urlscan.io logo urlscan.io
SecurityTrails logo

www.hyatt.com Open in urlscan Pro
92.123.104.29  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.hyatt.com/en-US/group-booking/ORLAN/G-OPEX
Submission: On May 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 92.123.104.29, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.hyatt.com. The Cisco Umbrella rank of the primary domain is 39132.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 18th 2022. Valid for: a year.
This is the only time www.hyatt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 92.123.104.29 20940 (AKAMAI-ASN1)
6 143.204.237.56 16509 (AMAZON-02)
9 2
Apex Domain
Subdomains		 Transfer
6 cdndex.io
reporting.cdndex.io — Cisco Umbrella Rank: 36171
1 KB
3 hyatt.com
www.hyatt.com — Cisco Umbrella Rank: 39132
139 KB
9 2
Domain Requested by
6 reporting.cdndex.io www.hyatt.com
3 www.hyatt.com www.hyatt.com
9 2

This site contains no links.

Subject Issuer Validity Valid
www.hyatt.com
Entrust Certification Authority - L1K		 2022-05-18 -
2023-05-26		 a year crt.sh
reporting.cdndex.io
Amazon RSA 2048 M01		 2023-04-12 -
2024-05-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hyatt.com/en-US/group-booking/ORLAN/G-OPEX
Frame ID: F7C87B045749730F04DB792A8DD2C4C2
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

140 kB
Transfer

355 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request G-OPEX
www.hyatt.com/en-US/group-booking/ORLAN/ 		508 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hyatt.com/en-US/group-booking/ORLAN/G-OPEX
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
92.123.104.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4e9e80de13a4d68c07e115cb466bab0c55702e3338cfe9278446808cac8ae9b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
cipher
TLS_CHACHA20_POLY1305_SHA256
content-encoding
gzip
content-length
397
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 13:53:26 GMT
expires
Mon, 01 May 2023 13:53:26 GMT
p3p
CP="This site does not specify a policy in the P3P header"
pragma
no-cache
source-country
DE
strict-transport-security
max-age=15768000 ; includeSubDomains
vary
Accept-Encoding
x-kpsdk-ct
0de21E890X2RAtCVO0HErIlQg4inTnW5reRpz2bACreFukKOSVmTIHB3TJGJERCmsDDNfAsXvAnXfx7iYX20YuvXgQmRofbBK6fBNw3SOBJsuJOhkEGuWtzyUKmb80UMwJXq0WV0xZ4HQobj1oe5EPszLMTS1tOF
ips.js
www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 		355 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?tkrm_alpekz_s1.3=0de21E890X2RAtCVO0HErIlQg4inTnW5reRpz2bACreFukKOSVmTIHB3TJGJERCmsDDNfAsXvAnXfx7iYX20YuvXgQmRofbBK6fBNw3SOBJsuJOhkEGuWtzyUKmb80UMwJXq0WV0xZ4HQobj1oe5EPszLMTS1tOF
Requested by
Host: www.hyatt.com
URL: https://www.hyatt.com/en-US/group-booking/ORLAN/G-OPEX
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
92.123.104.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b0e3743be4e433943c730ef4daecbc266e964cc687c8d46413bb07fc18de79ac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hyatt.com/en-US/group-booking/ORLAN/G-OPEX
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 13:53:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000 ; includeSubDomains
x-kpsdk-ct
0gDh1Y31K9nPAXjqqjU9GQubKB4dMi47UeFflSkoRjP6xlB7dvff8CrEwS7NU5HFCtIGInXDjjYAVSTkNO4uvms6TWN1d9uXk6MeocrGYJxjKoEK9O4u5sjbelEP9lWHWEEKtvnEVWwUvdkJmNYV5WjQelu1tHtI
source-country
DE
cipher
TLS_CHACHA20_POLY1305_SHA256
vary
Accept-Encoding
p3p
CP="This site does not specify a policy in the P3P header"
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, no-cache
content-length
139023
expires
Mon, 01 May 2023 13:53:26 GMT
error
reporting.cdndex.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://reporting.cdndex.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-56.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hyatt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
content-length
2
content-type
application/json
date
Mon, 01 May 2023 13:53:27 GMT
server
CloudFront
via
1.1 a14ac175c5535de44ce87bfddfa7ddbe.cloudfront.net (CloudFront)
x-amz-cf-id
5UmZxGz3qEY6Mx35mqbTiIzN0Ht80fkLURpUYdPndITZ1K5U8N1Qlg==
x-amz-cf-pop
CPH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
error
reporting.cdndex.io/ 		8 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reporting.cdndex.io/error
Requested by
Host: www.hyatt.com
URL: https://www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?tkrm_alpekz_s1.3=0de21E890X2RAtCVO0HErIlQg4inTnW5reRpz2bACreFukKOSVmTIHB3TJGJERCmsDDNfAsXvAnXfx7iYX20YuvXgQmRofbBK6fBNw3SOBJsuJOhkEGuWtzyUKmb80UMwJXq0WV0xZ4HQobj1oe5EPszLMTS1tOF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-56.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer
https://www.hyatt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 01 May 2023 13:53:27 GMT
via
1.1 a14ac175c5535de44ce87bfddfa7ddbe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CPH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length
8
x-amz-cf-id
t5SyD9tBxrbY0phVdPSPTc4h4Thr3GddixF1PriF33Noj5lwxa7_vw==
tl
www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 		0
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl
Requested by
Host: www.hyatt.com
URL: https://www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?tkrm_alpekz_s1.3=0de21E890X2RAtCVO0HErIlQg4inTnW5reRpz2bACreFukKOSVmTIHB3TJGJERCmsDDNfAsXvAnXfx7iYX20YuvXgQmRofbBK6fBNw3SOBJsuJOhkEGuWtzyUKmb80UMwJXq0WV0xZ4HQobj1oe5EPszLMTS1tOF
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
92.123.104.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-29.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains

Request headers

x-kpsdk-dt
150y19hy0ngw2qx74x61kz3fy4au
Referer
https://www.hyatt.com/en-US/group-booking/ORLAN/G-OPEX
x-kpsdk-ct
0crHdtPX5lABYNRGmmt0Nw5gRW0ZMS5GZtrbMevVnSTvXaOPoRBRWnLcAHV6zuA4sOcTtCBHlvDlwpTRt1FrsjhdfQYg87s1QaRhFr6O5T8qNFSHymGieEVvRv6BPvB7OORt8AY4P3XuHKDdTVTy0DZbuWgn8T6r
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/octet-stream

Response headers

pragma
no-cache
date
Mon, 01 May 2023 13:53:27 GMT
strict-transport-security
max-age=15768000 ; includeSubDomains
x-kpsdk-ct
0gH3GUDPJGkSeTYBDgYlzVtZtVT3NBHdVMkXWX3rQf0qrZU9ZsBffr6vdNLWc0gKFB71pC8nH1saxE8M8hKVBKpt06m6H7jSbre2XH8E8aolilgC4cZ0ZFZgu9u0siirG2EadCtUEm7pTPRlITsv0SYWQhsE5eLr
source-country
DE
cipher
TLS_CHACHA20_POLY1305_SHA256
content-type
text/plain
p3p
CP="This site does not specify a policy in the P3P header"
x-kpsdk-st
1682949207059
cache-control
max-age=0, no-cache
x-kpsdk-cr
false
content-length
0
expires
Mon, 01 May 2023 13:53:27 GMT
error
reporting.cdndex.io/ 		8 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reporting.cdndex.io/error
Requested by
Host: www.hyatt.com
URL: https://www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?tkrm_alpekz_s1.3=0de21E890X2RAtCVO0HErIlQg4inTnW5reRpz2bACreFukKOSVmTIHB3TJGJERCmsDDNfAsXvAnXfx7iYX20YuvXgQmRofbBK6fBNw3SOBJsuJOhkEGuWtzyUKmb80UMwJXq0WV0xZ4HQobj1oe5EPszLMTS1tOF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-56.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer
https://www.hyatt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 01 May 2023 13:53:27 GMT
via
1.1 a14ac175c5535de44ce87bfddfa7ddbe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CPH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length
8
x-amz-cf-id
pEFE0iZS1NUe0A5Qk4_N18_SD3Urk8ZVgmCOhz9WcpjzAgm9sG4Zmg==
error
reporting.cdndex.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://reporting.cdndex.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-56.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hyatt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
content-length
2
content-type
application/json
date
Mon, 01 May 2023 13:53:27 GMT
server
CloudFront
via
1.1 a14ac175c5535de44ce87bfddfa7ddbe.cloudfront.net (CloudFront)
x-amz-cf-id
w5fG--c4x8AgWpgJneSsAmMAUuw5VM959R_-hVbVInTKSKP60hOMPg==
x-amz-cf-pop
CPH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
error
reporting.cdndex.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://reporting.cdndex.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-56.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hyatt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
content-length
2
content-type
application/json
date
Mon, 01 May 2023 13:53:27 GMT
server
CloudFront
via
1.1 a14ac175c5535de44ce87bfddfa7ddbe.cloudfront.net (CloudFront)
x-amz-cf-id
tu-GYHyRXZ9FoeUDDQ0oyzR7k3PL_uFxAzhdCTQ2hkkNJH2WNdrwYg==
x-amz-cf-pop
CPH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
error
reporting.cdndex.io/ 		8 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://reporting.cdndex.io/error
Requested by
Host: www.hyatt.com
URL: https://www.hyatt.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?tkrm_alpekz_s1.3=0de21E890X2RAtCVO0HErIlQg4inTnW5reRpz2bACreFukKOSVmTIHB3TJGJERCmsDDNfAsXvAnXfx7iYX20YuvXgQmRofbBK6fBNw3SOBJsuJOhkEGuWtzyUKmb80UMwJXq0WV0xZ4HQobj1oe5EPszLMTS1tOF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.237.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-237-56.cph50.r.cloudfront.net
Software
CloudFront /
Resource Hash
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer
https://www.hyatt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 01 May 2023 13:53:28 GMT
via
1.1 a14ac175c5535de44ce87bfddfa7ddbe.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CPH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length
8
x-amz-cf-id
aYUIDdoB_ohLQh2-jNfArB3X_Vk4IAQl7dC9fSN8ox0oxE4giWWYlQ==

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| KPSDK

3 Cookies

Domain/Path Name / Value
www.hyatt.com/ Name: source-country
Value: DE
www.hyatt.com/ Name: tkrm_alpekz_s1.3-ssn
Value: 0gH3GUDPJGkSeTYBDgYlzVtZtVT3NBHdVMkXWX3rQf0qrZU9ZsBffr6vdNLWc0gKFB71pC8nH1saxE8M8hKVBKpt06m6H7jSbre2XH8E8aolilgC4cZ0ZFZgu9u0siirG2EadCtUEm7pTPRlITsv0SYWQhsE5eLr
www.hyatt.com/ Name: tkrm_alpekz_s1.3
Value: 0gH3GUDPJGkSeTYBDgYlzVtZtVT3NBHdVMkXWX3rQf0qrZU9ZsBffr6vdNLWc0gKFB71pC8nH1saxE8M8hKVBKpt06m6H7jSbre2XH8E8aolilgC4cZ0ZFZgu9u0siirG2EadCtUEm7pTPRlITsv0SYWQhsE5eLr

1 Console Messages

Source Level URL
Text
network error URL: https://www.hyatt.com/en-US/group-booking/ORLAN/G-OPEX
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains