firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 20:13:14 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ae3nJyrPFGJOfptxZlyP2RsPfP00xLrJ56YskZqmKlMXQp6FQO7M6g==
Age: 558
www.loewshotels.com/philadelphia-hotel/
3.208.32.228301 Moved Permanently 178 B URL HTTP/1.1 www.loewshotels.com/philadelphia-hotel/
IP 3.208.32.228:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /philadelphia-hotel/ HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Sep 2022 20:22:32 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Server: nginx
Location: https://www.loewshotels.com/philadelphia-hotel/
Access-Control-Allow-Origin: http://www.loewshotels.com
Access-Control-Allow-Methods: GET, POST
X-served-by: loewshotels-com-002
X-trace-id: 71233332-2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8300
Expires: Tue, 20 Sep 2022 22:40:52 GMT
Date: Tue, 20 Sep 2022 20:22:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dQcTo8gGWinb6KpAp8cG5780_7DnjfNI-2Rv9A0zhJX61tL0z44JAw==
age: 56840
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 20:22:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 884d47eaf0932577ce31100d8ee54722
14473dbac567ca0e531d3cda55a27a637ca006f8
e2294f22d4864f0dcf28e84fd57fc4a8c4d6fb65cd72888112ccdf981411a370
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:33 GMT
Server: ECS (amb/6B73)
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 20:03:22 GMT
Expires: Tue, 20 Sep 2022 20:31:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Fvwf_HCxCWX5OM9POqsucbAnoXmGVg_oK9lWFu2fuuYMkLOpmGutFw==
Age: 1151
www.loewshotels.com/philadelphia-hotel/
3.208.32.228301 Moved Permanently 178 B URL HTTP/2 www.loewshotels.com/philadelphia-hotel/
IP 3.208.32.228:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /philadelphia-hotel/ HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 20 Sep 2022 20:22:33 GMT
content-type: text/html
content-length: 178
location: https://www.loewshotels.com/philadelphia-hotel
server: nginx
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 71232622-96
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5071
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:33 GMT
Last-Modified: Tue, 20 Sep 2022 18:58:02 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
assets.adobedtm.com/launch-EN979d0cb11a7a4d40955d513a23c2dc63.min.js
23.38.200.237200 OK 123 kB URL HTTP/2 assets.adobedtm.com/launch-EN979d0cb11a7a4d40955d513a23c2dc63.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32766)
Size 123 kB (122691 bytes)
Hash 9e36267ecc57282d97f9a971e8adaf5c
ba52cd37352b7d1be76315a5807d45966ba9b21a
40eb1ae95dc703ad16358398d74286155facadb2fc12bef058629542bf5db3ac
GET /launch-EN979d0cb11a7a4d40955d513a23c2dc63.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "34abb0c7b34dae2dc5a8c17af9eae549:1660075971.768522"
last-modified: Tue, 09 Aug 2022 20:12:51 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 20 Sep 2022 21:22:33 GMT
date: Tue, 20 Sep 2022 20:22:33 GMT
content-length: 122691
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0e1f3d25194ffcf4cd8c1628e734fc69
9d03162b368cf976c80c9883241af54ecd10cdc1
5c62ad8cff6895d8474dc752a6c569fc17205a4a7618dc1e638a61c463de2a7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4408
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:33 GMT
Last-Modified: Tue, 20 Sep 2022 19:09:05 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
52.89.17.198101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.17.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tyS/+5kZmAK6Xy50LK8/DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fmRhJsh7A2qP+HXBob5Ay5E4jO0=
resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/embed.js
151.101.85.230200 OK 532 B URL HTTP/2 resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/embed.js
IP 151.101.85.230:0
File type ASCII text, with very long lines (594)
Hash d8a31cdcf1eeb4657fc699e616de9058
a767ca3f2a1ad54cb6810cf6259d5d9eedaec2f2
4eb28f289e9f46240e8f3cabcdb1d76ba8e9fc664bf10ced10a7c6850667c3f1
GET /wdcwest/175638/onsite/embed.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /Gj+fX7LfTUii5a15O3XyDfiuNiVpCY2+LP+qlTD3q8NNj7kGWoez9sMv/dyhWT0CNsugZ8Tcgk=
x-amz-request-id: HQ46M6PRPM1WQRZA
last-modified: Mon, 29 Aug 2022 11:06:33 GMT
etag: "eff639f9d4d70b7a0784fcf6e453cc1d"
x-amz-version-id: dwwh_aARpJDQit6c0aYvQaanSYP8o9JY
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
date: Tue, 20 Sep 2022 20:22:34 GMT
age: 633866
x-served-by: cache-sea4482-SEA, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663705354.031634,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 532
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32759)
Hash dbf589df4bd831d6548e8954e7556730
2bc550a57481a772c1a419541f1f79741e6cbf37
6abe28734929b843eb071472b578fc8d485465502bb3e4d94f11c589d747eb95
GET /extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "4635bffccc756e9a52eae8011adb9137:1629320641.842128"
last-modified: Wed, 18 Aug 2021 21:04:01 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 20 Sep 2022 21:22:34 GMT
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 12188
cache-control: no-cache
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3157)
Hash 9b757c8ddda8add3d5d64f334666ea2d
97bf9df06f87f16500c80f45f536dc0269a883f5
f8f4b02295fdbc463dad91d02f03af1b8bd9f5e6c15732845ecb210cab062485
GET /extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "8b210658d66894c896047ae490138f1c:1629320642.068491"
last-modified: Wed, 18 Aug 2021 21:04:02 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 20 Sep 2022 21:22:34 GMT
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 1593
cache-control: no-cache
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC7f72571ed4ab43ccaabc68c12ed1cd2a-source.min.js
23.38.200.237200 OK 577 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC7f72571ed4ab43ccaabc68c12ed1cd2a-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (766)
Hash 0c18d333f86273215ec94bb1772128c2
7739624c5be5326e84ca49b60956774647a70ae6
7d8ecb9f3d98fff053aa29b2bd18bdb7bed9a1166661e7d54ed10654df25b191
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC7f72571ed4ab43ccaabc68c12ed1cd2a-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 20 Sep 2022 21:22:34 GMT
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 577
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC06f399f63d0f4fd1bf4c207d6611c671-source.min.js
23.38.200.237200 OK 474 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC06f399f63d0f4fd1bf4c207d6611c671-source.min.js
IP 23.38.200.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (674)
Hash d4c8c2e1571aa02dacba262d785d76a8
51d4953722eb1dd48f1ff052327bf9e1d44044db
1c097e7eace56d8dbe18ed7950d657f454b38878b6939427bc2fec0a253bbc5b
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC06f399f63d0f4fd1bf4c207d6611c671-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 20 Sep 2022 21:22:34 GMT
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 474
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC92fd31a67912419fa60c658ac0e31179-source.min.js
23.38.200.237200 OK 384 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC92fd31a67912419fa60c658ac0e31179-source.min.js
IP 23.38.200.237:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (488)
Hash 9ad9d55fffac2955e7519da683d52b7f
9cd89a6a6ecf9b4c28f993fb4979f9d26d68e9ba
998ef4d97b36ba83b2a4560552534f499487763329e15f1f1604a756ad364e48
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC92fd31a67912419fa60c658ac0e31179-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 20 Sep 2022 21:22:34 GMT
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 384
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json
104.16.148.64200 OK 1.6 kB URL HTTP/2 cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (4014), with no line terminators
Hash c3661adafdead21af6f3cb37557c1d2f
c6fd33c5256bae79ef64a932409efdb66ace4cdb
e248a5f384cf011640743616435b64388dae2c19cbb0050ae896b4a2abf3a184
GET /consent/0a9765e3-a574-41b5-a49b-d12291495d13/0a9765e3-a574-41b5-a49b-d12291495d13.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/x-javascript
content-length: 1575
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: w2Ya2v3q0hr288s3VXwdLw==
last-modified: Wed, 20 Jul 2022 11:48:09 GMT
etag: 0x8DA6A45B7FCC495
x-ms-request-id: 17ab4307-301e-0137-783f-9c321c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 4409
expires: Wed, 21 Sep 2022 00:22:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74dd461f6b30b4f9-OSL
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/60143db113205.png/94x94/fit;c:74,0,204,130/80/dfab166cc2b24481b7378b87762cffdb.png
143.204.55.119200 OK 3.4 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/60143db113205.png/94x94/fit;c:74,0,204,130/80/dfab166cc2b24481b7378b87762cffdb.png
IP 143.204.55.119:0
File type PNG image data, 94 x 94, 8-bit gray+alpha, interlaced\012- data
Hash 145e6f2aa1956a2e7ff840d49107cc62
3e5461b71617b2e3aac13768fd0dd91cc94dc05b
264fc9d9c88439feb00314041c48106b7885cf04c019ab15e93bee95aea4decb
GET /loewshotels.com-2466770763/cms/cache/v2/60143db113205.png/94x94/fit;c:74,0,204,130/80/dfab166cc2b24481b7378b87762cffdb.png HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/png
content-length: 3405
date: Tue, 23 Aug 2022 08:46:19 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 29 Jan 2021 16:58:10 GMT
x-amz-version-id: Aia95uAfCSC4wsnGBNGUWHY0gKFJELkg
etag: "145e6f2aa1956a2e7ff840d49107cc62"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sVCZlE9Y4wkdHEeNw72DjlaLl4Pl6WR2DTYxeDgF5lUIwzHxKbjOpw==
age: 2460976
X-Firefox-Spdy: h2
cdn.auth0.com/js/auth0/9.10/auth0.min.js
54.230.82.48200 OK 37 kB URL HTTP/2 cdn.auth0.com/js/auth0/9.10/auth0.min.js
IP 54.230.82.48:0
File type ASCII text, with very long lines (65454)
Hash d01d42b638183dd303ea95cec19b978e
ad91ebee29a257f1aa192344e7ef34e86ed1870e
f8d22a3781af0f88578195cb01551ffcdef3b6a279d7d168b679a4867e7c931a
GET /js/auth0/9.10/auth0.min.js HTTP/1.1
Host: cdn.auth0.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Fri, 05 Jul 2019 14:01:39 GMT
x-amz-version-id: N4bT7uXCdMCtwWdt976B9W_2.xmJUGxV
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Sep 2022 18:15:53 GMT
cache-control: max-age=10800,public
etag: W/"f0de5080963d571b87bc461bcd29a1f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l8o31RZ0_xEIK_FB1c8Wzr5gTVVuciG85Tja0QZ8tw7cP0Jw166rIw==
age: 7602
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/logo-on-photo.png
3.208.32.228200 OK 15 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/logo-on-photo.png
IP 3.208.32.228:0
File type PNG image data, 324 x 322, 8-bit colormap, non-interlaced\012- data
Hash 6585f71cbb54e316782291d91c5e26d1
7b8f20d4baa353bb7a8365719dcfb92fa5db5b72
55165f60ac3a33378060e8e676c2af77a86ba1c6b6ac7ebeaf6288997caa05f1
GET /skins/loews/assets/desktop/images/logo-on-photo.png HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: image/png
content-length: 14581
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-38f5"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 71232622-99
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC4661b9690b2643e38bd72208a13cbedd-source.min.js
23.38.200.237200 OK 333 B URL HTTP/2 assets.adobedtm.com/bb2c8619dc8e/b7239a326034/90df0499fdb1/RC4661b9690b2643e38bd72208a13cbedd-source.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (435)
Hash 91ae6bfa3a7937e8120af73e354d9e75
dc8045abf08c8bac41791a74ef25bb4c384e46c9
51809d27b079a92ad5ece1c1dcdd8e0d3cd038784a7f81c1a82c48857912d1c1
GET /bb2c8619dc8e/b7239a326034/90df0499fdb1/RC4661b9690b2643e38bd72208a13cbedd-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d2b21303b967d60fe2f38818f3e012cf:1660075972.912339"
last-modified: Tue, 09 Aug 2022 20:12:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 20 Sep 2022 21:22:34 GMT
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 333
access-control-allow-origin: https://www.loewshotels.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 27b68162c75bebb4dacf518c46e974d5
99abc7e3e02891bec5de3dda3cb18a6f865f82bc
93415a1ed398b656767f092c53ca274ad9ae9c8cb0672831fa3c4ab275f994d1
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 20 Sep 2022 20:22:34 GMT
date: Tue, 20 Sep 2022 20:22:34 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 718321ec26fdf9b73cdbf12da9797ab9
dd711fb7115c995e9bf57894a49e9b30424df515
278180046ea2fb50fd49799d960e249e9e2be6ffe12ddb27fa26a678bdbd1dbc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4671
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Last-Modified: Tue, 20 Sep 2022 19:04:43 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 718321ec26fdf9b73cdbf12da9797ab9
dd711fb7115c995e9bf57894a49e9b30424df515
278180046ea2fb50fd49799d960e249e9e2be6ffe12ddb27fa26a678bdbd1dbc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4671
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Last-Modified: Tue, 20 Sep 2022 19:04:43 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-9408590
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9408590
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 1ac366a1193cec05ea7f9efbf7418b23
c7d14a7cf9a7e67b8fc4bc07e06e269a801f8a6b
2c34ec350c9ebb758abb08bad877cef797d4a5dfdb5f9ea4ca97793a5b9f18a1
GET /gtag/js?id=DC-9408590 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 20:22:34 GMT
expires: Tue, 20 Sep 2022 20:22:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 19:54:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tripadvisor.com/img/cdsi/img2/awards/v2/tchotel_2020_L-14348-2.png
23.38.201.85200 OK 7.8 kB URL HTTP/2 www.tripadvisor.com/img/cdsi/img2/awards/v2/tchotel_2020_L-14348-2.png
IP 23.38.201.85:0
File type PNG image data, 150 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9776c446861de4448c98fe99c82401bb
68e44678044af8b2ba3acaca284bbac39e428172
f5405ddf7aa24fc51baba960eb6bef9af5df576b87e04ba038d6853ea3a72944
GET /img/cdsi/img2/awards/v2/tchotel_2020_L-14348-2.png HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Wed, 21 Sep 2022 08:22:34 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/png
content-length: 7840
date: Tue, 20 Sep 2022 20:22:34 GMT
set-cookie: TADCID=gcj5TiOKKCzOVoftABQCFdpBzzOuRA-9xvCxaMyI13BT85brXvIL7J-D6pfY5QclDMrzsbH_wsJLjE1bJO_vuIxAM4GVihKQGyM; Domain=www.tripadvisor.com; Expires=Fri, 17-Sep-2032 20:22:34 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AuDVedQjmD2%2Fk7nWhzVPS6vln53cgl0ayFYYAla0et0M2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Thu, 19-Sep-2024 20:22:34 GMT; Path=/; HttpOnly
__vt=EITJO_VzBqzwoJM9ABQCIf6-ytF7QiW7ovfhqc-AvSAxk6cbmW9bUihIst2Ms6W_uT92mDEjy7UPVeazbux85NCsvyg70dvL5Nk1NCzuUjT3Xj9jWa0Yk35Fl_kyooxykzrhRMpeOz6mWRvY2DHTE2WxmE0; Domain=www.tripadvisor.com; Expires=Tue, 20-Sep-2022 21:22:34 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.4F4ED046221B14B940B8D9B0373E50C7*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com; Path=/
ServerPool=X; Domain=.tripadvisor.com; Path=/
TACds=A.1.14348.2.2022-09-20; Domain=.tripadvisor.com; Expires=Sat, 19-Nov-2022 20:22:34 GMT; Path=/
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 37c59523e80f1b781e310f70d03b6f8d
855fcc527055ac0ecb4e33ed07ee1d61f05c0c2e
45ec02098ea4cca95fdf1a662710e42b722caf6619222edda24a0056bf3edc4a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:34 GMT
Last-Modified: Tue, 20 Sep 2022 19:35:00 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 22m91ai6cVEKojmDGEKwXUf7BM0R5u3KC83_KQu4UpbEgKqYR3ofRw==
Age: 2854
alive5.com/js/a5app.js
54.230.111.84200 OK 3.9 kB IP 54.230.111.84:0
File type ASCII text, with very long lines (6468)
Hash 75a6975d1c0787404531026adb6dcc4a
4fb52a9216e6ecdb6ed65b4732f4934abebc1548
c0c6bd094b6b1ec6fd3fea3f364634c17ec8cd9ec836cd57f25238678dee7eea
GET /js/a5app.js HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 3948
last-modified: Fri, 19 Aug 2022 05:05:29 GMT
content-encoding: gzip
x-amz-version-id: 3qtZkuPKg_eKDYFlAi.PEWNRN6rUeiXN
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Mon, 19 Sep 2022 22:07:29 GMT
etag: "75a6975d1c0787404531026adb6dcc4a"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m0vnEyMO_PMriWyrWc0WHnXg9IU-5RIdYT3tFVChCEN_cmfXfec2-A==
age: 80442
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/5e2b1b7eb8cd0.jpg/1920x1080/fit;c:0,181,2049,1333/80/6cca52d88d7ebaaa530b2ff4ca336aa4.webp
143.204.55.119200 OK 290 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/5e2b1b7eb8cd0.jpg/1920x1080/fit;c:0,181,2049,1333/80/6cca52d88d7ebaaa530b2ff4ca336aa4.webp
IP 143.204.55.119:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 290 kB (289698 bytes)
Hash d291a4dcd766bb74a93dbe494956ee10
1413db4af6ae4bf2e644217153138d57df3673f4
4ac6945d022252ff58c2d35013c6d8268618acc18a6441c9864e41d60e6c918c
GET /loewshotels.com-2466770763/cms/cache/v2/5e2b1b7eb8cd0.jpg/1920x1080/fit;c:0,181,2049,1333/80/6cca52d88d7ebaaa530b2ff4ca336aa4.webp HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 289698
date: Mon, 25 Jul 2022 13:35:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Nov 2021 17:22:43 GMT
x-amz-version-id: tzS8Heiup_XOwrJEBotovel_d_bKvJfl
etag: "d291a4dcd766bb74a93dbe494956ee10"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W5hc_BAnw6IFqkd6RsnhkqjtPgTlME_67UkvRpsdkUdcyQUNj4ztIQ==
age: 4949228
X-Firefox-Spdy: h2
alive5.com/js/widget-min.js?s=1660885508779
54.230.111.84200 OK 11 kB URL HTTP/2 alive5.com/js/widget-min.js?s=1660885508779
IP 54.230.111.84:0
File type ASCII text, with very long lines (14435)
Hash f7ddd8b2cb7c201a856bb1f218e8c623
3d055ff01de94dfc4ee441c94ed90bf32ed71a41
2f267bba836640087c24bb1049b48ab1bf7dc3ef94d1d341d04d2e7a23cecf1f
GET /js/widget-min.js?s=1660885508779 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 11426
last-modified: Fri, 19 Aug 2022 05:05:29 GMT
content-encoding: gzip
x-amz-version-id: OzKg9aIfjM7gOvH4Hz8t2qJzyjG_L9Ej
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 20 Sep 2022 04:19:11 GMT
etag: "f7ddd8b2cb7c201a856bb1f218e8c623"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ThRPxXWTUyGXMmynxO4QaX0MDIdwfhfY7zFrk1fyS6an_RYzCz4WoA==
age: 61999
X-Firefox-Spdy: h2
loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=c2fdf4166a1d4312a48006d8430a0708&mboxPC=&mboxPage=af2b5ea4f2b34e1087e4464629219a01&mboxRid=0576879fda9a403c9b6581511096f34e&mboxVersion=1.8.2&mboxCount=1&mboxTime=1663705354144&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Philadelphia%20Hotel%20-%20Hotel%20Home&mboxMCSDID=77BD71678D1B8AFE-109AC6AC6375B181
54.171.157.152200 OK 96 B URL HTTP/2 loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=c2fdf4166a1d4312a48006d8430a0708&mboxPC=&mboxPage=af2b5ea4f2b34e1087e4464629219a01&mboxRid=0576879fda9a403c9b6581511096f34e&mboxVersion=1.8.2&mboxCount=1&mboxTime=1663705354144&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Philadelphia%20Hotel%20-%20Hotel%20Home&mboxMCSDID=77BD71678D1B8AFE-109AC6AC6375B181
IP 54.171.157.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e3ab625573fded01a1007f1b10ce6f72
54fe6d55acc7fe9a3bf0cc7d511bb347707a7702
effb33f1ccbbaab62bf58faa5be555e916f56f676237e09b7f9a5ee89e2fcc97
GET /m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=c2fdf4166a1d4312a48006d8430a0708&mboxPC=&mboxPage=af2b5ea4f2b34e1087e4464629219a01&mboxRid=0576879fda9a403c9b6581511096f34e&mboxVersion=1.8.2&mboxCount=1&mboxTime=1663705354144&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Philadelphia%20Hotel%20-%20Hotel%20Home&mboxMCSDID=77BD71678D1B8AFE-109AC6AC6375B181 HTTP/1.1
Host: loewshotels.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-credentials: true
x-request-id: 0576879fda9a403c9b6581511096f34e
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
set-cookie: loewshotels!mboxSession=c2fdf4166a1d4312a48006d8430a0708; Max-Age=1860; Expires=Tue, 20-Sep-2022 20:53:34 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
loewshotels!mboxPC=c2fdf4166a1d4312a48006d8430a0708.37_0; Max-Age=63244800; Expires=Sat, 21-Sep-2024 20:22:34 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=c2fdf4166a1d4312a48006d8430a0708&mboxPC=&mboxPage=af2b5ea4f2b34e1087e4464629219a01&mboxRid=453504ae6f1b490285ba41c500d0c9ed&mboxVersion=1.8.2&mboxCount=2&mboxTime=1663705354165&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Philadelphia%20Hotel%20-%20Hotel%20Home&step=Product%20Viewed&propertyID=lphl&mboxMCSDID=4772AA3169B6CDEC-3058DB761DC97EAD
54.171.157.152200 OK 96 B URL HTTP/2 loewshotels.tt.omtrdc.net/m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=c2fdf4166a1d4312a48006d8430a0708&mboxPC=&mboxPage=af2b5ea4f2b34e1087e4464629219a01&mboxRid=453504ae6f1b490285ba41c500d0c9ed&mboxVersion=1.8.2&mboxCount=2&mboxTime=1663705354165&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Philadelphia%20Hotel%20-%20Hotel%20Home&step=Product%20Viewed&propertyID=lphl&mboxMCSDID=4772AA3169B6CDEC-3058DB761DC97EAD
IP 54.171.157.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e3ab625573fded01a1007f1b10ce6f72
54fe6d55acc7fe9a3bf0cc7d511bb347707a7702
effb33f1ccbbaab62bf58faa5be555e916f56f676237e09b7f9a5ee89e2fcc97
GET /m2/loewshotels/mbox/json?mbox=target-global-mbox&mboxSession=c2fdf4166a1d4312a48006d8430a0708&mboxPC=&mboxPage=af2b5ea4f2b34e1087e4464629219a01&mboxRid=453504ae6f1b490285ba41c500d0c9ed&mboxVersion=1.8.2&mboxCount=2&mboxTime=1663705354165&mboxHost=www.loewshotels.com&mboxURL=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&mboxReferrer=&mboxXDomain=enabled&browserHeight=939&browserWidth=1268&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&Page%20Name=Loews%20Hotels%20%2F%20Loews%20Philadelphia%20Hotel%20-%20Hotel%20Home&step=Product%20Viewed&propertyID=lphl&mboxMCSDID=4772AA3169B6CDEC-3058DB761DC97EAD HTTP/1.1
Host: loewshotels.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-credentials: true
x-request-id: 453504ae6f1b490285ba41c500d0c9ed
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
set-cookie: loewshotels!mboxSession=c2fdf4166a1d4312a48006d8430a0708; Max-Age=1860; Expires=Tue, 20-Sep-2022 20:53:34 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
loewshotels!mboxPC=c2fdf4166a1d4312a48006d8430a0708.37_0; Max-Age=63244800; Expires=Sat, 21-Sep-2024 20:22:34 GMT; Domain=loewshotels.tt.omtrdc.net; Path=/; Secure; HttpOnly; SameSite=None
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2932be06edadc229a45c47a5628f083a
8e2898e748d6852042bb80ca0d85c05cfbc5e429
227ccb9364057084d28f7f2fe153996ba9fb90da37b40a8b527d5488d916ee63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1182
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Last-Modified: Tue, 20 Sep 2022 20:02:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
alive5.com/css/widget.bundle.css
54.230.111.84200 OK 5.0 kB URL HTTP/2 alive5.com/css/widget.bundle.css
IP 54.230.111.84:0
File type ASCII text, with very long lines (29776)
Hash efa7bbc2b596ff511cac4660dd73afe6
157de11705d437da41bf1ce81843578ec64a30f4
fba229087784d983c1e082558bbb2635bcebc42af3e6e0a926673f75d9049c2f
GET /css/widget.bundle.css HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 5020
last-modified: Fri, 19 Aug 2022 05:05:30 GMT
content-encoding: gzip
x-amz-version-id: SO5LECqduj3Z9oBO7TIPjRklgGkc9QFK
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 20 Sep 2022 04:38:02 GMT
etag: "efa7bbc2b596ff511cac4660dd73afe6"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UD-x0r6pFMmanASJqN0FDmfwGSiWYMZo7ZjyZr_hqMRg2encY7IsA==
age: 58432
X-Firefox-Spdy: h2
www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=560&locationId=219486&lang=en_US&year=2020&display_version=2
151.101.86.83301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=560&locationId=219486&lang=en_US&year=2020&display_version=2
IP 151.101.86.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=certificateOfExcellence&uniq=560&locationId=219486&lang=en_US&year=2020&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=560&locationId=219486&lang=en_US&year=2020&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
accept-ranges: bytes
date: Tue, 20 Sep 2022 20:22:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663705354.200906,VS0,VE200
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 67c18ad7dc09ca9faff7d71f0489be90
33f16fb266d9c45fad064ac44cffa174b67b3536
52aa30001c0ac6c0880be484066980a7b6d26a572bcdb88c50bccda30da88bad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3823
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Last-Modified: Tue, 20 Sep 2022 19:18:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 565f47fe0f64fd7131149ea54faa34b8
36614ee1f1043d4526ae6e3f5c79173fa3db11a8
339b968a6c64d19b1302fb61054c01a799c5aacdd6f0c8846449ac5952483f0d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:34 GMT
Last-Modified: Tue, 20 Sep 2022 20:01:56 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YmCS4DPc1_WoAREFMPdAUaPVgmKe_z1zl5nxZUBMetywJnAf-r5RjQ==
Age: 1238
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-thin.woff2
3.208.32.228200 OK 24 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-thin.woff2
IP 3.208.32.228:0
File type Web Open Font Format (Version 2), TrueType, length 24400, version 5.65\012- data
Hash da07b8d83b528214daca256bf3954226
5b4af80232dfa3b139fa604a2db07e47e0f88d16
d6a9cd75e985cfb2c6014f6f6c923f6345cb56764fc01ff174a02e47de4f5081
GET /skins/loews/assets/desktop/fonts/gt-america-extended-thin.woff2 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/octet-stream
content-length: 24400
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
etag: "63205932-5f50"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
104.16.148.64200 OK 76 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/otBannerSdk.js
IP 104.16.148.64:0
File type ASCII text, with very long lines (65455)
Hash a4618cb4837ace59d6e796c6375344df
be7c1789ab600623f0ecd468a89aeb852f002ea2
c0e1bed7a1ae97342732651c422512f10d708f1722f1c683ebf33247d5a0414d
GET /scripttemplates/6.21.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/javascript
content-length: 75797
content-encoding: gzip
content-md5: pGGMtIN6zlnW55bGN1NE3w==
last-modified: Fri, 23 Jul 2021 01:58:45 GMT
etag: 0x8D94D7D67DF8167
x-ms-request-id: 291e792a-e01e-00b9-2e6c-c43be8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 29103292
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74dd4621bef70b49-OSL
X-Firefox-Spdy: h2
loewshotels.mpeasylink.com/mpel/mpel.js
54.175.77.159200 1.7 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel.js
IP 54.175.77.159:0
File type ASCII text, with very long lines (515)
Hash 6fdd7985388a9a91f458c96ece692409
c655f98e175824e81802934d717e0607b25d906f
17936884b849d8d2f051fa0b88d5cb58466d78931b687900b1b90aecde32d977
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel.js HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Tue, 20 Sep 2022 20:22:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"5096-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
Cache-Control: max-age=86400
Expires: Wed, 21 Sep 2022 20:22:34 GMT
vary: accept-encoding
Content-Encoding: gzip
www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-medium.woff2
3.208.32.228200 OK 25 kB URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-medium.woff2
IP 3.208.32.228:0
File type Web Open Font Format (Version 2), TrueType, length 25096, version 5.65\012- data
Hash f411df658a483908abd1ac1cde89131e
b47fc8c02bd5562f41f0e660de7362c85310eac5
5d94d1f6dc53064b7da949ec42c15f4211a5894b7becdca7d801040d3af45b5f
GET /skins/loews/assets/desktop/fonts/gt-america-extended-medium.woff2 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/octet-stream
content-length: 25096
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-6208"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=560&locationId=219486&lang=en_US&year=2020&display_version=2
23.38.201.85200 OK 250 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=560&locationId=219486&lang=en_US&year=2020&display_version=2
IP 23.38.201.85:0
Hash 80a11add210f9c58f773c088ed912b9b
b6b37ec10377d889394e57b6761e1a0fe394e764
cbaebe97a31887b8095e327d3b8f9668113799536c913741ac75baa27ddc025a
GET /wejs?wtype=certificateOfExcellence&uniq=560&locationId=219486&lang=en_US&year=2020&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
content-encoding: gzip
content-length: 250
date: Tue, 20 Sep 2022 20:22:34 GMT
set-cookie: TADCID=MGC-8x057kDzwJXyABQCFdpBzzOuRA-9xvCxaMyI13BT8wZg5sPjRkYUX4jNbvVLHwLfhJyAhN8A4-m0janvmyOA3qaSC0ozqmM; Domain=www.tripadvisor.com; Expires=Fri, 17-Sep-2032 20:22:34 GMT; Path=/; Secure; HttpOnly
__vt=THKpbPd33S1WYF-xABQCIf6-ytF7QiW7ovfhqc-AvSAxk9laDeMfiIQTYgVnu5K5Fs_gSSjZ2Ynl93nmpQfoUhjIKnz7thhXLoL8sddab55v3Nbl9bTBekotkMZUl1pmemXL0oQg6HbFzu2-eJWrpt7Nmec; Domain=www.tripadvisor.com; Expires=Tue, 20-Sep-2022 21:22:34 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash c7bc224a4dfcab4db47edacbdf61316c
dce5e84cfdcd18523c06cc7ad366c8537a469012
6869c08b759a4815dead785d4d0091eecc29154734164674f9f3d35b3c780162
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:34 GMT
Last-Modified: Tue, 20 Sep 2022 18:35:07 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MvbhQb3_DSuyPxFhRvvn4WLmewmPWzSesgRaggydc8DUXcH_mCayjw==
Age: 6447
cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json
104.16.148.64200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json
IP 104.16.148.64:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65518), with no line terminators
Hash 5101b1f7fd74a94b30ebed5d1535e061
f8ec7932802807b387b3c929f7aac946007baac1
7dc77661a45c42536c398ffc2f5e3b84a4cbba8c6d5205bda6db7975082a6765
GET /consent/0a9765e3-a574-41b5-a49b-d12291495d13/5b2c575a-1663-41bc-9694-98b8ffccfa85/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/x-javascript
content-length: 17587
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: UQGx9/10qUsw6+1dFTXgYQ==
last-modified: Wed, 20 Jul 2022 11:48:25 GMT
etag: 0x8DA6A45C10A8EBD
x-ms-request-id: 43c9b206-a01e-00f1-4832-9c0975000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 4409
expires: Wed, 21 Sep 2022 00:22:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74dd46231ff2b4f9-OSL
X-Firefox-Spdy: h2
beacon.lynx.cognitivlabs.com/container/conv/v2?LoewsHotels_Philadelphia_LandingPage
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/container/conv/v2?LoewsHotels_Philadelphia_LandingPage
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /container/conv/v2?LoewsHotels_Philadelphia_LandingPage HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:34 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://beacon.lynx.cognitivlabs.com/container/conv/v2?tags=LoewsHotels_Philadelphia_LandingPage&rf=1
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:34 GMT; path=/; secure; samesite=none
static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=590de45c0ededa2bd3ccad81819ddfc4
54.230.111.14200 OK 22 kB URL HTTP/1.1 static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=590de45c0ededa2bd3ccad81819ddfc4
IP 54.230.111.14:0
File type ASCII text, with very long lines (32144)
Hash 3e83fbf8cc9d44b7761a2c1f7a88e40d
fb08e8ebe68f7ec8361c25ee91b2b5d5f04bdb94
4e59f53d5663a827627dc72b37a769a10f492db7aa59101585479fcf5b3ddf2a
GET /beacon/site24x7rum-min.js?appKey=590de45c0ededa2bd3ccad81819ddfc4 HTTP/1.1
Host: static.site24x7rum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 20 Sep 2022 17:57:15 GMT
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Server: ZGS
Vary: accept-encoding
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: htM6TwzsEusK10oiLiAShYzMOo7SfSpOvX9-r-zwdu9K6PfwpdNgoA==
Age: 8719
www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2020&locationId=219486&display_version=2&uniq=560&lang=en_US
23.38.201.85200 OK 3.1 kB URL HTTP/2 www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2020&locationId=219486&display_version=2&uniq=560&lang=en_US
IP 23.38.201.85:0
File type ASCII text, with very long lines (304)
Hash e525181ce403e55974bd363eba8f9baf
aa0e03a4409ac2a8ab6b281c4af62d016b455d04
014182a91e2b8e750d6bbc9edb8cc8165432b0a73740897f6d09aefce1766e56
GET /WidgetEmbed-certificateOfExcellence?year=2020&locationId=219486&display_version=2&uniq=560&lang=en_US HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
vary: User-Agent,Accept-Encoding
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
content-length: 3141
date: Tue, 20 Sep 2022 20:22:34 GMT
set-cookie: TADCID=4M1HAOf56vdVTfyPABQCFdpBzzOuRA-9xvCxaMyI13BT8wccgwyMNuhl1eOyfTSmTO5hVveTl5d9BgKrsOtuOdK_phz8WbqTYcw; Domain=www.tripadvisor.com; Expires=Fri, 17-Sep-2032 20:22:34 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3A5Wf1UBvRdL%2Fk7nWhzVPS6vln53cgl0aypcFjyxrr5oo2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Thu, 19-Sep-2024 20:22:34 GMT; Path=/; HttpOnly
__vt=2_nLbCLA2UY1_Xz9ABQCIf6-ytF7QiW7ovfhqc-AvSAxk6KBw13K7EDzvCfUx_kY7Tpnqc62eCo5edbdw3hY6kB97sv_70ZjUXznQdgoqPtsUX2Ys2xvLzMcn6_0bAZnm1KjtPdx5SGKmUh9teY59PRF0Q; Domain=www.tripadvisor.com; Expires=Tue, 20-Sep-2022 21:22:34 GMT; Path=/; Secure; HttpOnly
TASSK=enc%3AANqSKWNMHMPilQW67lf21AKOLUtsYRk2SvDY%2FeTIJ3u4HcJn%2FvdCRa4LWQz%2F7UdTnMo9rzjVsZoaIVIY6H6SoBxWWG3wxJ7%2BldY3%2F6puGJJIWxzZ1bJju%2FhY0ePUAvIdYg%3D%3D; Domain=www.tripadvisor.com; Expires=Sun, 19-Mar-2023 20:22:34 GMT; Path=/; HttpOnly
TASession=V2ID.C0E619007E53454CBB661054CB302AE8*SQ.1*LS.WidgetEmbed-certificateOfExcellence*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*DF.0*TRA.true; Domain=.tripadvisor.com; Path=/
SRT=TART_SYNC; Domain=www.tripadvisor.com; Expires=Tue, 20-Sep-2022 20:52:34 GMT; Path=/
ServerPool=C; Domain=.tripadvisor.com; Path=/
PMC=V2*MS.45*MD.20220920*LD.20220920; Domain=www.tripadvisor.com; Expires=Thu, 19-Sep-2024 20:22:34 GMT; Path=/; Secure; HttpOnly
TART=%1%enc%3A5O51oc1T0upx%2FX60mRZmNmETCB8XP5pPRH8YHIgdz3jblzZWJSxOTYIpw%2B7DUYqVZQnMIP2Q3mY%3D; Domain=www.tripadvisor.com; Expires=Sun, 25-Sep-2022 20:22:34 GMT; Path=/; HttpOnly
TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RS.1; Domain=.tripadvisor.com; Expires=Tue, 04-Oct-2022 20:22:34 GMT; Path=/
TAUD=RDD-1663705354834-2022_09_20; Domain=.tripadvisor.com; Expires=Tue, 04-Oct-2022 20:22:34 GMT; Path=/
TASID=C0E619007E53454CBB661054CB302AE8; Domain=www.tripadvisor.com; Expires=Tue, 20-Sep-2022 20:52:34 GMT; Path=/; Secure
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/5e2b1b7eb8cd0.jpg/1920x1080/fit;c:0,181,2049,1333/80/5faef695052edf82c48203fee4a4e800.jpg
143.204.55.119200 OK 379 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/5e2b1b7eb8cd0.jpg/1920x1080/fit;c:0,181,2049,1333/80/5faef695052edf82c48203fee4a4e800.jpg
IP 143.204.55.119:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 379 kB (378914 bytes)
Hash 0b74dddb2c7a31b9d24de70feecc0e9e
0ea9b254aca1bc36fd99e754d3ef467dbcfcd395
c447fca1ec7abbcbf067c4d4dbc4db3591be091ebb661683d65955329f9ef37a
GET /loewshotels.com-2466770763/cms/cache/v2/5e2b1b7eb8cd0.jpg/1920x1080/fit;c:0,181,2049,1333/80/5faef695052edf82c48203fee4a4e800.jpg HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215|PC#c2fdf4166a1d4312a48006d8430a0708.37_0#1726950155; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}; _gcl_au=1.1.576332580.1663705354
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 378914
date: Wed, 07 Sep 2022 09:33:39 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 05 Nov 2021 21:50:30 GMT
x-amz-version-id: eTDqQlWo1CFi40QMyPqRORkSaBem2M4K
etag: "0b74dddb2c7a31b9d24de70feecc0e9e"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PDEqJjrrq33g2ClfbBms1nC0NiC7d77VN4aoRll458HOUtrw5sWy-A==
age: 1162136
X-Firefox-Spdy: h2
loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel
54.175.77.159200 1.2 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel
IP 54.175.77.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=getpref&href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Tue, 20 Sep 2022 20:22:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
vary: accept-encoding
Content-Encoding: gzip
api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=5f37739d-58b6-4465-8ccb-8f35bf4f595f
3.221.66.24200 OK 2.2 kB URL HTTP/2 api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=5f37739d-58b6-4465-8ccb-8f35bf4f595f
IP 3.221.66.24:0
File type JSON data\012- HTML document, ASCII text, with very long lines (4729)
Hash 178645c923fb80e888d8dc5253e917a0
f84a04a1eddda8aec41aafd5e5933aa2d893c1de
2e43058c9a866bd3c442295569c422f31ef539a16509bb339c6400eabe6ac4dc
GET /1.0/widget-code/get-by-widget-id?id=5f37739d-58b6-4465-8ccb-8f35bf4f595f HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/json; charset=utf-8
set-cookie: AWSALB=vq9jK4uY1e+m0OeeKszM5rnhnktCalBU0q/09w8H7p6RQtiCh0s+neIMQKgHIwpCRgHvwn6O8byssOBVU2F3tZkH+dh3thkPWj7cKP+6h/hIsAwTlfkfgl5B7nqh; Expires=Tue, 27 Sep 2022 20:22:34 GMT; Path=/
AWSALBCORS=vq9jK4uY1e+m0OeeKszM5rnhnktCalBU0q/09w8H7p6RQtiCh0s+neIMQKgHIwpCRgHvwn6O8byssOBVU2F3tZkH+dh3thkPWj7cKP+6h/hIsAwTlfkfgl5B7nqh; Expires=Tue, 27 Sep 2022 20:22:34 GMT; Path=/; SameSite=None; Secure
server: nginx
access-control-allow-origin: https://www.loewshotels.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-expose-headers: Authorization,X-A5-APIKEY
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/"c20-gQQ7SPIOiDq1+yPAMJAwp84NtXo"
content-encoding: gzip
X-Firefox-Spdy: h2
static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
151.101.86.83200 OK 2.2 kB URL HTTP/2 static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
IP 151.101.86.83:0
File type ASCII text, with very long lines (6571)
Hash 4df97c71c0b059080555a2d12dd8e769
3f2472e3e0400c043ee87d5d6bdcf01a451f1d0b
ef7a258d3f3f2e2cf19cf7813da71cff460dd4bf0d9d76052295c67f9d0e27c4
GET /css2/build/concat/t4b_widget_coe-v2381509749a.css HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Mon, 18 Apr 2022 09:29:22 GMT
cache-control: max-age=31536000, immutable
expires: Wed, 03 May 2023 02:56:27 GMT
content-encoding: gzip
timing-allow-origin: *
access-control-allow-origin: *
content-type: text/css
accept-ranges: bytes
date: Tue, 20 Sep 2022 20:22:35 GMT
via: 1.1 varnish
age: 12158768
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 318
x-timer: S1663705355.033908,VS0,VE0
vary: Accept-Encoding
content-length: 2172
X-Firefox-Spdy: h2
beacon.lynx.cognitivlabs.com/container/conv/v2?tags=LoewsHotels_Philadelphia_LandingPage&rf=1
52.44.159.100200 OK 2.1 kB URL HTTP/1.1 beacon.lynx.cognitivlabs.com/container/conv/v2?tags=LoewsHotels_Philadelphia_LandingPage&rf=1
IP 52.44.159.100:0
Hash d28fecdffe3965689894880e8fb42bec
58308667c001b4feacefd099a8e30bc17a6d4c16
8308f46fec7dca3d0ca96f48c963774a0d78f63497815b7f9e832895fe20d740
GET /container/conv/v2?tags=LoewsHotels_Philadelphia_LandingPage&rf=1 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: application/javascript
Content-Length: 2055
Connection: keep-alive
Server: Kestrel
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:35 GMT; path=/; secure; samesite=none
cdn.cookielaw.org/scripttemplates/6.21.0/assets/otFlat.json
104.16.148.64200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/assets/otFlat.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (10843)
Hash 876ee8ce73032130b94551242d9b702b
295e0d8870639b948535953427a04db598e13a4f
4921d2bcffd42663e84a1dc7990eede1d17729ff8b1c2f14d6ab39dccad90115
GET /scripttemplates/6.21.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: application/json
content-length: 2950
content-encoding: gzip
content-md5: h27oznMDITC5RVEkLZtwKw==
last-modified: Fri, 23 Jul 2021 01:58:39 GMT
etag: 0x8D94D7D641A6DE0
x-ms-request-id: 1f5d3ab3-401e-0177-0745-ca1bf2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5390
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74dd4625bc30b4f9-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/otPcCenter.json
104.16.148.64200 OK 12 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/assets/v2/otPcCenter.json
IP 104.16.148.64:0
File type JSON data\012- , ASCII text, with very long lines (37251)
Hash 3d4a4c92ad525cca95e7264176bab6af
2e223f3dcd7a7048fc282fb149c6727d65e0129c
25b8484cb9cd880581d4af5bc54a445d000607249b80f092e26ea10785ce2707
GET /scripttemplates/6.21.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: application/json
content-length: 11523
content-encoding: gzip
content-md5: PUpMkq1SXMqV5yZBdrq2rw==
last-modified: Fri, 23 Jul 2021 01:58:41 GMT
etag: 0x8D94D7D65056FF9
x-ms-request-id: 7035051c-101e-0042-436d-c4f3f2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5390
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74dd4625bc31b4f9-OSL
X-Firefox-Spdy: h2
alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
54.230.111.84200 OK 8.2 kB URL HTTP/2 alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
IP 54.230.111.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (27519), with no line terminators
Hash 530a1bc9be5805f87aa14652042cc18b
b8cca80d58c30a8b4148f8e564fecb4100545678
13d323525cb29b279038af0f59454addfe58c71ac76308a9643aa87103706ae9
GET /chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 8175
date: Tue, 20 Sep 2022 03:14:45 GMT
last-modified: Fri, 19 Aug 2022 05:05:27 GMT
etag: "530a1bc9be5805f87aa14652042cc18b"
content-encoding: gzip
x-amz-version-id: w6e_LUTdY1kT33Qx9tCj5pEardtqsVlb
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J2pRFk9p8nuk668R8Ju1DApZynpqP8EDkE8kf7JeLFNKu4iql_CO8w==
age: 61671
X-Firefox-Spdy: h2
alive5.com/icons.html
54.230.111.84200 OK 5.0 kB IP 54.230.111.84:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (13070), with no line terminators
Hash c57fece4f277866b237dae4a72870d7d
1bd5245372efefb3ed7151412d0ea5af1641b316
5d60dc8b3c99e3348f7e56301bdf54b8e3f4cb644d5d202492de9bd71e5d87ff
GET /icons.html HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 4965
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT
access-control-expose-headers: ETag
access-control-max-age: 30000
last-modified: Fri, 19 Aug 2022 05:05:28 GMT
content-encoding: gzip
x-amz-version-id: k_zV07qUZbsFILj.JSnjgszkdUGbPhsz
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 20 Sep 2022 01:29:22 GMT
etag: "c57fece4f277866b237dae4a72870d7d"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cCUXNqdTx6VMwr4vTNmtWPzEBJnjeJ3h0PnZ7BPjPCZtVvWpop3PpA==
age: 68065
X-Firefox-Spdy: h2
alive5.com/css/chat.bundle.css
54.230.111.84200 OK 18 kB URL HTTP/2 alive5.com/css/chat.bundle.css
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (46179)
Hash 871882d4da60496c8e77a1534b4c6956
49341bac3f46e1134844ddb4e8b45e1c432d4b20
ec02721c346dcf97847862c4a8f78605f4e5d84701d857d4ada92122bcd69471
GET /css/chat.bundle.css HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 18214
last-modified: Fri, 19 Aug 2022 05:05:30 GMT
content-encoding: gzip
x-amz-version-id: ft2Ai71gr5Of9pRqY4ALtSK4L6LnpOSN
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 20 Sep 2022 03:58:05 GMT
etag: "871882d4da60496c8e77a1534b4c6956"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k2xoKL0GkyqIuKOPyHmUjL0oBqSXyvCSPbmZy_WokmBi_WLFDgElyQ==
age: 60384
X-Firefox-Spdy: h2
alive5.com/img/loader.gif
54.230.111.84200 OK 3.2 kB URL HTTP/2 alive5.com/img/loader.gif
IP 54.230.111.84:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash be1cede97289c13920048f238fd37b85
313b867d11fc0dd6bc6ca47c334bbcf18956ca76
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
GET /img/loader.gif HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 3208
last-modified: Fri, 19 Aug 2022 05:05:31 GMT
x-amz-version-id: 6OFF6J55DoAC7kYnmNeQVgXad.sJXxzp
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 20 Sep 2022 04:19:19 GMT
etag: "be1cede97289c13920048f238fd37b85"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ggD7xXAzBwu7eKSci1XUG7DafBqrnGVqSBY85pV9Spccq9X7eWYTpg==
age: 60879
X-Firefox-Spdy: h2
alive5.com/js/chat.bundle.js?s=1660885508779
54.230.111.84200 OK 192 kB URL HTTP/2 alive5.com/js/chat.bundle.js?s=1660885508779
IP 54.230.111.84:0
File type Unicode text, UTF-8 text, with very long lines (37235)
Size 192 kB (192298 bytes)
Hash d05fb039195af7f1be0b027c90fb5d5b
35caa479ed579ba33f7e32855fbe0df0dd568b30
a5f99f4f3e437702c9e8fbe353a915265d2fd4a02ef975885ff18688f2e4261a
GET /js/chat.bundle.js?s=1660885508779 HTTP/1.1
Host: alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/chat_window_wrap.html?wid=5f37739d-58b6-4465-8ccb-8f35bf4f595f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 192298
last-modified: Fri, 19 Aug 2022 05:05:29 GMT
content-encoding: gzip
x-amz-version-id: Ao5pkbqYGikvsA9yZNbsUKa9V5jiU4CG
accept-ranges: bytes
server: AmazonS3
content-security-policy: frame-ancestors *
date: Tue, 20 Sep 2022 01:06:47 GMT
etag: "d05fb039195af7f1be0b027c90fb5d5b"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 219Lyj2YvJ35F58V3pDMTJz9CNAvKcMRfcUSiHLh7dkYSqP1dJw3Mw==
age: 69364
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4294
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 20:22:35 GMT
Connection: keep-alive
loewshotels.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
54.175.77.159200 1.2 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel?href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US
IP 54.175.77.159:0
File type ASCII text, with very long lines (1249), with no line terminators
Hash c3d31c46e7d8be9b62670d5612b0de8d
96f9523c4d68699863e3454a4934690a951ec1fc
f5c130713f824b05cbddffa13383b0aa31a04f6e86a90ae2a13ef462c78b1fac
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel?href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&ref=&lang=&country=undefined&curr=undefined®ion=undefined&osl=en-US HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1249
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa OUR IND COM NAV INT STA"
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4294
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 20:22:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zDPKSOJ7SJImKcluUMhGvVMHv4t2oKLD2AJfGKAFSfedsdSA4VgZ_g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:56 GMT
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
age: 80379
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:50:04 GMT
age: 81151
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 79145
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 80402
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js
104.17.25.14200 OK 21 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js
IP 104.17.25.14:0
Hash fc5e31c93500eb38e2f99f0f4afbde40
2b318430f36836ecc3b822367fed0f84273108a9
8e46ac3c53469524a002371ec002602ef60012097bff6e4ea522d654e88b3856
GET /ajax/libs/socket.io/4.3.2/socket.io.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 20711
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "616b8b0a-50e7"
last-modified: Sun, 17 Oct 2021 02:31:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 26885435
expires: Sun, 10 Sep 2023 20:22:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDzPO3geyjojSF4LMTAJauDA6CYN0G6FaCqfiKwzso%2FO7xJKmL8DAfobiedz9TMDdPhaSc9MneHA3O8ZLvo3u5C0CBgAwu8fGg%2BoI9kKSebJGqHSwAnSHZgho8CtzJbYp1n76ker"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd4626988b1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js
104.17.25.14200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js
IP 104.17.25.14:0
Hash 135f9deacb56eb37d33925ad28bd87e1
691e4402038b0285fb7f560f36d5cb555cc91cf3
fd139f430770963eff1823b07bb65fb2633073d9da9b52cf7a1d45e1f7f231d7
GET /ajax/libs/chocolat/1.0.4/js/chocolat.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 3965
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6039816b-6044"
last-modified: Fri, 26 Feb 2021 23:16:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9148918
expires: Sun, 10 Sep 2023 20:22:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3htyjUVqUZ03UFBjYnbPzqmvCXIwUrJS%2Fq%2F%2B5sKdGeavs5bJp7Ddm8s8m7l8lQ4%2F1WZpXWHSFeGoBdrua8Jem4wFbhq%2BAAjU7%2F5vg8ob4v3TqhoVfwUhOQ3b%2Fwt1PlBj5DeV1Q6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74dd4626988e1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 63378
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
loewshotels.mpeasylink.com/mpel/mpel_ssd.js
54.175.77.159200 1.3 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel_ssd.js
IP 54.175.77.159:0
File type ASCII text, with very long lines (502)
Hash 4fe354f44890333094d42e6692a9808c
e1a42008fec69409f4bea5808bd332122d050023
658bf6429d750d6d084f0a618f5edbc78d0dc14e067da35a1a55d8e0b6e066fa
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_ssd.js HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"3276-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
Cache-Control: max-age=86400
Expires: Wed, 21 Sep 2022 20:22:35 GMT
vary: accept-encoding
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:35 GMT
Last-Modified: Tue, 20 Sep 2022 19:04:37 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ot9EQlS7LwAcKov-QOsmG1q0IEtsepxOUrpqJzuRVdqUNp2ZP_joqg==
Age: 4678
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144262
Date: Tue, 20 Sep 2022 20:22:35 GMT
Etag: "6329a317-1d7"
Expires: Thu, 22 Sep 2022 12:26:57 GMT
Last-Modified: Tue, 20 Sep 2022 11:25:11 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: a1AUi0Qu0m71bqxgUak-VRAfA0ZYLyGPjkQI6NIQ-GApicFStoj6hw==
Age: 3707
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7e24e09d17a24d77bd4aef2e2b704b35
70b4c3ad464ac77ef1541603dadb685321bb538a
cd9c0f13d1642292319c70b2e3e48ca2f82c4779779a240f70432d5dc484cf57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:35 GMT
Last-Modified: Tue, 20 Sep 2022 19:04:50 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XipsYZNkHRWFKKOa-WKc_NL60D49XFA-hGof_7PoLr9R7G0RdNp7oQ==
Age: 4666
loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&siteurl=www.loewshotels.com&lang=en&country=®ion=&sitelist=www.loewshotels.com,loewshotels.com,loewshotelsada.dev.hebsdigital.com,loewshotels.dev.hebsdigital.com,reservations.loewshotels.com;es.loewshotels.com,es.reservations.loewshotels.com;pt.loewshotels.com,pt.reservations.loewshotels.com;de.loewshotels.com,de.reservations.loewshotels.com;frca.loewshotels.com,frca.reservations.loewshotels.com¤cy=&nonMP=false&mode=&uuid=057c6e756e0147c7a46288b4cecb688c
54.175.77.159200 1.2 kB URL HTTP/1.1 loewshotels.mpeasylink.com/mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&siteurl=www.loewshotels.com&lang=en&country=®ion=&sitelist=www.loewshotels.com,loewshotels.com,loewshotelsada.dev.hebsdigital.com,loewshotels.dev.hebsdigital.com,reservations.loewshotels.com;es.loewshotels.com,es.reservations.loewshotels.com;pt.loewshotels.com,pt.reservations.loewshotels.com;de.loewshotels.com,de.reservations.loewshotels.com;frca.loewshotels.com,frca.reservations.loewshotels.com¤cy=&nonMP=false&mode=&uuid=057c6e756e0147c7a46288b4cecb688c
IP 54.175.77.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (650)
Hash 4e15b50697a74d423a6d9933b24a00a3
56185b17a5a18f75c8269f522a6f6e65dfd5a0f2
daccffddc4a2db0ebc4a2461a23cd60cabf64c5f60c9c099fc157ba2278f9dc7
Analyzer Verdict Alert quad9 Sinkholed
GET /mpel/mpel_storage.html?cmd=storePref&href=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&siteurl=www.loewshotels.com&lang=en&country=®ion=&sitelist=www.loewshotels.com,loewshotels.com,loewshotelsada.dev.hebsdigital.com,loewshotels.dev.hebsdigital.com,reservations.loewshotels.com;es.loewshotels.com,es.reservations.loewshotels.com;pt.loewshotels.com,pt.reservations.loewshotels.com;de.loewshotels.com,de.reservations.loewshotels.com;frca.loewshotels.com,frca.reservations.loewshotels.com¤cy=&nonMP=false&mode=&uuid=057c6e756e0147c7a46288b4cecb688c HTTP/1.1
Host: loewshotels.mpeasylink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"2762-1654181434000"
Last-Modified: Thu, 02 Jun 2022 14:50:34 GMT
vary: accept-encoding
Content-Encoding: gzip
api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e
3.221.66.24204 No Content 0 B URL HTTP/2 api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e
IP 3.221.66.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://alive5.com/
Origin: https://alive5.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 20:22:35 GMT
set-cookie: AWSALB=6Nqicx47iSbSZZ8pcPVl8kZOxwafAzVBLnN1jsNgrfho97SbfCLYzvJ6a9b3GAjxo/Fas237Md/owlC8MaFG6w4/7iFmc/TFC+UtGXO48wuXOM0GcSGYaruao0Sv; Expires=Tue, 27 Sep 2022 20:22:35 GMT; Path=/
AWSALBCORS=6Nqicx47iSbSZZ8pcPVl8kZOxwafAzVBLnN1jsNgrfho97SbfCLYzvJ6a9b3GAjxo/Fas237Md/owlC8MaFG6w4/7iFmc/TFC+UtGXO48wuXOM0GcSGYaruao0Sv; Expires=Tue, 27 Sep 2022 20:22:35 GMT; Path=/; SameSite=None; Secure
server: nginx
x-powered-by: Express
access-control-allow-origin: https://alive5.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-headers: Content-Type,Authorization,Content-Length,X-Requested-With,X-A5-APIKEY,x-xsrf-token,Cookie
access-control-max-age: 86400
access-control-expose-headers: Authorization,X-A5-APIKEY
X-Firefox-Spdy: h2
s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1658292655764.png
52.217.225.120200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1658292655764.png
IP 52.217.225.120:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 347519b71d8e3a972f3a6161a942fdb7
90f6fe12fdd5252d0a8e7519a1fdfe47d2242bf7
4c289b96c46e3b3160cccd5878c91eabe11dc181751188529f1daaf20d2545e7
GET /alive5cdn/images/widgets/upload/loewshotel-w1658292655764.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VuebdRcMTDo+OHS8JzBVBMcl9GUrtHJHF6RHBodrAO3FZ3JrdJaGtBZ9QrTyXelHeZ+S7+GZtZk=
x-amz-request-id: D1TS9SPFC9QWH6B7
Date: Tue, 20 Sep 2022 20:22:36 GMT
Last-Modified: Wed, 20 Jul 2022 04:50:56 GMT
ETag: "347519b71d8e3a972f3a6161a942fdb7"
x-amz-version-id: 1nAmUmazzSwKNE2Gr2wOWsZnlO3pHY7f
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2294
s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1650917487991.png
52.217.225.120200 OK 2.3 kB URL HTTP/1.1 s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-w1650917487991.png
IP 52.217.225.120:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 347519b71d8e3a972f3a6161a942fdb7
90f6fe12fdd5252d0a8e7519a1fdfe47d2242bf7
4c289b96c46e3b3160cccd5878c91eabe11dc181751188529f1daaf20d2545e7
GET /alive5cdn/images/widgets/upload/loewshotel-w1650917487991.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DMrl4OEkSS7FdyUXCKhJqsZPn0/3gsIuDlb+Hz+MhIIhj10iFChsdhBp9i5sIJrBFuBjVo/1yQA=
x-amz-request-id: D1TJRHSF6V3EDNK8
Date: Tue, 20 Sep 2022 20:22:36 GMT
Last-Modified: Mon, 25 Apr 2022 20:11:29 GMT
ETag: "347519b71d8e3a972f3a6161a942fdb7"
x-amz-version-id: HmKOJgg968umazmGtsrK1kaT2uNHCw4h
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2294
s3.amazonaws.com/alive5cdn/images/widgets/upload/ashfaqtest-wicon1544204526155.png
52.217.225.120200 OK 1.5 kB URL HTTP/1.1 s3.amazonaws.com/alive5cdn/images/widgets/upload/ashfaqtest-wicon1544204526155.png
IP 52.217.225.120:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f878c9733062f3e765504ed137d0bc6
f66a4a84230dfbf1e8000d1515d36f893c5f31f6
f2e60f36746d4efa38a43a662e146f7ca279803288f2852c14d1137de68002e5
GET /alive5cdn/images/widgets/upload/ashfaqtest-wicon1544204526155.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: pXK8qFrG+Y5M3oOeguIi3qhPJWQ5Kt16FNrl4vuqcSdW95mZNBGF2VCLuJoSy9muPLurIUu327k=
x-amz-request-id: D1TGB6HJCGP5J7DZ
Date: Tue, 20 Sep 2022 20:22:36 GMT
Last-Modified: Fri, 07 Dec 2018 12:42:11 GMT
ETag: "6f878c9733062f3e765504ed137d0bc6"
x-amz-version-id: JEJEiC9HGRttaRlxNnlXqTQphBO7xIRV
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 1455
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bbdf9da93e8d252db203c60dc24b0f71
f739d0262feb40f160d6831dacee92cccc258577
fde9d4e5476d73d38cc4f413ba216a82627df4b3ad85cddea91c080661ce01b8
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Last-Modified: Tue, 20 Sep 2022 19:27:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&external_user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&expiry=1695241355
104.18.18.126302 Found 0 B URL HTTP/2 dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&external_user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&expiry=1695241355
IP 104.18.18.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&external_user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&expiry=1695241355 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Sep 2022 20:22:35 GMT
content-length: 0
location: /rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1695241355&external_user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&C=1
cf-ray: 74dd4629dee5b529-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YyohC4g4.2xa.csUQtSNLAAA; Path=/; Domain=casalemedia.com; Expires=Wed, 20 Sep 2023 20:22:35 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4472; Path=/; Domain=casalemedia.com; Expires=Mon, 19 Dec 2022 20:22:35 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4472; Path=/; Domain=casalemedia.com; Expires=Mon, 19 Dec 2022 20:22:35 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLUv4qRfx1fC3qdbCHINMM%2FkEcqE3TLgGupxF7iZzRpUwJqM29qFIlwe1LWfVFd5R8b%2FL6g0KfUC%2F4cHovZjF43DepGzqdLzRe9%2BD%2FtE%2B%2FjDVTMMlEAjt9MyG6mPlgug5xjSkvAoal1eGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dbe1e4b0baff955f4958dc0f27c9cbeb
a173d5910d87a874a2f3cd7dbbb89663f533050f
6a23b4d88a5bd6618eb2c0abe3d7104ce4999a854c451ace442e7f6e9e53a289
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2953
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Last-Modified: Tue, 20 Sep 2022 19:33:22 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm
142.250.74.34302 Found 281 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 73f48b26868899d0ab45601d3d0804b5
4f565e23936526d826df2bc274b5a9a07861893d
4975bfe968adb988b0870900647720bf310bf0659f18b05fa7c15acc4e868823
GET /pixel?google_nid=cognitiv&google_cm HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm=&google_tc=
date: Tue, 20 Sep 2022 20:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 281
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Sep-2022 20:37:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
185.89.210.212307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: eb8d5238-0189-4b43-a695-86c177e83c05
Set-Cookie: uuid2=7304388544613794183; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Dec-2022 20:22:35 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 29f639cb699e6e460058e3c99bd4f3cf
9caeef6cf092a5afaf4578321a7301651468e3ce
5d9664e0c869eab361913cd50bf4e1cca2601239b467adba3af0ae049e7c070a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 01:42:53 GMT
Expires: Sun, 25 Sep 2022 01:42:52 GMT
Etag: "9caeef6cf092a5afaf4578321a7301651468e3ce"
Cache-Control: max-age=364216,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd4629f833b527-OSL
www.loewshotels.com/skins/loews/icon196x196.png
3.208.32.228200 OK 101 B URL HTTP/2 www.loewshotels.com/skins/loews/icon196x196.png
IP 3.208.32.228:0
File type PNG image data, 196 x 196, 1-bit grayscale, non-interlaced\012- data
Hash b09faf3161e6e99941cb42098a966a82
00d44aa286caeec4a0efac14c5ef5926152f79be
b6b34a02e2312a78f36b8dfde0dcb36f063333863406dc9389b0b258466ee922
GET /skins/loews/icon196x196.png HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215|PC#c2fdf4166a1d4312a48006d8430a0708.37_0#1726950155; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}; _gcl_au=1.1.576332580.1663705354; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Sep+20+2022+20%3A22%3A35+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e4b503cc-4ea1-488a-a312-1f36e8f174cd&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; _spe_v=a88c063d-5b77-4456-9562-9c2a7f877469; _spe_s=f699ec99-39e0-4dda-94ff-f10ac3c14841
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: image/png
content-length: 101
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
etag: "63205932-65"
expires: Wed, 20 Sep 2023 20:22:35 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70784369-76
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/favicon.ico
3.208.32.228200 OK 34 kB URL HTTP/2 www.loewshotels.com/skins/loews/favicon.ico
IP 3.208.32.228:0
File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash ff5c5bdbaa9011ca5ca554900110c951
36f3f0aaa57481f044762dc7fdb84a4a9a15a957
ede3b62d998abcb886e0ec59019598dd6b428955fdb92e29f761a3cdb9c66120
GET /skins/loews/favicon.ico HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215|PC#c2fdf4166a1d4312a48006d8430a0708.37_0#1726950155; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}; _gcl_au=1.1.576332580.1663705354; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Sep+20+2022+20%3A22%3A35+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e4b503cc-4ea1-488a-a312-1f36e8f174cd&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; _spe_v=a88c063d-5b77-4456-9562-9c2a7f877469; _spe_s=f699ec99-39e0-4dda-94ff-f10ac3c14841
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: image/x-icon
content-length: 34494
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-86be"
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 71232622-109
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (581)
Size 158 kB (157726 bytes)
Hash 6519c7c04cf32a57b1c5ee45a73c233e
4939bb921988e9eb13780cc2244f3099776e9bfb
8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
age: 571506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.convertlanguage.com/el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.loewshotels.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=057c6e756e0147c7a46288b4cecb688c&ua=na&et=4&f_lang=&f_country=&f_curr=&hist=&tpl=e_T0FF_v3.13.0.0&url=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&
3.139.212.1200 OK 35 B URL HTTP/2 analytics.convertlanguage.com/el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.loewshotels.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=057c6e756e0147c7a46288b4cecb688c&ua=na&et=4&f_lang=&f_country=&f_curr=&hist=&tpl=e_T0FF_v3.13.0.0&url=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&
IP 3.139.212.1:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /el3.gif?ea=none&er=def&d_lang=&d_country=&d_curr=&hn=www.loewshotels.com&i_lang=en&i_country=&i_curr=&s_bl=en&s_ref=&s_rl=&s_ll=no&s_geo=no&s_nl=en-US&c_lang=&alg_sig=00000&uuid=057c6e756e0147c7a46288b4cecb688c&ua=na&et=4&f_lang=&f_country=&f_curr=&hist=&tpl=e_T0FF_v3.13.0.0&url=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel& HTTP/1.1
Host: analytics.convertlanguage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: image/gif
content-length: 35
server: Apache
last-modified: Tue, 14 May 2019 17:36:29 GMT
etag: "23-588dc79153f13"
accept-ranges: bytes
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm=&google_tc=
142.250.74.34302 Found 286 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_cm=&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4742494744a52507fd4febd8c639ec09
6c5e83b574261f8845d947deb68f4686f9bf1aad
8b2ec7a5928e9e79944e20d82107bc295ec3c10f92ae72396501762a059f6651
GET /pixel?google_nid=cognitiv&google_cm=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&google_error=3
date: Tue, 20 Sep 2022 20:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
198.47.127.19302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8f456c7b65ea40d8ebcb879baecc7d23
4c3e595384938865990279a8c1567b99d2645f0f
0b3446efb51edb0d46bad639361c0f416edab089ad7f7a380622d56c8820d49f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5154
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Last-Modified: Tue, 20 Sep 2022 18:56:42 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 443f3c865a7724032a17d393dc3d58b7
e36f30d7ab4a35b1f2462fbe5f3e896985b28caa
090df8117812ee2eccfa86b9fe760bcee2f0d7b977fdd9bc5d040e6b0fe4de40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3245
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Last-Modified: Tue, 20 Sep 2022 19:28:30 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-wicon1626720607825.png
52.217.225.120200 OK 3.9 kB URL HTTP/1.1 s3.amazonaws.com/alive5cdn/images/widgets/upload/loewshotel-wicon1626720607825.png
IP 52.217.225.120:0
File type PNG image data, 350 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash df77c05c3e283b34d4ef4212ac210ebb
da622d12f37d79f7ba869063a0dcc56966ecd91c
a256aaceba74de49f68417149328f0ad754f4724550d27ccd600a19550a9ac6b
GET /alive5cdn/images/widgets/upload/loewshotel-wicon1626720607825.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6S9sGO4tmA23T4yWO/WNwYFAkC1Oy+li7Mpl+othP5dL3jUKctFGN4th6LBkvi0AR+gKQAwMEcA=
x-amz-request-id: D1TW3GSP7ZB23AMS
Date: Tue, 20 Sep 2022 20:22:36 GMT
Last-Modified: Mon, 19 Jul 2021 18:50:08 GMT
ETag: "df77c05c3e283b34d4ef4212ac210ebb"
x-amz-version-id: TnuuO_EAPwtqG142B0gMMzJYMEpbZRAa
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3875
dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1695241355&external_user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&C=1
104.18.18.126200 OK 43 B URL HTTP/2 dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1695241355&external_user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&C=1
IP 104.18.18.126:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rrum?cb=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dix%26source_id%3D&cm_dsp_id=8&expiry=1695241355&external_user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: image/gif
content-length: 43
cf-ray: 74dd462a4f69b529-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dh08nUFoAvMV3FChvDONV0EQO4jxrBET%2BF9BjbgVj3d96ZEYjATGMjWm8qCreB3L37AOb%2BQol9kn24R7BxMYoDUbkGNidb1Q5d8LFlSBw%2BmXcERximu4laW724RyF7P8YwFhdSNJt%2BMqbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
personalization-engine.hebsdigital.com/collect
52.22.31.151200 OK 483 B URL HTTP/2 personalization-engine.hebsdigital.com/collect
IP 52.22.31.151:0
Hash dd9d4400499e3ddf5b77414ff2eea832
ae92879851148d9c65d3016fd064a53457ed41fd
e9597c59b8d6e93a08ebc1365cc525542196ce633d4bfe684ffb72a2fdd3c7bb
POST /collect HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 884
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: no-cache, private
access-control-allow-origin: https://www.loewshotels.com
vary: Accept-Encoding, Origin
access-control-allow-credentials: true
set-cookie: XSRF-TOKEN=eyJpdiI6IkxpVm9xR29ualZNZHlBU2RsYUdEYUE9PSIsInZhbHVlIjoiUU5ZQ0hISUxwNk9iNk51ODZXYWJYU1AyYzZsMktpQTlBdU01bW5wMlh6eWFsZ2FyR2NzQnExRU8zOHlHSlo4QyIsIm1hYyI6IjNjM2NjNDg5Y2VkNWIyNDA4Zjk4YjdlZDgyMGMzZTMxZDgxODM0YzI4OTVkZTMyYzFhNWVmNjk5OGI1ZDc5MmEifQ%3D%3D; expires=Tue, 20-Sep-2022 22:22:35 GMT; Max-Age=7200; path=/
personalization_engine_session=eyJpdiI6IlNidlwvRWtEbGthV1BKWkNtcWtvTDVRPT0iLCJ2YWx1ZSI6IlZmQXR1RWdKNWdPWFZQUjJ4cUh3a3cydnVRdFwvR0tpc0FKcE1BVkRNSzBwelwvVks2VmJINXd3XC9rUmNpS3MzOEoiLCJtYWMiOiJjMWQ5OTVjOGM4ODc5MDM3YTU0ODU2N2Q4MGU5OWI4ZDhjOTdhYjE3NTA5NWE1M2M2NzkyNmZiNGYxNDRhZDg1In0%3D; expires=Tue, 20-Sep-2022 22:22:35 GMT; Max-Age=7200; path=/; httponly
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ef22746354dc8b5189d4e6c76270b510
f8d168a64fa6aef7421e33fccbfa57ec0721c412
9b039b092a421e633ef47389c9213751f5cc1d881df3154b95c808eb9f742249
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 20 Sep 2022 13:56:50 GMT
Expires: Tue, 27 Sep 2022 13:56:49 GMT
Etag: "f8d168a64fa6aef7421e33fccbfa57ec0721c412"
Cache-Control: max-age=581053,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd462a5f83b524-OSL
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
185.89.210.212302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 20 Sep 2022 20:22:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
AN-X-Request-Uuid: dd80249d-0fe7-46dd-aa3a-3904d40f8bfe
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
idsync.rlcdn.com/465836.gif?partner_uid=ed557471-15cd-4622-92b4-d63ddd1e6047
35.244.174.68451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/465836.gif?partner_uid=ed557471-15cd-4622-92b4-d63ddd1e6047
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /465836.gif?partner_uid=ed557471-15cd-4622-92b4-d63ddd1e6047 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Tue, 20 Sep 2022 20:22:35 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api-v2.alive5.com/socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiZWE1MGYzMTYtOTU3My00OTgzLThmNTgtZTEwNjFkMTRjZTFlIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzcwNTM1NH0.PBkM7bBePgXgkMPof5UPPlx1OVXNfZs04Ovakkf7b1A&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e&channel_id=ae07b1f7-7aa2-4d41-bdb6-98c805792e3d&is_mobile=false&EIO=4&transport=websocket
18.234.5.86101 Switching Protocols 0 B URL HTTP/1.1 api-v2.alive5.com/socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiZWE1MGYzMTYtOTU3My00OTgzLThmNTgtZTEwNjFkMTRjZTFlIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzcwNTM1NH0.PBkM7bBePgXgkMPof5UPPlx1OVXNfZs04Ovakkf7b1A&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e&channel_id=ae07b1f7-7aa2-4d41-bdb6-98c805792e3d&is_mobile=false&EIO=4&transport=websocket
IP 18.234.5.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?authToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiZWE1MGYzMTYtOTU3My00OTgzLThmNTgtZTEwNjFkMTRjZTFlIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzcwNTM1NH0.PBkM7bBePgXgkMPof5UPPlx1OVXNfZs04Ovakkf7b1A&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e&channel_id=ae07b1f7-7aa2-4d41-bdb6-98c805792e3d&is_mobile=false&EIO=4&transport=websocket HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://alive5.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 58hGXBsP5tz29SmpEqHedA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 20 Sep 2022 20:22:35 GMT
Connection: upgrade
Set-Cookie: AWSALB=QqONChUXI/ySIbLwjXSsleDDKi8oWgzma6SHbvBiO2Yz6luIZVOha/rCzigGzwQgOKqxwSzUvo9D+Vp8dQs4uBCcUJWarpPRyePJLdX4r8WT28NWhv7MToKyf0mH; Expires=Tue, 27 Sep 2022 20:22:35 GMT; Path=/
AWSALBCORS=QqONChUXI/ySIbLwjXSsleDDKi8oWgzma6SHbvBiO2Yz6luIZVOha/rCzigGzwQgOKqxwSzUvo9D+Vp8dQs4uBCcUJWarpPRyePJLdX4r8WT28NWhv7MToKyf0mH; Expires=Tue, 27 Sep 2022 20:22:35 GMT; Path=/; SameSite=None; Secure
Server: nginx
Upgrade: websocket
Sec-WebSocket-Accept: uS6C8yHH7lj84rKBg+YT1gV8fdc=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 20:22:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=ed557471-15cd-4622-92b4-d63ddd1e6047&expires=365
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=711370&nid=5504&put=ed557471-15cd-4622-92b4-d63ddd1e6047&expires=365
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=711370&nid=5504&put=ed557471-15cd-4622-92b4-d63ddd1e6047&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 693f17ec94b6fd0c82d03268b1ba23d6
Content-Type: image/gif
ups.analytics.yahoo.com/ups/58561/sync?uid=ed557471-15cd-4622-92b4-d63ddd1e6047&_origin=1&redir=true
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58561/sync?uid=ed557471-15cd-4622-92b4-d63ddd1e6047&_origin=1&redir=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58561/sync?uid=ed557471-15cd-4622-92b4-d63ddd1e6047&_origin=1&redir=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Sep 2022 20:22:35 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58561/sync?uid=ed557471-15cd-4622-92b4-d63ddd1e6047&_origin=1&redir=true&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAshKmMCEGooa7-mMzC4NxLo85nt3LsFEgEBAQFyK2M0YwAAAAAA_eMAAA&S=AQAAAgG3cVz4BTsiAu7kh3Sa1Jg; Expires=Thu, 21 Sep 2023 02:22:35 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/syncd?dsp_id=425&user_group=1&expires=365&user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
3.126.140.73302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/syncd?dsp_id=425&user_group=1&expires=365&user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
IP 3.126.140.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncd?dsp_id=425&user_group=1&expires=365&user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID} HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 20 Sep 2022 20:22:35 GMT
Location: https://x.bidswitch.net/ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
Set-Cookie: tuuid=bfa76216-311c-4841-9775-0a87beb2443f; path=/; expires=Wed, 20-Sep-2023 20:22:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663705355; path=/; expires=Wed, 20-Sep-2023 20:22:35 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1663705355; path=/; expires=Wed, 20-Sep-2023 20:22:35 GMT; domain=.bidswitch.net; samesite=none; secure
c=1663705355; path=/; expires=Wed, 20-Sep-2023 20:22:35 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
198.47.127.19200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 Sep 2022 20:22:35 GMT
content-length: 0
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=cXRV7c0VIkaStNY93R5gRw&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25&google_tc=
142.250.74.34302 Found 324 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cognitiv&google_hm=cXRV7c0VIkaStNY93R5gRw&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1b5d380e533305e088cecbf7e381d5d9
d4981cf58f8d80a173fb8b3edaf4c2376996bdd5
207417b029e14bec73844fc362c563dfad5c8f7c176eeb316f2175e7e0e6890b
GET /pixel?google_nid=cognitiv&google_hm=cXRV7c0VIkaStNY93R5gRw&google_redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dgoogle%26inventory_source%3D0%26source_id%3D%25%25GOOGLE_GID%25%25&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3
date: Tue, 20 Sep 2022 20:22:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58561/sync?uid=ed557471-15cd-4622-92b4-d63ddd1e6047&_origin=1&redir=true&verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58561/sync?uid=ed557471-15cd-4622-92b4-d63ddd1e6047&_origin=1&redir=true&verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58561/sync?uid=ed557471-15cd-4622-92b4-d63ddd1e6047&_origin=1&redir=true&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 20 Sep 2022 20:22:36 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBAwhKmMCECagyB8FFy3OxhVmLG0ttzYFEgEBAQFyK2M0YwAAAAAA_eMAAA&S=AQAAAudksDToOx1DqMwhv0Opzpc; Expires=Thu, 21 Sep 2023 02:22:36 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
3.126.140.73200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID}
IP 3.126.140.73:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/syncd?dsp_id=425&user_group=1&expires=365&user_id=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dbidswitch%26user%3D%24{BSW_UID} HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 43
Connection: keep-alive
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&google_error=3
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&google_error=3
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=google&google_error=3 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ss=x2xJG7DtrgnJFiDeV78nAo1sV9%2FS6d2LrNglSxM%2FOoJxQ8ZieZlaOEqIYZjVUhwkHsB7779dfNXpIreGXh6UWA%3D%3D; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 4384fd184109c86354d550d731dbeca9
d05601579e39d29896b42459debe000b7e04ae77
16085ba13d3aa53485883b7ae394d8733d1b8c5797b1a108f9afbbbb5f61c612
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:36 GMT
Last-Modified: Tue, 20 Sep 2022 18:32:48 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rTickU7hLR5HA24L2U0D2dc5eZKO_UlNHzekEdUH-lGYJbcd_S5AUQ==
Age: 6589
secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
185.89.210.212307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 94ad1b69-fa0b-4e68-b7dc-f823091324c1
Set-Cookie: uuid2=3427129623862125167; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Dec-2022 20:22:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
185.89.210.212302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
AN-X-Request-Uuid: dc39e914-5a70-45bb-a864-c0c805a2cc9e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ss=SDOkEjfTqBVfotgG8cpnUT7p3QICkgHDCetwNN5UpLuR73p7XAlDkQedSa18bXOhF%2B6XMtVRh2IbqU1xhbv5tg%3D%3D; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e
3.221.66.24200 OK 5.5 kB URL HTTP/2 api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e
IP 3.221.66.24:0
File type JSON data\012- , ASCII text, with very long lines (16677)
Hash 539b87338bf3522f9893ebb67faafaf7
3580cb9a0609fa8ccfe06b5846586485da1698bd
d16d613df6200392df2d973ba408460c34bbb49b427b296229f8a6ba1ca144ef
GET /1.0/thread/get-threads-byId?org_name=loewshotel&thread_id=e5861e7c-508b-4dfd-a48b-8bdc1aca4086&visitor=true&referrer=undefined&page_url=https://www.loewshotels.com/&crm_id=ea50f316-9573-4983-8f58-e1061d14ce1e HTTP/1.1
Host: api-v2.alive5.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiZWE1MGYzMTYtOTU3My00OTgzLThmNTgtZTEwNjFkMTRjZTFlIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzcwNTM1NH0.PBkM7bBePgXgkMPof5UPPlx1OVXNfZs04Ovakkf7b1A
Origin: https://alive5.com
Connection: keep-alive
Referer: https://alive5.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: application/json; charset=utf-8
set-cookie: AWSALB=BPfaXvXxqKv+0foCGGHbvVDTR3NnUotVc9sdfw0pg9OPOcTJdrnvO9xy53/dtgFvHmBkkVXmG8Na5Q/1ugXJXmHZIodKPjjcUm7Gp0qRB3AVE/2HyZG35ITO+s1W; Expires=Tue, 27 Sep 2022 20:22:35 GMT; Path=/
AWSALBCORS=BPfaXvXxqKv+0foCGGHbvVDTR3NnUotVc9sdfw0pg9OPOcTJdrnvO9xy53/dtgFvHmBkkVXmG8Na5Q/1ugXJXmHZIodKPjjcUm7Gp0qRB3AVE/2HyZG35ITO+s1W; Expires=Tue, 27 Sep 2022 20:22:35 GMT; Path=/; SameSite=None; Secure
server: nginx
access-control-allow-origin: https://alive5.com
vary: Accept-Encoding, Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-expose-headers: Authorization,X-A5-APIKEY
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQ3NDQyNzU0OTYzLCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJsb2V3c2hvdGVsIiwidHlwZSI6ImxpdmVjaGF0IiwiY3JtX2lkIjoiZWE1MGYzMTYtOTU3My00OTgzLThmNTgtZTEwNjFkMTRjZTFlIiwidXNlcl9yb2xlIjoidmlzaXRvciIsImlhdCI6MTY2MzcwNTM1NH0.PBkM7bBePgXgkMPof5UPPlx1OVXNfZs04Ovakkf7b1A
etag: W/"34-dZu/bfEbcWPDtNLHGA7SpL7f1o8"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 29f639cb699e6e460058e3c99bd4f3cf
9caeef6cf092a5afaf4578321a7301651468e3ce
5d9664e0c869eab361913cd50bf4e1cca2601239b467adba3af0ae049e7c070a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 01:42:53 GMT
Expires: Sun, 25 Sep 2022 01:42:52 GMT
Etag: "9caeef6cf092a5afaf4578321a7301651468e3ce"
Cache-Control: max-age=364215,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74dd462b2995b527-OSL
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; ss=x2xJG7DtrgnJFiDeV78nAo1sV9%2FS6d2LrNglSxM%2FOoJxQ8ZieZlaOEqIYZjVUhwkHsB7779dfNXpIreGXh6UWA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ss=IV1bDWST67dftX9rm%2FnVS8IJXPDLbOeGF3RWG4tmtps4M0sElyT%2BT%2FIR0NSS5i3j8490ScesACAST1hpbgY6jw%3D%3D; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
54.171.98.27302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
IP 54.171.98.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Sep 2022 20:22:36 GMT
location: https://beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=IJCWLtvYHBEWqCWY9J%2FDuQuqdYIKVFmXPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3ApHx5j%2B9t8tQcxFuWRBmMBDk2UlwtNJrA; Path=/; Domain=.agkn.com; Expires=Wed, 20-Sep-2023 20:22:36 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
54.80.191.48200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 54.80.191.48:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 27
Connection: keep-alive
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=google&inventory_source=0&source_id=&google_error=3 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ss=P1PNg4e6rUBL39XCwht0mmW3GQJVv7IE53ueCplyiT6yaADctmpMBfRD2ZTVOuGjr3sBzQ15lxQtMv0Ezm8QFw%3D%3D; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
198.47.127.19302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Tue, 20 Sep 2022 20:22:35 GMT
content-length: 0
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
185.89.210.212307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
AN-X-Request-Uuid: 9e6a696d-4edf-4bcb-82eb-35209b3c79bf
Set-Cookie: uuid2=682197456053313475; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 19-Dec-2022 20:22:36 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
198.47.127.19200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 Sep 2022 20:22:36 GMT
content-length: 0
X-Firefox-Spdy: h2
beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=WCJJIPin6H8WqCWY9J%2FDuUjE6TO7RsATPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=WCJJIPin6H8WqCWY9J%2FDuUjE6TO7RsATPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?type=sync&source=neustar&source_id=WCJJIPin6H8WqCWY9J%2FDuUjE6TO7RsATPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; ss=TrpJ%2FujiYqyDoHjtaima3ZHanFF0%2FUY1qtVGKfJ3ZppFEeEZu8UhMw3UtmPZsx0Wdj1DVUN%2BHtp9JsgpQc%2FKVA%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ss=VYh5ikiDF9n0lzLWD0NnITM0L4g8L2ajBZCa6SNpwLE4lcuiW7FEx6Bu2GS%2Frahg3lChjdasK6cQYutWPByAKg%3D%3D; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
54.171.98.27302 Found 1.1 kB URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
IP 54.171.98.27:0
File type gzip compressed data\012- data
Hash 96902b75d203cf837ef8386a61d3e391
486502f1cbd8d373240126274e0f204d99cf507d
d253a47451a44d7eb61c4d27d45743119fc36614ec6327d946cbadc90bc6dbc8
GET /adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 20 Sep 2022 20:22:36 GMT
location: https://beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=6RkR%2FK0TLwQWqCWY9J%2FDuRhV%2FN5UUKUGPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3A2z8sQogbcm8cxFuWRBmMBKrXGqBCINHW; Path=/; Domain=.agkn.com; Expires=Wed, 20-Sep-2023 20:22:36 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
185.89.210.212302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID
IP 185.89.210.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dxandr%26id%3Ded557471-15cd-4622-92b4-d63ddd1e6047%26adnxs_uid%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
AN-X-Request-Uuid: 6aa79d07-f6f4-4cf9-9f3d-06b76b9bca17
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
198.47.127.19200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 Sep 2022 20:22:36 GMT
content-length: 0
X-Firefox-Spdy: h2
beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=6RkR%2FK0TLwQWqCWY9J%2FDuRhV%2FN5UUKUGPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=6RkR%2FK0TLwQWqCWY9J%2FDuRhV%2FN5UUKUGPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?type=sync&source=neustar&source_id=6RkR%2FK0TLwQWqCWY9J%2FDuRhV%2FN5UUKUGPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; ss=P1PNg4e6rUBL39XCwht0mmW3GQJVv7IE53ueCplyiT6yaADctmpMBfRD2ZTVOuGjr3sBzQ15lxQtMv0Ezm8QFw%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ss=8IRJyX%2F1RJ2UzPPKRlITT%2Bj41oyKIf0ZaH%2BZiEQGZCmwQzOrTOMs2Eca8ZgYgrAxxWXBJgSapJisu0fRcL837Q%3D%3D; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
198.47.127.19302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Tue, 20 Sep 2022 20:22:34 GMT
content-length: 0
X-Firefox-Spdy: h2
beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
52.44.159.100302 Found 0 B URL HTTP/1.1 beacon.lynx.cognitivlabs.com/pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0
IP 52.44.159.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?type=sync&source=xandr&id=ed557471-15cd-4622-92b4-d63ddd1e6047&adnxs_uid=0 HTTP/1.1
Host: beacon.lynx.cognitivlabs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; ss=VYh5ikiDF9n0lzLWD0NnITM0L4g8L2ajBZCa6SNpwLE4lcuiW7FEx6Bu2GS%2Frahg3lChjdasK6cQYutWPByAKg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 0
Connection: keep-alive
Server: Kestrel
Location: https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
Set-Cookie: UID=ed557471-15cd-4622-92b4-d63ddd1e6047; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
ss=sHyHaTHQCYsaE3jchAY32IdYKNuMGh%2BJXzXcImV9JLpO3M64F%2BWkJpuSbkCpVlLbvReXEOzyZCGsWAg0NjAPNg%3D%3D; expires=Wed, 20 Sep 2023 20:22:36 GMT; path=/; secure; samesite=none
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
198.47.127.19200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 Sep 2022 20:22:36 GMT
content-length: 0
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
198.47.127.19302 Found 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
location: /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KTPCACOOKIE=YES; domain=pubmatic.com; path=/; max-age=86400; secure;
date: Tue, 20 Sep 2022 20:22:35 GMT
content-length: 0
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
198.47.127.19200 OK 0 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1
IP 198.47.127.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fbeacon.lynx.cognitivlabs.com%2Fpixel%3Ftype%3Dsync%26source%3Dpubmatic%26id=ed557471-15cd-4622-92b4-d63ddd1e6047%26inventory_source%3D0%26source_id%3D%23PM_USER_ID&rdf=1 HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 20 Sep 2022 20:22:36 GMT
content-length: 0
X-Firefox-Spdy: h2
resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/generic1661771191646.js
151.101.85.230200 OK 81 kB URL HTTP/2 resources.digital-cloud-west.medallia.com/wdcwest/175638/onsite/generic1661771191646.js
IP 151.101.85.230:0
File type Unicode text, UTF-8 text, with very long lines (11854)
Hash da5eb17c6760632741f862da323f9306
d91fedd13252645498f9128f1e983866b141f08b
63b0d7ec0924040a510db609d4072773593a72e8b00e0625e0b890d9b3ffe7b9
GET /wdcwest/175638/onsite/generic1661771191646.js HTTP/1.1
Host: resources.digital-cloud-west.medallia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: vDvSVSOVDqsu4gOF7CmG2aLA7h7qV5rwlNs5WGoi4lHyArJxvnIW+aFNNWtwfjEQ9xeFANwjSj8=
x-amz-request-id: A9XCGBCVE3JY3MXA
last-modified: Mon, 29 Aug 2022 11:06:32 GMT
etag: "013f42c06b685c51aa57c5014bd0cfcb"
x-amz-version-id: wtRNj35AxgMtNOLeqncotIW3JnLtouyN
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
date: Tue, 20 Sep 2022 20:22:36 GMT
age: 647892
x-served-by: cache-sea4458-SEA, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663705357.607440,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 81026
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.jpeg
54.80.191.48200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 54.80.191.48:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 061c6351d0fe8da45c4f75b492ce8ba0
0c5bf003bf825fd48999485b12d540683e035c9c
ab565ba16b4c509126a2493796507819d516795022166843a3c0e202c1ce013d
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Length: 651
Connection: keep-alive
ocsps.ssl.com/
34.237.184.165200 OK 1.9 kB IP 34.237.184.165:0
Hash 25acc1c77a8a6a791e43a62150d719bc
e3ffc6f9e62f198ccb3ef68795cab1327cb7d1aa
098a41400e169d1443ab5bd0fba67f598a96aa3a241b8a968a61ece128d697bd
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Sep 2022 20:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1883
Connection: keep-alive
Expires: Tue, 27 Sep 2022 15:29:48 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "e3ffc6f9e62f198ccb3ef68795cab1327cb7d1aa"
Last-Modified: Tue, 20 Sep 2022 15:29:49 GMT
X-Proxy-Cache: HIT
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTG9ld3MgUGhpbGFkZWxwaGlhIEhvdGVsIHwgQ2VudGVyIENpdHkgUGhpbGFkZWxwaGlhIEhvdGVsIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cubG9ld3Nob3RlbHMuY29tL3BoaWxhZGVscGhpYS1ob3RlbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzNzA1MzU2NzIyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM1YzkxMTlhNzFlMC0wZDliZTMzOWM3YzNkNy0zMDZkNDY0YS0xNDAwMDAtMTgzNWM5MTE5YTgxMGYiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtd2VzdCIsImFjY291bnRJZCI6IDE3NTYzNiwidXJsIjogImh0dHBzOi8vd3d3LmxvZXdzaG90ZWxzLmNvbS9waGlsYWRlbHBoaWEtaG90ZWwiLCJ3ZWJzaXRlSWQiOiAxNzU2MzgsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjkxYjMtNzAwZC1lZjM1LTcxNGYtZWUyNC0yYWViLTU4MTEtOGUzMyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjYzNzA1MzU2NzIxIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDE2NzgsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjM3MDUzNTY3MjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
35.241.45.82200 OK 0 B URL HTTP/2 udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTG9ld3MgUGhpbGFkZWxwaGlhIEhvdGVsIHwgQ2VudGVyIENpdHkgUGhpbGFkZWxwaGlhIEhvdGVsIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cubG9ld3Nob3RlbHMuY29tL3BoaWxhZGVscGhpYS1ob3RlbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzNzA1MzU2NzIyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM1YzkxMTlhNzFlMC0wZDliZTMzOWM3YzNkNy0zMDZkNDY0YS0xNDAwMDAtMTgzNWM5MTE5YTgxMGYiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtd2VzdCIsImFjY291bnRJZCI6IDE3NTYzNiwidXJsIjogImh0dHBzOi8vd3d3LmxvZXdzaG90ZWxzLmNvbS9waGlsYWRlbHBoaWEtaG90ZWwiLCJ3ZWJzaXRlSWQiOiAxNzU2MzgsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjkxYjMtNzAwZC1lZjM1LTcxNGYtZWUyNC0yYWViLTU4MTEtOGUzMyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjYzNzA1MzU2NzIxIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDE2NzgsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjM3MDUzNTY3MjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
IP 35.241.45.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTI4MHgxMDI0Iiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInBhZ2VfdGl0bGUiOiAiTG9ld3MgUGhpbGFkZWxwaGlhIEhvdGVsIHwgQ2VudGVyIENpdHkgUGhpbGFkZWxwaGlhIEhvdGVsIiwicGFnZV91cmwiOiAiaHR0cHM6Ly93d3cubG9ld3Nob3RlbHMuY29tL3BoaWxhZGVscGhpYS1ob3RlbCIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjYzNzA1MzU2NzIyIiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODM1YzkxMTlhNzFlMC0wZDliZTMzOWM3YzNkNy0zMDZkNDY0YS0xNDAwMDAtMTgzNWM5MTE5YTgxMGYiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtd2VzdCIsImFjY291bnRJZCI6IDE3NTYzNiwidXJsIjogImh0dHBzOi8vd3d3LmxvZXdzaG90ZWxzLmNvbS9waGlsYWRlbHBoaWEtaG90ZWwiLCJ3ZWJzaXRlSWQiOiAxNzU2MzgsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjkxYjMtNzAwZC1lZjM1LTcxNGYtZWUyNC0yYWViLTU4MTEtOGUzMyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjYzNzA1MzU2NzIxIiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDE2NzgsImthbXB5bGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjQ3LjMiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2NjM3MDUzNTY3MjIsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ== HTTP/1.1
Host: udc-neb.kampyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:37 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
x-me: prod-instance-gatewayservice-blue-481h
x-application-context: application:9090
content-type: image/gif; charset=UTF-8
content-length: 0
server: Jetty(9.2.11.v20150529)
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 8b71cf0b0add23a12a0a2c27e16a65e5
990f1410b3fd233cf544b95f7749999e4fa01ae5
dad04e10910a268e8ac1ac732db100d4070c9e37f5f49499a4f4d66fae57c19e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:37 GMT
Last-Modified: Tue, 20 Sep 2022 20:21:28 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 63MUM7tsVjmmXz8UkGpo6w31tksWt_wbmddjz9r6FChaR7TMLLornA==
Age: 69
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 8b71cf0b0add23a12a0a2c27e16a65e5
990f1410b3fd233cf544b95f7749999e4fa01ae5
dad04e10910a268e8ac1ac732db100d4070c9e37f5f49499a4f4d66fae57c19e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 20:22:37 GMT
Last-Modified: Tue, 20 Sep 2022 18:56:11 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: USjda2tLvFGFdmkm2VMCdJ_aR7GDLmpY4TGtCtDi9TbU-teFQbTdJA==
Age: 5186
tags.srv.stackadapt.com/saq_pxl?uid=VW8pwYrpaO7zhltRkbl4Sw&is_js=true&landing_url=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&t=Loews%20Philadelphia%20Hotel%20%7C%20Center%20City%20Philadelphia%20Hotel&tip=avtKcYaGg1h3BE4ddar2riA16Sn6KgiKnXf0lqm5Aks&host=https://www.loewshotels.com&sa-user-id-v2=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6%2524ip%252491.90.42.154.nOwBHRuhEYtQimfkOUMne%252BNYRrDWmCF3Pzf2SCJVbfA&sa-user-id=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6.nJeSRddBldq9zjj2GVdgWqKM8lWUwvoXa1I1YPrjewE
54.80.191.48200 OK 94 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=VW8pwYrpaO7zhltRkbl4Sw&is_js=true&landing_url=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&t=Loews%20Philadelphia%20Hotel%20%7C%20Center%20City%20Philadelphia%20Hotel&tip=avtKcYaGg1h3BE4ddar2riA16Sn6KgiKnXf0lqm5Aks&host=https://www.loewshotels.com&sa-user-id-v2=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6%2524ip%252491.90.42.154.nOwBHRuhEYtQimfkOUMne%252BNYRrDWmCF3Pzf2SCJVbfA&sa-user-id=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6.nJeSRddBldq9zjj2GVdgWqKM8lWUwvoXa1I1YPrjewE
IP 54.80.191.48:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d12c1129f6ff37622d03db4a2a5949e
bc44653c4a06e671ce423600755fed86fad8ec24
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
GET /saq_pxl?uid=VW8pwYrpaO7zhltRkbl4Sw&is_js=true&landing_url=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&t=Loews%20Philadelphia%20Hotel%20%7C%20Center%20City%20Philadelphia%20Hotel&tip=avtKcYaGg1h3BE4ddar2riA16Sn6KgiKnXf0lqm5Aks&host=https://www.loewshotels.com&sa-user-id-v2=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6%2524ip%252491.90.42.154.nOwBHRuhEYtQimfkOUMne%252BNYRrDWmCF3Pzf2SCJVbfA&sa-user-id=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6.nJeSRddBldq9zjj2GVdgWqKM8lWUwvoXa1I1YPrjewE HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.loewshotels.com
Content-Type: text/plain; charset=utf-8
Date: Tue, 20 Sep 2022 20:22:37 GMT
Content-Length: 94
Connection: keep-alive
col.site24x7rum.com/rum/data
34.211.131.195200 OK 0 B URL HTTP/2 col.site24x7rum.com/rum/data
IP 34.211.131.195:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /rum/data HTTP/1.1
Host: col.site24x7rum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 4159
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:37 GMT
content-type: application/json;charset=ISO-8859-1
content-length: 0
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
x-xss-protection: 1
access-control-allow-headers: request-id, request-context, Origin, Accept-Language
set-cookie: s247cname=236b6e3c-207b-4f06-afe8-fe0121cc4965;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=236b6e3c-207b-4f06-afe8-fe0121cc4965;path=/;SameSite=Strict;Secure;priority=high
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
vary: Origin
server: ZGS
X-Firefox-Spdy: h2
col.site24x7rum.com/rum/resource
34.211.131.195200 OK 19 B URL HTTP/2 col.site24x7rum.com/rum/resource
IP 34.211.131.195:0
File type JSON data\012- , ASCII text
Hash 5b3e49c971e4da1244946799f72a5085
09a33d09723316057e446868ba465313217a6fc4
d371490817f54924439cd86d57c2a049bd3382bf43a1a73346f454a7cacd6b73
POST /rum/resource HTTP/1.1
Host: col.site24x7rum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 30353
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:37 GMT
content-type: application/json;charset=ISO-8859-1
content-length: 19
x-content-type-options: nosniff
x-xss-protection: 1
set-cookie: s247cname=0bdbbf26-b57f-415f-8d45-8a414b3e8e18;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=0bdbbf26-b57f-415f-8d45-8a414b3e8e18;path=/;SameSite=Strict;Secure;priority=high
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Origin
server: ZGS
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/5bed7782493c7.jpg/1920x1080/fit/80/1cb78ab4ca47dbf137354ed1a2e8a0be.webp
143.204.55.119200 OK 474 kB URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/cache/v2/5bed7782493c7.jpg/1920x1080/fit/80/1cb78ab4ca47dbf137354ed1a2e8a0be.webp
IP 143.204.55.119:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 474 kB (474340 bytes)
Hash 9c39b5d8d1eb08ec4096a27849bab0ef
44fd53470600151e812a6c7e6fbc02da37616b8f
550ee285a44e92b2601226037d0dcdbd75a090229f22bfdbcf523a1fe4346b1b
GET /loewshotels.com-2466770763/cms/cache/v2/5bed7782493c7.jpg/1920x1080/fit/80/1cb78ab4ca47dbf137354ed1a2e8a0be.webp HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215|PC#c2fdf4166a1d4312a48006d8430a0708.37_0#1726950155; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}; _gcl_au=1.1.576332580.1663705354; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Sep+20+2022+20%3A22%3A35+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e4b503cc-4ea1-488a-a312-1f36e8f174cd&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 474340
date: Tue, 13 Sep 2022 07:53:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 12 Sep 2022 20:36:33 GMT
x-amz-version-id: 0ONGpXVQy0EN3Kvqr4Iaa_WlHyM1NDQ4
etag: "9c39b5d8d1eb08ec4096a27849bab0ef"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ljSMoaMTyQnKfhSYiIh03rPBAiRpdI51HJKMrnpAJHnidqxOLzLM-A==
age: 649743
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3463c46d2b7a87a91ff1a701a438d80e
92c78b27f4e31609c1b78670b26e68b4f991a8ed
b95b290832f12f97c7da51382fe92feba2fa93a5ec0470d48a533a58a13dc474
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5985
x-amzn-requestid: 6797727b-78c7-470f-bee8-7b55e64d36ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugzxH6qoAMF67w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e1b1-0d574a815d19636b21376c91;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7lzvXaC9EgAduUw3i_GsZkjj0LT2QfaXCQyZQibuNcfyJ2XwKWHgtg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:03:08 GMT
age: 80374
etag: "92c78b27f4e31609c1b78670b26e68b4f991a8ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/wishyouwerehere.svg
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/wishyouwerehere.svg
IP 3.208.32.228:0
GET /skins/loews/assets/desktop/images/wishyouwerehere.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215|PC#c2fdf4166a1d4312a48006d8430a0708.37_0#1726950155; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}; _gcl_au=1.1.576332580.1663705354
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-12c71"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70785341-40
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
54.171.98.27302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif
IP 54.171.98.27:0
GET /adscores/g.pixel?sid=9212300438&puid=ed557471-15cd-4622-92b4-d63ddd1e6047&redir=pixel.gif HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 20 Sep 2022 20:22:36 GMT
location: https://beacon.lynx.cognitivlabs.com/pixel.gif?type=sync&source=neustar&source_id=WCJJIPin6H8WqCWY9J%2FDuUjE6TO7RsATPqmISYjX2i0%3D&cognitiv_id=ed557471-15cd-4622-92b4-d63ddd1e6047
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3Ae6FIJ5kcA8scxFuWRBmMBI8C29vJYbSC; Path=/; Domain=.agkn.com; Expires=Wed, 20-Sep-2023 20:22:36 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
www.loewshotels.com/philadelphia-hotel
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/philadelphia-hotel
IP 3.208.32.228:0
GET /philadelphia-hotel HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:33 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
x-consent-required: 0
x-hebs-cache-status: hit
cache-control: private, max-age=7200, must-revalidate, pre-check=30, post-check=30
pragma:
expires: Tue, 20 Sep 2022 21:03:41 GMT
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70785341-32
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-bold.woff2
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/fonts/gt-america-extended-bold.woff2
IP 3.208.32.228:0
GET /skins/loews/assets/desktop/fonts/gt-america-extended-bold.woff2 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/octet-stream
content-length: 25204
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
etag: "6320592c-6274"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/logo-white.svg
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/logo-white.svg
IP 3.208.32.228:0
GET /skins/loews/assets/desktop/images/logo-white.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-c97"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70784369-74
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.41.98200 OK 0 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.41.98:0
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.loewshotels.com
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74dd46212dd10b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663681018/assets/desktop/scripts/lightbox.js
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/1663681018/assets/desktop/scripts/lightbox.js
IP 3.208.32.228:0
GET /skins/loews/1663681018/assets/desktop/scripts/lightbox.js HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-2365"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70784369-73
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/sprite-2017.svg
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/sprite-2017.svg
IP 3.208.32.228:0
GET /skins/loews/assets/desktop/images/sprite-2017.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
vary: Accept-Encoding
etag: W/"6320592c-79a5"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 71232622-101
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663681018/assets/desktop/images/sprite-2017.svg
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/1663681018/assets/desktop/images/sprite-2017.svg
IP 3.208.32.228:0
GET /skins/loews/1663681018/assets/desktop/images/sprite-2017.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/skins/loews/1663681018/assets/desktop/styles/styles.min.css
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215|PC#c2fdf4166a1d4312a48006d8430a0708.37_0#1726950155; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}; _gcl_au=1.1.576332580.1663705354
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:24 GMT
vary: Accept-Encoding
etag: W/"6320592c-79a5"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 71232622-104
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css
104.16.148.64200 OK 0 B URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.21.0/assets/otCommonStyles.css
IP 104.16.148.64:0
GET /scripttemplates/6.21.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.loewshotels.com/
Origin: https://www.loewshotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: text/css
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
last-modified: Fri, 23 Jul 2021 01:58:50 GMT
x-ms-request-id: fe52e056-501e-00c6-2d45-caa5da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 5390
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74dd4625cc35b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
personalization-engine.hebsdigital.com/iframe.js
52.22.31.151200 OK 0 B URL HTTP/2 personalization-engine.hebsdigital.com/iframe.js
IP 52.22.31.151:0
GET /iframe.js HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://personalization-engine.hebsdigital.com/iframe.html?account=loewshotels
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: application/javascript
server: nginx
last-modified: Fri, 15 Jul 2022 10:15:28 GMT
vary: Accept-Encoding
etag: W/"62d13e40-284d"
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/account/authenticate?callback=jQuery11240014075417179433947_1663705354684&task=authenticate&_=1663705354685
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/account/authenticate?callback=jQuery11240014075417179433947_1663705354684&task=authenticate&_=1663705354685
IP 3.208.32.228:0
GET /account/authenticate?callback=jQuery11240014075417179433947_1663705354684&task=authenticate&_=1663705354685 HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215|PC#c2fdf4166a1d4312a48006d8430a0708.37_0#1726950155; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}; _gcl_au=1.1.576332580.1663705354; OptanonConsent=isGpcEnabled=0&datestamp=Tue+Sep+20+2022+20%3A22%3A35+GMT%2B0000+(Coordinated+Universal+Time)&version=6.21.0&isIABGlobal=false&hosts=&consentId=e4b503cc-4ea1-488a-a312-1f36e8f174cd&interactionCount=0&landingPath=https%3A%2F%2Fwww.loewshotels.com%2Fphiladelphia-hotel&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0; _spe_v=a88c063d-5b77-4456-9562-9c2a7f877469; _spe_s=f699ec99-39e0-4dda-94ff-f10ac3c14841; sa-user-id=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6.nJeSRddBldq9zjj2GVdgWqKM8lWUwvoXa1I1YPrjewE; sa-user-id-v2=s%253A0-8bbb2053-771e-4c92-5c89-b821c0ebe7e6%2524ip%252491.90.42.154.nOwBHRuhEYtQimfkOUMne%252BNYRrDWmCF3Pzf2SCJVbfA; site24x7rumID=598385278696383.1663705352725.1663705352725
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:36 GMT
content-type: application/javascript
server: nginx
vary: Accept-Encoding
x-consent-required: 0
x-hebs-cache-status: miss
set-cookie: CendynCms7=vjmtf91o2hi0lk2ctd38vc8j39nd9joc; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70785341-42
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663681018/assets/desktop/scripts/scripts.min.js
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/1663681018/assets/desktop/scripts/scripts.min.js
IP 3.208.32.228:0
GET /skins/loews/1663681018/assets/desktop/scripts/scripts.min.js HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 20 Sep 2022 13:36:57 GMT
vary: Accept-Encoding
etag: W/"6329c1f9-95d28"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-002
x-trace-id: 71232622-100
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.loewshotels.com/loewshotels.com-2466770763/cms/imagepool/62d5793b4c70e.svg
143.204.55.119200 OK 0 B URL HTTP/2 cdn.loewshotels.com/loewshotels.com-2466770763/cms/imagepool/62d5793b4c70e.svg
IP 143.204.55.119:0
GET /loewshotels.com-2466770763/cms/imagepool/62d5793b4c70e.svg HTTP/1.1
Host: cdn.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Sun, 14 Aug 2022 19:34:11 GMT
cache-control: public, max-age=31536000
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Mon, 18 Jul 2022 15:16:12 GMT
x-amz-version-id: 1c8oJBHJFE9C7Z0bYEaqyysAw26GYI7l
etag: W/"59661369f4563843903a80ea2375aee4"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gTH8XeKrx-w6OxvmTlhsOlznx5WuoK8YHu523pR1YBdXjjF2gzL0Cw==
age: 3199704
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/1663681018/assets/desktop/styles/styles.min.css
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/1663681018/assets/desktop/styles/styles.min.css
IP 3.208.32.228:0
GET /skins/loews/1663681018/assets/desktop/styles/styles.min.css HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: text/css
server: nginx
last-modified: Tue, 20 Sep 2022 13:36:58 GMT
vary: Accept-Encoding
etag: W/"6329c1fa-578e8"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70785341-35
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/images/booking-collection.svg
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/images/booking-collection.svg
IP 3.208.32.228:0
GET /skins/loews/assets/desktop/images/booking-collection.svg HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Cookie: at_check=true; mbox=session#c2fdf4166a1d4312a48006d8430a0708#1663707215; bookingData={"groupCode":null,"rateCode":null,"promoCode":null,"propertyId":"70571","propertyName":"Loews Philadelphia Hotel","checkInDate":null,"checkOutDate":null,"nights":null,"adults":null,"children":null,"bookingValue":null,"currency":null,"email":null,"bookingCode":null,"propertyCode":"LPHL"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: image/svg+xml
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-5ea"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70785341-36
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2
personalization-engine.hebsdigital.com/js/tracker.js
52.22.31.151200 OK 0 B URL HTTP/2 personalization-engine.hebsdigital.com/js/tracker.js
IP 52.22.31.151:0
GET /js/tracker.js HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/javascript
server: nginx
last-modified: Fri, 15 Jul 2022 10:15:12 GMT
vary: Accept-Encoding
etag: W/"62d13e30-575f4"
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
personalization-engine.hebsdigital.com/iframe.html?account=loewshotels
52.22.31.151200 OK 0 B URL HTTP/2 personalization-engine.hebsdigital.com/iframe.html?account=loewshotels
IP 52.22.31.151:0
GET /iframe.html?account=loewshotels HTTP/1.1
Host: personalization-engine.hebsdigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:35 GMT
content-type: text/html
server: nginx
last-modified: Fri, 15 Jul 2022 10:15:29 GMT
vary: Accept-Encoding
etag: W/"62d13e41-468"
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
www.loewshotels.com/skins/loews/assets/desktop/scripts/mp_linkcode.js
3.208.32.228200 OK 0 B URL HTTP/2 www.loewshotels.com/skins/loews/assets/desktop/scripts/mp_linkcode.js
IP 3.208.32.228:0
GET /skins/loews/assets/desktop/scripts/mp_linkcode.js HTTP/1.1
Host: www.loewshotels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.loewshotels.com/philadelphia-hotel
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Sep 2022 20:22:34 GMT
content-type: application/javascript
server: nginx
last-modified: Tue, 13 Sep 2022 10:19:30 GMT
vary: Accept-Encoding
etag: W/"63205932-76d"
expires: Wed, 20 Sep 2023 20:22:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: https://www.loewshotels.com
access-control-allow-methods: GET, POST
x-served-by: loewshotels-com-001
x-trace-id: 70785341-34
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-powered-by: NextGuest CMS
service-worker-allowed: /
content-encoding: gzip
X-Firefox-Spdy: h2