookie: uuid2=123198794174845523; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 14-Dec-2022 10:23:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1694773408&external_user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&C=1
200 OK 43 B URL HTTP/2 dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1694773408&external_user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&C=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1694773408&external_user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: image/gif
content-length: 43
cf-ray: 74b0a5b08cd31c0a-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nKxeDJHeUvjEUEv99ijMNr2cihGUnXN5hB2WQUikP%2FVEGVMKkfrUoNdvs%2BnHYwEvS1lNxwJfCfKJw9EiwBVkOlwsOk8GpZxPDn2x7MjEYVf9c1yEl3iWM924THK1iapSyu6KOOh3kmI6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maps.google.com/maps/api/js?key=AIzaSyAGITqgqULupAFmbaED3qwZwcePi3YS12s&callback=resolveGoogleMap&libraries=geometry,places&language=en&_=1663237393231
200 OK 59 kB URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyAGITqgqULupAFmbaED3qwZwcePi3YS12s&callback=resolveGoogleMap&libraries=geometry,places&language=en&_=1663237393231
IP
File type ASCII text, with very long lines (2381)
Hash 77d57a7da1e8f6aa33b7ce40b7be9a61
1ca138e31e2ae2b432f3ae07099acf11bfe95d1e
500e018990a91a9e555c86e6d5d35352827737d11d5bc37705c91b5acab2cd83
GET /maps/api/js?key=AIzaSyAGITqgqULupAFmbaED3qwZwcePi3YS12s&callback=resolveGoogleMap&libraries=geometry,places&language=en&_=1663237393231 HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Thu, 15 Sep 2022 10:23:29 GMT
expires: Thu, 15 Sep 2022 10:53:29 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 58894
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=26
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 1f2ff0fea7939e810ad4c60fe553b6f4
16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0
9b46d70511b3a16eb5a682cd0acb13f185570ca55be11ccbcff285428e58e2e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 17:09:30 GMT
Expires: Tue, 20 Sep 2022 17:09:29 GMT
Etag: "16aa6e7b8b16ae0d965c0e9f6422d75ae37674b0"
Cache-Control: max-age=455759,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b0a5b0ad40b51b-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
x.bidswitch.net/syncd?dsp_id=425&user_group=1&expires=365&user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/syncd?dsp_id=425&user_group=1&expires=365&user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=425&user_group=1&expires=365&user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID} HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 15 Sep 2022 10:23:29 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
Set-Cookie: tuuid=3f620104-7b02-42b9-a3b5-dad36e0feef9; path=/; expires=Fri, 15-Sep-2023 10:23:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663237409; path=/; expires=Fri, 15-Sep-2023 10:23:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663237409; path=/; expires=Fri, 15-Sep-2023 10:23:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663237409; path=/; expires=Fri, 15-Sep-2023 10:23:29 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash e522cdbfc153a1051b9bcab6b3fd3575
1abc50db4690db4a665bc6b1fb15f4a17bf3f3b2
e5bc537c23573469ef2b7683e1edf8dd6b38dd44e5d498f5fda6ea200b7244b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6379
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Last-Modified: Thu, 15 Sep 2022 08:37:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c
200 OK 157 kB URL HTTP/2 api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c
IP
File type JSON data\012- , ASCII text, with very long lines (539)
Size 157 kB (157238 bytes)
Hash 4cc223422996fd65dc3d184d7bd95edd
c94cd88cdcb3dbd56a83b61f22f43129bf6bb61c
8b30b0f5b0a2ad4714745da3c53721af4b757365d27c5a4734b1adceec69b0f9
GET /1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiNzU4ZjBjM2QtODkwMy00NmUxLWE3ZWEtMTEyNzA5ZWIxMzljIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzIzNzQwOH0.kMFbwakGNeJoF0su90lKywLXYSjmF32p0HpYLH1iT2w
Origin: https://alive5.com
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: application/json; charset=utf-8
set-cookie: AWSALB=sOACbOHsJSDskVA8oDwCTPFPv+K4L0lYqVCBUUvYq17o2HPyyas36qimMbGPcXQBxij98RH5hVBLZU+n3+hYyexcJaXCelJ7I5nRNTG4jXdalvkdClXa9P0H4pXC; Expires=Thu, 22 Sep 2022 10:23:29 GMT; Path=/
AWSALBCORS=sOACbOHsJSDskVA8oDwCTPFPv+K4L0lYqVCBUUvYq17o2HPyyas36qimMbGPcXQBxij98RH5hVBLZU+n3+hYyexcJaXCelJ7I5nRNTG4jXdalvkdClXa9P0H4pXC; Expires=Thu, 22 Sep 2022 10:23:29 GMT; Path=/; SameSite=None; Secure
server: nginx
access-control-allow-origin: https://alive5.com
vary: Accept-Encoding, Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-expose-headers: Authorization,X-A5-APIKEY
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiNzU4ZjBjM2QtODkwMy00NmUxLWE3ZWEtMTEyNzA5ZWIxMzljIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzIzNzQwOH0.kMFbwakGNeJoF0su90lKywLXYSjmF32p0HpYLH1iT2w
etag: W/"34-dZu/bfEbcWPDtNLHGA7SpL7f1o8"
content-encoding: gzip
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm
302 Found 281 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 73f48b26868899d0ab45601d3d0804b5
4f565e23936526d826df2bc274b5a9a07861893d
4975bfe968adb988b0870900647720bf310bf0659f18b05fa7c15acc4e868823
GET /pixel?google_nid=cognitiv&google_cm HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm=&google_tc=
date: Thu, 15 Sep 2022 10:23:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 281
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 10:38:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=3emB4PnRvEGQvyjKgG1f-w&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25
302 Found 463 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=3emB4PnRvEGQvyjKgG1f-w&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0c0e161cfb96c358854b1e3b3dcdc76e
37260ce36179cdccdb67f2ae2e7acce9f1653317
61b82d803fab93f53398509751651fd772e6b13a3d42f8950f7d270bba86bcb6
GET /pixel?google_nid=cognitiv&google_hm=3emB4PnRvEGQvyjKgG1f-w&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=3emB4PnRvEGQvyjKgG1f-w&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25&google_tc=
date: Thu, 15 Sep 2022 10:23:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 463
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 10:38:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8960
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 10:23:29 GMT
Connection: keep-alive
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 727 B IP
Hash f741dc2f7cfebb22f0dbb1d2d470841f
22fca44711400bba14c3cb14d18b97dfdde0ed66
709f769d4c7be587b7caa6561f509a6fcd995d89ac023427f08184f06cfb4f35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Last-Modified: Thu, 15 Sep 2022 08:44:15 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 727
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8960
Expires: Thu, 15 Sep 2022 12:52:49 GMT
Date: Thu, 15 Sep 2022 10:23:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aaf675adec05212317877a5f479d11a7
cab4d850cd2bc5b3e1570ae837a58382e6eae5ec
cb4eb5b406f1ec01e3094d0519d8e4e7a469056bb898e2c47d48378e4b2b261d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d547c90-3ccc-4c25-a8e5-de1d932a8cfb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3951
x-amzn-requestid: 65c15365-1bff-4dd2-a651-33683a033e05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE9_oHP_oAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184397-148253910e5cd21b0e436b09;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:09:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzHSKob2n4WsbIoi6eJdCptVrefJxBEVANMp-WZSm6HsOI7bPUwaDA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:19:28 GMT
age: 43441
etag: "cab4d850cd2bc5b3e1570ae837a58382e6eae5ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8fd5ce3a74485c8774afee718e5d3abf
621807bbe40c3076dc9cba86b4b4cb4f230814f0
1877c0087003a63bf8187cd4e39dc8d35e8f7dcdc80dc9ae3928c7238c084df6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 13:42:54 GMT
Expires: Wed, 21 Sep 2022 13:42:53 GMT
Etag: "621807bbe40c3076dc9cba86b4b4cb4f230814f0"
Cache-Control: max-age=529763,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b0a5b069930b69-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash c3e6c131178768ed3a6f62b2022a578f
c405af5948b92cdf7432495ffa2eff0b024060da
95f9d78f15be73e9be6ec171e094580e976735fae09e07327c7983ddc31a9a2e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Last-Modified: Thu, 15 Sep 2022 08:38:20 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
personalization-engine.hebsdigital.com/iframe.html?account=loewshotels
200 OK 9.6 kB URL HTTP/2 personalization-engine.hebsdigital.com/iframe.html?account=loewshotels
IP
Hash cd66d4dc5e197602a4e01fe29fde8421
e894b09409481c9c4ed297f5fed912058701558d
8bfec214d5d01a2c362203e66e8e286e15a178f4255908cb05bf335e48dc102c
GET /iframe.html?account=loewshotels HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: text/html
server: nginx
last-modified: Fri, 15 Jul 2022 10:15:20 GMT
vary: Accept-Encoding
etag: W/"62d13e38-468"
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5754e945-dac1-48d0-8300-12286ffe02b4.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5754e945-dac1-48d0-8300-12286ffe02b4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d62d6861a80946a4cf3ba7e2a1cb0638
c096bfad52996315c174183644db3cc2c77d5f2c
693968cf7b76de9afb3440fe18800c02832daf3dd8a5de547e6dd9b6e4096b53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5754e945-dac1-48d0-8300-12286ffe02b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10188
x-amzn-requestid: 48b5c3c4-d155-4e66-949e-ed631bf43890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeB3VFE7IAMFcnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632249c8-2c5c452071eddd8e23dd6393;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 21:38:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BQD-kPbiOni5_NkEcw9gLZ1mlUZ2F8BjR7sfP2VJVQnpzae1GqdkNA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:43:57 GMT
age: 45572
etag: "c096bfad52996315c174183644db3cc2c77d5f2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0nTpbTo79RT78Sin1pTWaq4pRKWZyqnBkZCT2p66wWoW-A1OScJmIg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:09 GMT
age: 50540
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a05eafb022d09a0c88432fe018f2c325
b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94
91b3994632d954d1c93ee53a46d2d8850ebe387af40962aad787d341b742e9f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f370e89-6cc5-4da8-83dc-68d5a685ce0f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: 23ab295a-91a0-4a91-ba26-8302088a50c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNxvmEPIIAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bc996-10ccfaf45b93ef066901573d;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 23:17:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rM-kSnE6-SpiiNFAEsMmAUgxlgMDYun5zKMwTqvnM1BQcryism74gA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:18 GMT
age: 45671
etag: "b8ae9f4346fe63c5aa7a3b07ef84eac8fc63ca94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6ce4f13fdb952851182aa37a39f126d5
b2de27c47232c1e369b3a2f27e271ec6ddf08bee
97f1c64587bda43d49602f58e37b521045c3eade20704c47941c85b15c91bdb7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6006
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Last-Modified: Thu, 15 Sep 2022 08:43:23 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 6a307dbf-af18-4b40-a2c4-cda4a6e302d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLe84HUzIAMFkUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631adeb8-166dc8b954f4e5b50a0843de;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 06:35:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qQaQeJRgo5OcpjqbzgyZQCl-pYpvj6P_aoB07WGfV0YXyZqv4AQNCg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:42:17 GMT
age: 45672
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/markerwithlabel@2.0.2/index.min.js?_=1663237393233
200 OK 2.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/markerwithlabel@2.0.2/index.min.js?_=1663237393233
IP
File type ASCII text, with very long lines (8882)
Hash ea9fa9ac29130d01f0aac446c23fda3c
eb9c0917f775c9d3add434ac23fa9065128e7806
7b502af3addeb784e34d13221a5cc047e695f45be2905247346e91ace8bd19d8
GET /npm/markerwithlabel@2.0.2/index.min.js?_=1663237393233 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.2
x-jsd-version-type: version
etag: W/"23fd-94cxL8A/j/9HS+1a+DvyYfUR3Og"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 15 Sep 2022 10:23:29 GMT
age: 793241
x-served-by: cache-fra19149-FRA, cache-bma1634-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2540
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/gh/googlemaps/v3-utility-library@infobox/1.1.13/src/infobox_packed.js?_=1663237393232
200 OK 2.8 kB URL HTTP/2 cdn.jsdelivr.net/gh/googlemaps/v3-utility-library@infobox/1.1.13/src/infobox_packed.js?_=1663237393232
IP
File type ASCII text, with very long lines (5986), with no line terminators
Hash da1d15ab9cd42f1041e28dd3c6f794c5
283ce7232b40a1d05ea6a23b8305b3ee5c09f8df
be4993f25bc7e0945f81b59ae48074b7cb000830e5b4b0d5c9fa82906f27eca5
GET /gh/googlemaps/v3-utility-library@infobox/1.1.13/src/infobox_packed.js?_=1663237393232 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: infobox
x-jsd-version-type: version
etag: W/"1762-emd75CJxhBc2YLb0vJjYgfM/pIc"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 15 Sep 2022 10:23:29 GMT
age: 2011766
x-served-by: cache-fra19162-FRA, cache-bma1634-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2836
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ups.analytics.yahoo.com/ups/58561/sync?uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&_origin=1&redir=true
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58561/sync?uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&_origin=1&redir=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58561/sync?uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&_origin=1&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58561/sync?uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&_origin=1&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBCH9ImMCED_MXstp30umdipy9P683OYFEgEBAQFOJGMsYwAAAAAA_eMAAA&S=AQAAAnDr3jXzcyWyIsSZHzYf8z8; Expires=Fri, 15 Sep 2023 16:23:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
idsync.rlcdn.com/465836.gif?partner_uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/465836.gif?partner_uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /465836.gif?partner_uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 01721134027b8087fcaea01ae7470149
e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864
a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&expires=365
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&expires=365
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=711370&nid=5504&put=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 693f17ec94b6fd0c82d03268b1ba23d6
Content-Type: image/gif
api-v2.alive5.com/socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiNzU4ZjBjM2QtODkwMy00NmUxLWE3ZWEtMTEyNzA5ZWIxMzljIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzIzNzQwOH0.kMFbwakGNeJoF0su90lKywLXYSjmF32p0HpYLH1iT2w&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c&channel_id=ae07b1f7-7aa2-4d41-bdb6-98c805792e3d&is_mobile=false&EIO=4&transport=websocket
101 Switching Protocols 0 B URL HTTP/1.1 api-v2.alive5.com/socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiNzU4ZjBjM2QtODkwMy00NmUxLWE3ZWEtMTEyNzA5ZWIxMzljIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzIzNzQwOH0.kMFbwakGNeJoF0su90lKywLXYSjmF32p0HpYLH1iT2w&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c&channel_id=ae07b1f7-7aa2-4d41-bdb6-98c805792e3d&is_mobile=false&EIO=4&transport=websocket
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiNzU4ZjBjM2QtODkwMy00NmUxLWE3ZWEtMTEyNzA5ZWIxMzljIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzIzNzQwOH0.kMFbwakGNeJoF0su90lKywLXYSjmF32p0HpYLH1iT2w&thread_id=3d819ae8-33e8-4185-ae7a-1dec1667a9e5&crm_id=758f0c3d-8903-46e1-a7ea-112709eb139c&channel_id=ae07b1f7-7aa2-4d41-bdb6-98c805792e3d&is_mobile=false&EIO=4&transport=websocket HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://alive5.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PF3WkwlPn8y7rKlHY4UApQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 15 Sep 2022 10:23:29 GMT
Connection: upgrade
Set-Cookie: AWSALB=Xu170K5Hvd1C3gOgNr16vOphcaqQArKgpzz7H1G9loBe/7j5ChvPBR3O7K8ddeE8VSK4L57XAPoBrzrgjIdVR/t9G1YKINYO24OL0Wq+Nq+IJ8xGPuMN5gqdAwVM; Expires=Thu, 22 Sep 2022 10:23:29 GMT; Path=/
AWSALBCORS=Xu170K5Hvd1C3gOgNr16vOphcaqQArKgpzz7H1G9loBe/7j5ChvPBR3O7K8ddeE8VSK4L57XAPoBrzrgjIdVR/t9G1YKINYO24OL0Wq+Nq+IJ8xGPuMN5gqdAwVM; Expires=Thu, 22 Sep 2022 10:23:29 GMT; Path=/; SameSite=None; Secure
Server: nginx
Upgrade: websocket
Sec-WebSocket-Accept: xTXEFaNUPih5dAK59zSA7xREqXM=
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm=&google_tc=
302 Found 286 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm=&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4742494744a52507fd4febd8c639ec09
6c5e83b574261f8845d947deb68f4686f9bf1aad
8b2ec7a5928e9e79944e20d82107bc295ec3c10f92ae72396501762a059f6651
GET /pixel?google_nid=cognitiv&google_cm=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&google_error=3
date: Thu, 15 Sep 2022 10:23:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=3emB4PnRvEGQvyjKgG1f-w&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25&google_tc=
302 Found 324 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=3emB4PnRvEGQvyjKgG1f-w&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1b5d380e533305e088cecbf7e381d5d9
d4981cf58f8d80a173fb8b3edaf4c2376996bdd5
207417b029e14bec73844fc362c563dfad5c8f7c176eeb316f2175e7e0e6890b
GET /pixel?google_nid=cognitiv&google_hm=3emB4PnRvEGQvyjKgG1f-w&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3
date: Thu, 15 Sep 2022 10:23:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID} HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Length: 43
Connection: keep-alive
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 9b12b325a4ac4ec7d41e3d9252b0f3c9
a89c898ac4d35b33bc2766b2cee2a4d27578c78f
d9e879a8906ed6827740ce076e9569ddada19597c7aa6f42a3e1cd2d492f88ea
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "9583158802685EABC4E7FA052577B9D5531682C8"
Expires: Thu, 15 Sep 2022 21:00:00 GMT
Last-Modified: Thu, 15 Sep 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3220
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b0a5b2398c0afa-OSL
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bb0621a9272d9b16f2e9ebd04e1fa0a4
18c188d8e72979c17da7af1a4e86962130166ed9
fd5c9ab7f2c86b13ee4700b5e148aaf499bb86612851b1ebf0ffdd8829de883d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 10:23:29 GMT
Last-Modified: Thu, 15 Sep 2022 09:18:53 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PRTIigLc3QPJFHLhEsDbthX0Go75sxASk4rzWirwGYsS5xT8hCaM6w==
Age: 3876
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Thu, 15 Sep 2022 10:23:29 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.loewshotels.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58561/sync?uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&_origin=1&redir=true&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58561/sync?uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&_origin=1&redir=true&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58561/sync?uid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&_origin=1&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 15 Sep 2022 10:23:29 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBCH9ImMCEN8QnYvvvLM2u_rw24tZB4kFEgEBAQFOJGMsYwAAAAAA_eMAAA&S=AQAAAv1tv_47Q9FpysU4CmVNkVo; Expires=Fri, 15 Sep 2023 16:23:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8fd5ce3a74485c8774afee718e5d3abf
621807bbe40c3076dc9cba86b4b4cb4f230814f0
1877c0087003a63bf8187cd4e39dc8d35e8f7dcdc80dc9ae3928c7238c084df6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 13:42:54 GMT
Expires: Wed, 21 Sep 2022 13:42:53 GMT
Etag: "621807bbe40c3076dc9cba86b4b4cb4f230814f0"
Cache-Control: max-age=529763,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b0a5b27fbeb51b-OSL
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0
302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=pixel.gif
Set-Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
ss=%2FgHE3fqKl3dx8c7p9UlQYqQda6jYnSuIdKxzl%2BKuRfiHtqU6cXXvHC0Glt9ZGwSo5KOzfgLHtL%2BFIuqk7yJaSg%3D%3D; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 01721134027b8087fcaea01ae7470149
e3d82b3dd35d846d3bd662a0f9b7a51cba2ba864
a7aa0a8736af71aee8a545362876a784954dbb37cda1a2c184c7ef99e14f2b56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 10:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.srv.stackadapt.com/events.js
200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP
File type ASCII text, with very long lines (16677)
Hash c7273b28dccdcb32111fb7b1cf525739
2cf8d1094f4550aa41134e934b063da8a8b9225f
6d589725a452e34226bb5c92b08d18e10d4c37a73d0bf1cf84b924112ec8f05f
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Thu, 15 Sep 2022 10:23:29 GMT
Set-Cookie: sa-user-id=s%3A0-1e15ff19-14df-4967-507e-e5ec72c9db95.zl0768zzkrdDjpS%2FQUFiMozx%2BwKFH3e4OpbYBV8I%2B7s; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AHhX_GRTfSWdQfuXscsnblVtaKpo.HnTwWnHJV%2FLSrI4vhTFyUBtROwam4Z3nVeVzg2RPazo; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
transfer-encoding: chunked
Connection: keep-alive
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3
302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
Set-Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
ss=nz92g3eJ%2BZ6W81G%2BlzhNg9IfAWnQ88BahPJYVPzLCyaBSbE4Ukpg9BPVS5q13n6emRYP9x8kt7nqLTBUuE4UfA%3D%3D; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=mi8GSBHP8j1IB9E%2BkBHDRLRiDutl9zkfPqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=mi8GSBHP8j1IB9E%2BkBHDRLRiDutl9zkfPqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?type=sync&source=neustar&source_id=mi8GSBHP8j1IB9E%2BkBHDRLRiDutl9zkfPqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
Set-Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
ss=Y2JMRHpcaLYM8qSMBQSye3H%2FUzH63bkWTKqXh4Ia1oYBktyJ%2BLlez7KmBWdD%2BX9PrueNWc9XRMYHIGdt0f%2BGZQ%3D%3D; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&google_error=3
302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&google_error=3
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=google&google_error=3 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 10:23:29 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
Set-Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
ss=0Nj2KOI%2F6EgE5OtSO%2BMX30RxId0ddCq0E87pzzkz0j1jSPLW5eJ%2Fl7KHvffzHTrsepEbbwUTriz0TBzhXMDYGg%3D%3D; expires=Fri, 15 Sep 2023 10:23:29 GMT; path=/; secure; samesite=none
tags.srv.stackadapt.com/sa.css
200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Length: 27
Connection: keep-alive
secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3De081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: c5a67d44-42ba-43c9-b105-85761b617735
Set-Cookie: uuid2=773114196057882583; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 14-Dec-2022 10:23:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3De081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 65008f29-f31c-47be-b117-4074e4d752d8
Set-Cookie: uuid2=6360913300148586653; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 14-Dec-2022 10:23:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 15 Sep 2022 10:23:30 GMT
content-length: 0
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3De081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26adnxs_uid%3D%24UID
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3De081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26adnxs_uid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3De081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26adnxs_uid%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0
AN-X-Request-Uuid: b45bd75d-68f7-4917-b9f6-8d3edffdc36d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=pixel.gif
302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=pixel.gif
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adscores/g.pixel?sid=9212300438&puid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=pixel.gif HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 15 Sep 2022 10:23:30 GMT
location: https://beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=2AlcFsEkph5IB9E%2BkBHDROC5EUumww70PqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3AOMgCp6JZKbUKB1rbHZ%2B0Gpt6EZDuPh0f; Path=/; Domain=.agkn.com; Expires=Fri, 15-Sep-2023 10:23:30 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=2AlcFsEkph5IB9E%2BkBHDROC5EUumww70PqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=2AlcFsEkph5IB9E%2BkBHDROC5EUumww70PqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?type=sync&source=neustar&source_id=2AlcFsEkph5IB9E%2BkBHDROC5EUumww70PqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; ss=0Nj2KOI%2F6EgE5OtSO%2BMX30RxId0ddCq0E87pzzkz0j1jSPLW5eJ%2Fl7KHvffzHTrsepEbbwUTriz0TBzhXMDYGg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
Set-Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; expires=Fri, 15 Sep 2023 10:23:30 GMT; path=/; secure; samesite=none
ss=uFTRJ2INMZHYH%2FakhajRjklS112zNZo%2FFiqKZ%2BGJP2%2BSgc0GcF846sZVfopTuPzf3FgR8EvSo2engq9znCg1Rg%3D%3D; expires=Fri, 15 Sep 2023 10:23:30 GMT; path=/; secure; samesite=none
aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=pixel.gif
302 Found 184 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=pixel.gif
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 6ab39c5b523e35683554eaaa3c0e431b
ae5a2c6a8afd7f348282351c5d193d80f4acb8f4
63c619e301bfd27026301bfe8a6b4f8b94916b1857943734dece279df4743e30
GET /adscores/g.pixel?sid=9212300438&puid=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&redir=pixel.gif HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 15 Sep 2022 10:23:29 GMT
location: https://beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=mi8GSBHP8j1IB9E%2BkBHDRLRiDutl9zkfPqmISYjX2i0%3D&cognitiv_id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3A9H7p2N0WhtkKB1rbHZ%2B0Gqyh%2BDMsYdpQ; Path=/; Domain=.agkn.com; Expires=Fri, 15-Sep-2023 10:23:29 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 15 Sep 2022 10:23:28 GMT
content-length: 0
X-Firefox-Spdy: h2
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0
302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; ss=uFTRJ2INMZHYH%2FakhajRjklS112zNZo%2FFiqKZ%2BGJP2%2BSgc0GcF846sZVfopTuPzf3FgR8EvSo2engq9znCg1Rg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
Set-Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; expires=Fri, 15 Sep 2023 10:23:30 GMT; path=/; secure; samesite=none
ss=ybYJ8ekJteYL9qSd30Mu228rlqL0QWkx2IXKVjg6oRO2rFy49jbfcal5nmbkc1Q9OvlBJJsVT8CP%2BLPZ5FDEtA%3D%3D; expires=Fri, 15 Sep 2023 10:23:30 GMT; path=/; secure; samesite=none
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0
302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=xandr&id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb&adnxs_uid=0 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; ss=uFTRJ2INMZHYH%2FakhajRjklS112zNZo%2FFiqKZ%2BGJP2%2BSgc0GcF846sZVfopTuPzf3FgR8EvSo2engq9znCg1Rg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
Set-Cookie: UID=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb; expires=Fri, 15 Sep 2023 10:23:30 GMT; path=/; secure; samesite=none
ss=7ewn%2FUypvJLnkusjUZeNCPaO%2Br08grZRNDcHfpLXNVte1mnpCuzsZRNKYqUf5w0iNGhhKbqix341Kg%2F25BaDjQ%3D%3D; expires=Fri, 15 Sep 2023 10:23:30 GMT; path=/; secure; samesite=none
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Thu, 15 Sep 2022 10:23:30 GMT
content-length: 0
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Thu, 15 Sep 2022 10:23:30 GMT
content-length: 0
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.jpeg
200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 7e02c1cf6212547cd86c4e2628457998
d9c80f922f02033aefade27845b3c863b2727192
955d78b8e502a28878bb4699dd96a9b165720750ad69b79468aa4fd46271d6a4
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Length: 651
Connection: keep-alive
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 15 Sep 2022 10:23:29 GMT
content-length: 0
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/pin.png
200 OK 605 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/pin.png
IP
File type PNG image data, 68 x 76, 8-bit colormap, non-interlaced\012- data
Hash 86981e2da435cae189a85e0f4a3d749f
6377149ead60562f3717777fe2c192929701d517
83761fbfbb6281b119c3b8b776c8f90ab3df2d09829ffaf6bb2ede21b36aeb76
GET /skins/loews/assets/desktop/images/pin.png HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254|PC#9c0aa6c73865465e808eeba165a5f441.37_0#1726482194; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393; _spe_v=2ef75279-1cf0-4825-9794-798d3726e1bc; _spe_s=606e21b2-2008-4ffd-97b5-1de5772aa045; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Sep+15+2022+10%3A23%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e8b2af6e-b83e-49ea-abf9-b79753a84168&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; sa-user-id=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95.zl0768zzkrdDjpS%252FQUFiMozx%252BwKFH3e4OpbYBV8I%252B7s; sa-user-id-v2=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95%2524ip%252491.90.42.154.p2PFG6k%252F%252Fd0GjqQ45X07qDjd6V3bvwRSy19uMsC%252FiUQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:30 GMT
content-type: image/png
content-length: 605
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-25d"
expires: Fri, 15 Sep 2023 10:23:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-48
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/pin-hotel.png
200 OK 1.1 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/pin-hotel.png
IP
File type PNG image data, 68 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ab413e72cdbe3ff38e5e2e9f8aeb3c9
abb2e827a965ea34377234ee397445a96e84a3f2
6200406e8a620d5013f0146d31bcf8e16af3b3f57c4c8f00e248c1383d52feb1
GET /skins/loews/assets/desktop/images/pin-hotel.png HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254|PC#9c0aa6c73865465e808eeba165a5f441.37_0#1726482194; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393; _spe_v=2ef75279-1cf0-4825-9794-798d3726e1bc; _spe_s=606e21b2-2008-4ffd-97b5-1de5772aa045; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Sep+15+2022+10%3A23%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e8b2af6e-b83e-49ea-abf9-b79753a84168&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; sa-user-id=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95.zl0768zzkrdDjpS%252FQUFiMozx%252BwKFH3e4OpbYBV8I%252B7s; sa-user-id-v2=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95%2524ip%252491.90.42.154.p2PFG6k%252F%252Fd0GjqQ45X07qDjd6V3bvwRSy19uMsC%252FiUQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:30 GMT
content-type: image/png
content-length: 1136
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
etag: "63205932-470"
expires: Fri, 15 Sep 2023 10:23:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 68933005-51
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=e081e9dd-d1f9-41bc-90bf-28ca806d5ffb%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 15 Sep 2022 10:23:30 GMT
content-length: 0
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/saq_pxl?uid=VW8pwYrpaO7zhltRkbl4Sw&is_js=true&landing_url=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&t=Discover%20Tucson%20%7C%20Loews%20Ventana%20Canyon%20Resort&tip=xSUrSLKEBs9tKlUrWxQcUybdcMeFtkJ64yIpP-4yFR8&host=https://www.loewshotels.com&sa-user-id-v2=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95%2524ip%252491.90.42.154.p2PFG6k%252F%252Fd0GjqQ45X07qDjd6V3bvwRSy19uMsC%252FiUQ&sa-user-id=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95.zl0768zzkrdDjpS%252FQUFiMozx%252BwKFH3e4OpbYBV8I%252B7s
200 OK 94 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=VW8pwYrpaO7zhltRkbl4Sw&is_js=true&landing_url=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&t=Discover%20Tucson%20%7C%20Loews%20Ventana%20Canyon%20Resort&tip=xSUrSLKEBs9tKlUrWxQcUybdcMeFtkJ64yIpP-4yFR8&host=https://www.loewshotels.com&sa-user-id-v2=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95%2524ip%252491.90.42.154.p2PFG6k%252F%252Fd0GjqQ45X07qDjd6V3bvwRSy19uMsC%252FiUQ&sa-user-id=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95.zl0768zzkrdDjpS%252FQUFiMozx%252BwKFH3e4OpbYBV8I%252B7s
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d12c1129f6ff37622d03db4a2a5949e
bc44653c4a06e671ce423600755fed86fad8ec24
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
GET /saq_pxl?uid=VW8pwYrpaO7zhltRkbl4Sw&is_js=true&landing_url=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&t=Discover%20Tucson%20%7C%20Loews%20Ventana%20Canyon%20Resort&tip=xSUrSLKEBs9tKlUrWxQcUybdcMeFtkJ64yIpP-4yFR8&host=https://www.loewshotels.com&sa-user-id-v2=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95%2524ip%252491.90.42.154.p2PFG6k%252F%252Fd0GjqQ45X07qDjd6V3bvwRSy19uMsC%252FiUQ&sa-user-id=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95.zl0768zzkrdDjpS%252FQUFiMozx%252BwKFH3e4OpbYBV8I%252B7s HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.loewshotels.com
Content-Type: text/plain; charset=utf-8
Date: Thu, 15 Sep 2022 10:23:30 GMT
Content-Length: 94
Connection: keep-alive
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 53362
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/generic1661771191646.js
200 OK 81 kB URL HTTP/2 resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/generic1661771191646.js
IP
File type Unicode text, UTF-8 text, with very long lines (11854)
Hash da5eb17c6760632741f862da323f9306
d91fedd13252645498f9128f1e983866b141f08b
63b0d7ec0924040a510db609d4072773593a72e8b00e0625e0b890d9b3ffe7b9
GET /wdcwest/175638/onsite/generic1661771191646.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: +phQOptfupNHrYbHiKDkQ26P6VyIohYc2dJ7SIXNx3buc5v2gLLm8gkAlxBbQUfcM4depdpRpVg=
x-amz-request-id: G6PAM5VHE9EZW52F
last-modified: Mon, 29 Aug 2022 11:06:32 GMT
etag: "013f42c06b685c51aa57c5014bd0cfcb"
x-amz-version-id: wtRNj35AxgMtNOLeqncotIW3JnLtouyN
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
date: Thu, 15 Sep 2022 10:23:31 GMT
age: 966430
x-served-by: cache-sea4472-SEA, cache-bma1629-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663237411.035925,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 81026
X-Firefox-Spdy: h2
ocsps.ssl.com/
200 OK 1.9 kB IP
Hash e939f76bab72754c3b732ad770a2092a
aeaba5c8577530c25214b92de6d348d9cad0d005
a9510dbf693596bea89822d423c8cf9dc33ebd29e6910f13da915c2ec9b97352
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Sep 2022 10:23:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1883
Connection: keep-alive
Expires: Wed, 21 Sep 2022 16:46:21 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "aeaba5c8577530c25214b92de6d348d9cad0d005"
Last-Modified: Wed, 14 Sep 2022 16:46:22 GMT
X-Proxy-Cache: HIT
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiRGlzY292ZXIgVHVjc29uIHwgTG9ld3MgVmVudGFuYSBDYW55b24gUmVzb3J0IiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cubG9ld3Nob3RlbHMuY29tL3ZlbnRhbmEtY2FueW9uL2Rpc2NvdmVyL3R1Y3NvbiIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzMjM3Mzk2MjA4IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM0MGFjOTZlNjQxYS0wODBlNzQwODE0OGMwYjgtMzA2ZDQ2NGEtMTQwMDAwLTE4MzQwYWM5NmU3NWQwIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXdlc3QiLCJhY2NvdW50SWQiOiAxNzU2MzYsInVybCI6ICJodHRwczovL3d3dy5sb2V3c2hvdGVscy5jb20vdmVudGFuYS1jYW55b24vZGlzY292ZXIvdHVjc29uIiwid2Vic2l0ZUlkIjogMTc1NjM4LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwYjYxLWZkZTItZTUzZi1mYTg3LWIzMzItM2Y2Yy02NjY0LTVlODYiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2MzIzNzM5NjIwNyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAxNzMzLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjYzMjM3Mzk2MjA4LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiRGlzY292ZXIgVHVjc29uIHwgTG9ld3MgVmVudGFuYSBDYW55b24gUmVzb3J0IiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cubG9ld3Nob3RlbHMuY29tL3ZlbnRhbmEtY2FueW9uL2Rpc2NvdmVyL3R1Y3NvbiIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzMjM3Mzk2MjA4IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM0MGFjOTZlNjQxYS0wODBlNzQwODE0OGMwYjgtMzA2ZDQ2NGEtMTQwMDAwLTE4MzQwYWM5NmU3NWQwIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXdlc3QiLCJhY2NvdW50SWQiOiAxNzU2MzYsInVybCI6ICJodHRwczovL3d3dy5sb2V3c2hvdGVscy5jb20vdmVudGFuYS1jYW55b24vZGlzY292ZXIvdHVjc29uIiwid2Vic2l0ZUlkIjogMTc1NjM4LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwYjYxLWZkZTItZTUzZi1mYTg3LWIzMzItM2Y2Yy02NjY0LTVlODYiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2MzIzNzM5NjIwNyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAxNzMzLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjYzMjM3Mzk2MjA4LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiRGlzY292ZXIgVHVjc29uIHwgTG9ld3MgVmVudGFuYSBDYW55b24gUmVzb3J0IiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cubG9ld3Nob3RlbHMuY29tL3ZlbnRhbmEtY2FueW9uL2Rpc2NvdmVyL3R1Y3NvbiIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzMjM3Mzk2MjA4IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM0MGFjOTZlNjQxYS0wODBlNzQwODE0OGMwYjgtMzA2ZDQ2NGEtMTQwMDAwLTE4MzQwYWM5NmU3NWQwIiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXdlc3QiLCJhY2NvdW50SWQiOiAxNzU2MzYsInVybCI6ICJodHRwczovL3d3dy5sb2V3c2hvdGVscy5jb20vdmVudGFuYS1jYW55b24vZGlzY292ZXIvdHVjc29uIiwid2Vic2l0ZUlkIjogMTc1NjM4LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICIwYjYxLWZkZTItZTUzZi1mYTg3LWIzMzItM2Y2Yy02NjY0LTVlODYiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY2MzIzNzM5NjIwNyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAxNzMzLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Ny4zIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Ny4zIiwiaGlzdG9yeV9sZW5ndGgiOiAxLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjYzMjM3Mzk2MjA4LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0= HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-4nzw
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash aff526355583cbd8158d40c5b7198aa3
b90527a421a158b18d4d8bf1901430d55e137e40
5f51cd10dd9967741e7a6992d1db87e433d869af210144d91e29592ad8ba4486
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 10:23:31 GMT
Last-Modified: Thu, 15 Sep 2022 09:13:24 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rMwiEsAa18xhy8-KOAk9xuKVM0jlBKFBM9818y8uEr3DKyu9nBfX6g==
Age: 4207
col.site24x7rum.com/rum/data
200 OK 0 B URL HTTP/2 col.site24x7rum.com/rum/data
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rum/data HTTP/1.1
Host: col.site24x7rum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4343
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:31 GMT
content-type: application/json;charset=ISO-8859-1
content-length: 0
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-headers: request-id, request-context, Origin, Accept-Language
set-cookie: s247cname=2bce6a90-19cc-4bae-97a5-0f36e391c50f;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=2bce6a90-19cc-4bae-97a5-0f36e391c50f;path=/;SameSite=Strict;Secure;priority=high
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
vary: Origin
server: ZGS
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/55d645e05a891.jpg/1920x1080/fit;c:1010,1237,3841,2829/80/b2781d792dbba2b02768b3bb2d23e2fc.webp
200 OK 67 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/55d645e05a891.jpg/1920x1080/fit;c:1010,1237,3841,2829/80/b2781d792dbba2b02768b3bb2d23e2fc.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash df752d04c355ecaf0352d374239e2c4a
92d8579ec6a144bdc3eac0db20730796dcba3162
f359d6e057eab663bb67543ddce8d84836a193c2f28cbb4bdc739c22bf319eae
GET /loewshotels.com-2466770763/cms/cache/v2/55d645e05a891.jpg/1920x1080/fit;c:1010,1237,3841,2829/80/b2781d792dbba2b02768b3bb2d23e2fc.webp HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254|PC#9c0aa6c73865465e808eeba165a5f441.37_0#1726482194; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Sep+15+2022+10%3A23%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e8b2af6e-b83e-49ea-abf9-b79753a84168&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 67014
date: Thu, 15 Sep 2022 10:23:35 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Jun 2021 17:55:38 GMT
x-amz-version-id: gE6w_YRrZhFLXAIZjELAcouePtQpqyM2
etag: "df752d04c355ecaf0352d374239e2c4a"
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SHenmWkvaDSgEMP1-VwSN_p99fViaPamo67tF86fblhLqNtj-_t41A==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaa65c72-7c91-4c77-a8d5-ff1616735614.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaa65c72-7c91-4c77-a8d5-ff1616735614.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d3507225fbae159e0d4225dc60769af
2220cf9725452aa89070063038064596b03bb808
b19d7250778b93eed58347332f0fa8c2e4c8ca7a2b30e9d605d39d51e981255e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaa65c72-7c91-4c77-a8d5-ff1616735614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: a3fb26b2-9090-483d-9f41-ca3032b51262
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIQp3G_6oAMF5Jg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631994a5-300b56f13864ff1b16b85eb8;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:07:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: d33zVonEQST3V4997c3mKpqhIVtXgAMVzxbFArOQvC12sCGFrTAl8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:44:04 GMT
age: 45572
etag: "2220cf9725452aa89070063038064596b03bb808"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.loewshotels.com/account/authenticate?callback=jQuery1124019892201718374447_1663237393234&task=authenticate&_=1663237393235
200 OK 0 B URL HTTP/2 www.loewshotels.com/account/authenticate?callback=jQuery1124019892201718374447_1663237393234&task=authenticate&_=1663237393235
IP
GET /account/authenticate?callback=jQuery1124019892201718374447_1663237393234&task=authenticate&_=1663237393235 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254|PC#9c0aa6c73865465e808eeba165a5f441.37_0#1726482194; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393; _spe_v=2ef75279-1cf0-4825-9794-798d3726e1bc; _spe_s=606e21b2-2008-4ffd-97b5-1de5772aa045; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Sep+15+2022+10%3A23%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e8b2af6e-b83e-49ea-abf9-b79753a84168&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fventana-canyon%2Fdiscover%2Ftucson&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; sa-user-id=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95.zl0768zzkrdDjpS%252FQUFiMozx%252BwKFH3e4OpbYBV8I%252B7s; sa-user-id-v2=s%253A0-1e15ff19-14df-4967-507e-e5ec72c9db95%2524ip%252491.90.42.154.p2PFG6k%252F%252Fd0GjqQ45X07qDjd6V3bvwRSy19uMsC%252FiUQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:31 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
x-consent-required: 0
x-hebs-cache-status: miss
set-cookie: CendynCms7=hqmopjd3qs8pgla2f4mumb5juimqs3l6; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-49
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663066007/assets/desktop/images/sprite-2017.svg
200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/1663066007/assets/desktop/images/sprite-2017.svg
IP
GET /skins/loews/1663066007/assets/desktop/images/sprite-2017.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/skins/loews/1663066007/assets/desktop/styles/styles.min.css
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-79a5"
expires: Fri, 15 Sep 2023 10:23:28 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 68933005-48
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/ventana-canyon/discover/tucson
200 OK 0 B URL HTTP/2 www.loewshotels.com/ventana-canyon/discover/tucson
IP
GET /ventana-canyon/discover/tucson HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
x-consent-required: 0
x-hebs-cache-status: hit
cache-control: private, max-age=7200, must-revalidate, pre-check=30, post-check=30
pragma:
expires: Thu, 15 Sep 2022 11:23:20 GMT
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-40
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
personalization-engine.hebsdigital.com/js/tracker.js
200 OK 0 B URL HTTP/2 personalization-engine.hebsdigital.com/js/tracker.js
IP
GET /js/tracker.js HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/javascript
server: nginx
last-modified: Fri, 15 Jul 2022 10:15:07 GMT
vary: Accept-Encoding
etag: W/"62d13e2b-575f4"
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/wishyouwerehere.svg
200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/wishyouwerehere.svg
IP
GET /skins/loews/assets/desktop/images/wishyouwerehere.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Cookie: at_check=true; mbox=session#9c0aa6c73865465e808eeba165a5f441#1663239254; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70576","propertyName":"Loews Ventana Canyon Resort","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LVCR"}; _gcl_au=1.1.161380957.1663237393
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
vary: Accept-Encoding
etag: W/"6320592c-12c71"
expires: Fri, 15 Sep 2023 10:23:28 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-46
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663066007/assets/desktop/styles/styles.min.css
200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/1663066007/assets/desktop/styles/styles.min.css
IP
GET /skins/loews/1663066007/assets/desktop/styles/styles.min.css HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: text/css
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
vary: Accept-Encoding
etag: W/"6320592c-586da"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 69344480-42
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css
200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css
IP
GET /scripttemplates/6.21.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: text/css
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
last-modified: Fri, 23 Jul 2021 01:58:50 GMT
x-ms-request-id: fe52e056-501e-00c6-2d45-caa5da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74b0a5aeaf800af6-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
personalization-engine.hebsdigital.com/collect
200 OK 0 B URL HTTP/2 personalization-engine.hebsdigital.com/collect
IP
POST /collect HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 904
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:29 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: no-cache, private
access-control-allow-origin: https://www.loewshotels.com
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: XSRF-TOKEN=eyJpdiI6InJSdUdZNnNWOFlCWWxjMlNORDlVMkE9PSIsInZhbHVlIjoicXg1MDZpNlhjeFBDZVVyQmN0ZUZGN0RmYnJVd1A2OEYxMEZKUHo4Tmp4dElPWUNDWGYwMjhyOGJwQ0c5V1VvdyIsIm1hYyI6IjBiM2IzM2E5YTM4MTg3ZmQyNmZiZTM0NTdjNmVhNGU5Y2IwMTI1NzZiMDRiMTc2YzViZmE1YTVjMTAzOGM5YWIifQ%3D%3D; expires=Thu, 15-Sep-2022 12:23:29 GMT; Max-Age=7200; path=/
personalization_engine_session=eyJpdiI6IkF5azBYdnhJM2NOMmNORXNnMHZhSUE9PSIsInZhbHVlIjoiNTVJKys3Rk5wY2hIZ2ZZWDFhWTJUbks3VHVVVmRWYnpvVHdCT2x4VEZLTWFGSlwvT0d0bEpHUk5MMXdmZEdqanciLCJtYWMiOiIwZmQyMWM2MjA0YzMyNjhlMTcyMDI5MzM1MDVmNzAxNTkwOTUzYzdhMmEzMDliYWQzOGNiMmRkYzFmMDBmOTRiIn0%3D; expires=Thu, 15-Sep-2022 12:23:29 GMT; Max-Age=7200; path=/; httponly
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74b0a5ab2c721bfa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/scripts/mp_linkcode.js
200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/scripts/mp_linkcode.js
IP
GET /skins/loews/assets/desktop/scripts/mp_linkcode.js HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/ventana-canyon/discover/tucson
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:27 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-76d"
expires: Fri, 15 Sep 2023 10:23:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 68933005-44
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
personalization-engine.hebsdigital.com/iframe.js
200 OK 0 B URL HTTP/2 personalization-engine.hebsdigital.com/iframe.js
IP
GET /iframe.js HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://personalization-engine.hebsdigital.com/iframe.html?account=loewshotels
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 15 Sep 2022 10:23:28 GMT
content-type: application/javascript
server: nginx
last-modified: Fri, 15 Jul 2022 10:15:28 GMT
vary: Accept-Encoding
etag: W/"62d13e40-284d"
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
api.tintup.com/v1/feed/travelforreal?query=%2Blvcr&nocache=true&api_token=d3245f60af68c84b0c79fd2ea5247ec56b6cb2fa&callback=jQuery1124019892201718374447_1663237393229&_=1663237393230
400 Bad Request 0 B URL HTTP/2 api.tintup.com/v1/feed/travelforreal?query=%2Blvcr&nocache=true&api_token=d3245f60af68c84b0c79fd2ea5247ec56b6cb2fa&callback=jQuery1124019892201718374447_1663237393229&_=1663237393230
IP
GET /v1/feed/travelforreal?query=%2Blvcr&nocache=true&api_token=d3245f60af68c84b0c79fd2ea5247ec56b6cb2fa&callback=jQuery1124019892201718374447_1663237393229&_=1663237393230 HTTP/1.1
Host: api.tintup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: application/json; charset=utf-8
date: Thu, 15 Sep 2022 10:23:28 GMT
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'
x-request-id: 2323ae1a-36fd-48f6-ad39-07b8e4d88d4a
x-runtime: 0.009991
x-cache: Error from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nmeEoMqRMGeObt9QskxMuBUBEWadTG0d4c8CN9JNxSetot9X3b1V9g==
X-Firefox-Spdy: h2
54.167.48.133
104.18.19.126
23.36.76.226
93.184.220.29
54.76.106.219
185.89.211.12
151.101.85.230