urlscan.io logo urlscan.io
SecurityTrails logo

www.ebookers.ch Open in urlscan Pro
23.196.235.239  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://resien.ch/
Effective URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.1005...
Submission: On January 24 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 8 domains to perform 45 HTTP transactions. The main IP is 23.196.235.239, located in Düsseldorf, Germany and belongs to AKAMAI-AS, US. The main domain is www.ebookers.ch. The Cisco Umbrella rank of the primary domain is 560514.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 27th 2023. Valid for: a year.
This is the only time www.ebookers.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 85.13.138.41 34788 (NMM-AS D)
3 3 89.207.16.75 41041 (VCLK-EU-SE)
11 23.196.235.239 16625 (AKAMAI-AS)
11 2a02:26f0:170... 20940 (AKAMAI-ASN1)
21 2606:4700:440... 13335 (CLOUDFLAR...)
45 4
3    85.13.138.41 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd17422.kasserver.com
resien.ch
www.reissen.ch
3    89.207.16.75 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
www.jdoqocy.com
cj.dotomi.com
www.emjcd.com
11    23.196.235.239 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-235-239.deploy.static.akamaitechnologies.com
www.ebookers.ch
11    2a02:26f0:1700:392::1994 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.travel-assets.com
21    2606:4700:4400::ac40:9a56 (United States)

ASN13335 (CLOUDFLARENET, US)
expedia-api.arkoselabs.com
Apex Domain
Subdomains		 Transfer
21 arkoselabs.com
expedia-api.arkoselabs.com — Cisco Umbrella Rank: 67825
396 KB
11 travel-assets.com
c.travel-assets.com — Cisco Umbrella Rank: 13741
352 KB
11 ebookers.ch
www.ebookers.ch — Cisco Umbrella Rank: 560514
46 KB
2 resien.ch
resien.ch
626 B
1 emjcd.com
www.emjcd.com — Cisco Umbrella Rank: 10609
960 B
1 dotomi.com
cj.dotomi.com — Cisco Umbrella Rank: 10532
1 KB
1 jdoqocy.com
www.jdoqocy.com — Cisco Umbrella Rank: 63768
580 B
1 reissen.ch
www.reissen.ch
561 B
45 8
Domain Requested by
21 expedia-api.arkoselabs.com c.travel-assets.com
expedia-api.arkoselabs.com
11 c.travel-assets.com www.ebookers.ch
11 www.ebookers.ch www.reissen.ch
www.ebookers.ch
c.travel-assets.com
2 resien.ch 1 redirects
1 www.emjcd.com 1 redirects
1 cj.dotomi.com 1 redirects
1 www.jdoqocy.com 1 redirects
1 www.reissen.ch resien.ch
45 8

This site contains no links.

Subject Issuer Validity Valid
www.ebookers.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-27 -
2024-04-27		 a year crt.sh
www.expedia.com
GeoTrust RSA CA 2018		 2023-06-24 -
2024-06-26		 a year crt.sh
arkoselabs.com
Cloudflare Inc ECC CA-3		 2023-08-23 -
2024-08-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Frame ID: 70E4C7D54BE431299E682629E8023313
Requests: 25 HTTP requests in this frame

Frame: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html
Frame ID: 894B7D218F65E5E37EF945D66DDFEFBA
Requests: 6 HTTP requests in this frame

Frame: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/index.html?session=67417ad3450698768.2748070605&r=eu-west-1&meta=3&metabgclr=%23ffffff&metaiconclr=%23757575&guitextcolor=%23000000&lang=de&pk=33C384C0-7DE5-4243-80DB-2C5E35802C15&at=40&ag=101&cdn_url=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fexpedia-api.arkoselabs.com&smurl=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager&theme=default
Frame ID: 26ABBE9F475FFDF37EC4C8C2E3D3B792
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bot oder Mensch?

Page URL History Show full URLs

  1. https://resien.ch/ HTTP 301
    http://resien.ch/ Page URL
  2. http://www.reissen.ch/ebsite.htm Page URL
  3. https://www.jdoqocy.com/click-100520107-14556373 HTTP 302
    https://cj.dotomi.com/s265r098R/07C/QTUUVSWS/QPPURPQPW/P/P/P?v=l%3c%3cs4403%3A%2F%2F777.uoz1zn9.nz... HTTP 302
    https://www.emjcd.com/im65y1A9U/18D/RUVVWTXT/RQQVSQRQX/Q/UQQRQVVVWZUTQUQXXV:LpmiXQB6dR7U/4V3XRT-10... HTTP 302
    https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKER... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns

Page Statistics

45
Requests

96 %
HTTPS

40 %
IPv6

8
Domains

8
Subdomains

4
IPs

3
Countries

795 kB
Transfer

2564 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://resien.ch/ HTTP 301
    http://resien.ch/ Page URL
  2. http://www.reissen.ch/ebsite.htm Page URL
  3. https://www.jdoqocy.com/click-100520107-14556373 HTTP 302
    https://cj.dotomi.com/s265r098R/07C/QTUUVSWS/QPPURPQPW/P/P/P?v=l%3c%3cs4403%3A%2F%2F777.uoz1zn9.nzx%2Fnwtnv-CBBGDBCBI-CFGGHEIE%3c%3cR%3cs440%3A%2F%2F777.2pt33py.ns%2F%3c%3cC%3cC%3cB%3cB%3c HTTP 302
    https://www.emjcd.com/im65y1A9U/18D/RUVVWTXT/RQQVSQRQX/Q/UQQRQVVVWZUTQUQXXV:LpmiXQB6dR7U/4V3XRT-10-YQRR33YT3SQQRXQ-RY0Y40?k=o%3cx49!I3PO-M6MS3IF%3c2EEAD%3A%2F%2FHHH.4y9B9xJ.x97%2Fx63x5-MLLQNLMLS-MPQQROSO%3c%3cb%3c2EEA%3A%2F%2FHHH.Cz3DDz8.x2%2F%3cOxwLLMTT-LPLR-PNN0-T0OL-wMxvRNTTLzUU%3cM%3cM%3cL%3cL%3c HTTP 302
    https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://resien.ch/ HTTP 301
  • http://resien.ch/

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
resien.ch/
Redirect Chain
  • https://resien.ch/
  • http://resien.ch/
334 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
http://resien.ch/
Protocol
HTTP/1.1
Server
85.13.138.41 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd17422.kasserver.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
177
Content-Type
text/html
Date
Wed, 24 Jan 2024 06:22:33 GMT
ETag
"14e-54a3e2e058cfd-gzip"
Keep-Alive
timeout=2, max=1000
Last-Modified
Wed, 08 Mar 2017 20:43:24 GMT
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent

Redirect headers

content-length
225
content-type
text/html; charset=iso-8859-1
date
Wed, 24 Jan 2024 06:22:33 GMT
location
http://resien.ch/
server
Apache
ebsite.htm
www.reissen.ch/ 		398 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.reissen.ch/ebsite.htm
Requested by
Host: resien.ch
URL: http://resien.ch/
Protocol
HTTP/1.1
Server
85.13.138.41 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd17422.kasserver.com
Software
Apache /
Resource Hash

Request headers

Referer
http://resien.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
202
Content-Type
text/html
Date
Wed, 24 Jan 2024 06:22:33 GMT
ETag
"18e-5d00dbb54bd0e-gzip"
Keep-Alive
timeout=2, max=1000
Last-Modified
Fri, 05 Nov 2021 17:11:19 GMT
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent
Primary Request /
www.ebookers.ch/
Redirect Chain
  • https://www.jdoqocy.com/click-100520107-14556373
  • https://cj.dotomi.com/s265r098R/07C/QTUUVSWS/QPPURPQPW/P/P/P?v=l%3c%3cs4403%3A%2F%2F777.uoz1zn9.nzx%2Fnwtnv-CBBGDBCBI-CFGGHEIE%3c%3cR%3cs440%3A%2F%2F777.2pt33py.ns%2F%3c%3cC%3cC%3cB%3cB%3c
  • https://www.emjcd.com/im65y1A9U/18D/RUVVWTXT/RQQVSQRQX/Q/UQQRQVVVWZUTQUQXXV:LpmiXQB6dR7U/4V3XRT-10-YQRR33YT3SQQRXQ-RY0Y40?k=o%3cx49!I3PO-M6MS3IF%3c2EEAD%3A%2F%2FHHH.4y9B9xJ.x97%2Fx63x5-MLLQNLMLS-MP...
  • https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
208 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Requested by
Host: www.reissen.ch
URL: http://www.reissen.ch/ebsite.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
4b54a3af79aae7ba6368172957253423376097a64169f9ee584e768216dbec8f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
http://www.reissen.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-language
de-CH
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:22:34 GMT
server
istio-envoy
strict-transport-security
max-age=7776000; includeSubDomains;
trace-id
36b84d66-8bd7-4c58-a93a-4bbe89eaff7f
vary
accept-encoding
x-app-info
captcha-pwa,bd4f6f69cdcbf2928d8ee3b64b728be6e58d8ca9
x-b3-traceid
36b84d668bd74c58a93a4bbe89eaff7f
x-cgp-info
noJvmRouteSet;f619302d-ba80-11ee-a98d-0242c251f3a9
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
11
x-frame-options
SAMEORIGIN
x-page-id
arkose-challenge
x-permitted-cross-domain-policies
none
x-xss-protection
1

Redirect headers

Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
385
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Jan 2024 06:22:34 GMT
Expires
Wed, 24 Jan 2024 06:22:34 GMT
Location
https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Pragma
no-cache
Server
Resin/4.0.66
X-VC-HTTPS
On
logo.svg
www.ebookers.ch/_dms/header/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebookers.ch/_dms/header/logo.svg?locale=de_CH&siteid=undefined
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c11908b7e7f4095bd9f6435f1b2856834e24b805fd36cb73f410e00dac0d71ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=7776000; includeSubDomains;
x-b3-traceid
7d79168f4d7e4d2d845481aa9f71f1ee
date
Wed, 24 Jan 2024 06:22:34 GMT
x-envoy-upstream-service-time
4
x-cgp-info
noJvmRouteSet;2e9ec49c-a569-11ee-88f1-0242318d2e68
content-length
1222
x-xss-protection
1
last-modified
Thu, 28 Dec 2023 10:09:27 GMT
server
Akamai Resource Optimizer
etag
"59b8fe3f0aebeba915d7995b2c1eac1f108df24e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=604800 s-maxage=604800
trace-id
7d79168f-4d7e-4d2d-8454-81aa9f71f1ee
challenge.initial.styles
www.ebookers.ch/cgp/simple/ 		0
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ebookers.ch/cgp/simple/challenge.initial.styles
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
38724d2adaf3493dbef3db78aa40f7fb
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
x-cgp-info
noJvmRouteSet;f635e01b-ba80-11ee-b201-024268a1765b
trace-id
38724d2a-daf3-493d-bef3-db78aa40f7fb
x-xss-protection
1
challenge.dynamic.styles
www.ebookers.ch/cgp/simple/ 		0
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ebookers.ch/cgp/simple/challenge.dynamic.styles
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
c372f075f4d34c34b07dfbb1fd8f7b7c
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
x-cgp-info
noJvmRouteSet;f635e01f-ba80-11ee-9711-024201bad4d4
trace-id
c372f075-f4d3-4c34-b07d-fbb1fd8f7b7c
x-xss-protection
1
de_CH.fa279352dcd02447e007.js
c.travel-assets.com/captcha-pwa/l10nBundle/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/l10nBundle/de_CH.fa279352dcd02447e007.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b2ba20cc51e34fc59e0e121f22687291af155fa8eb1d084489b525a61c86f66

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
IytMchkz05q131h7E9ln5.PbCMdycjBW
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 23:48:04 GMT
server
AmazonS3
x-amz-request-id
8FGARCDHH1A96EVK
etag
"e1a6d79c493dcfba2b5b30220ec0c31b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=137306
accept-ranges
bytes
content-length
9659
x-amz-id-2
ozcK4A2TI+PjHF8Y8SDGmxBeDwxRolkj8Wgsz4lJxNug4kWVdKtYAnV9h3wDC4dezp7z8kasYp8=
x-client-ipv6
true
bernie.e3337b248db3c83f6767.js
c.travel-assets.com/captcha-pwa/ 		129 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/bernie.e3337b248db3c83f6767.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77e9c2c22f2284fef863623b3fc265b987517453e2c5defdb73fed3d5be40e8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
AMAUNKCwdu7oldf7gAzGnh_OMo7I_nX9
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Fri, 19 Jan 2024 18:27:02 GMT
server
AmazonS3
x-amz-request-id
P9CBC1RKQYAFPDBR
etag
"fae929997230468f8dff075c0f99d894"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=825075
accept-ranges
bytes
content-length
27278
x-amz-id-2
8zXJf9Bv3yd0Zgi20b/W1P6NbF6S6s9Kc43AzxwDzY82vLotcg+TCUQMgOmcv7z0eEidgfMJ0XM=
x-client-ipv6
true
core.64f8215b4681aa119edb.js
c.travel-assets.com/captcha-pwa/ 		186 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/core.64f8215b4681aa119edb.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8954c977d5dfcb2838c736fe6287eabd9e0d8e0dad4896cedc2b1ecadc830b30

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
14TgbTbUQzVl3gADBrY8Qy1zoHugdz0l
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 16:48:30 GMT
server
AmazonS3
x-amz-request-id
TBC3X822HQ9X9ABA
etag
"472579423cdc3b2e60dc868d1a7e1c35"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=435905
accept-ranges
bytes
content-length
59157
x-amz-id-2
BP+wuAhLFBOBIbmz5uH+Hq/wTylgu+JnRBYjlraMUHmuQRogFM2dUw06h/Xp4TVT0q4915Yda10=
x-client-ipv6
true
graphql.befb84e8f25f2c9a82bb.js
c.travel-assets.com/captcha-pwa/ 		179 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/graphql.befb84e8f25f2c9a82bb.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d233a2cb56bb3cdcc2fa87581b64adc161a9f3e54f6a1042f4d039142d3de8c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
EUzVagugXVzwS1xXGEpIwOJYKpAg5Qac
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 16:48:30 GMT
server
AmazonS3
x-amz-request-id
TBC3ZFW52GBM7439
etag
"1627bb0e39c974e91177e14bb6be1bc7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=435717
accept-ranges
bytes
content-length
51138
x-amz-id-2
H+a8PDJTjweFaynbvEZTShB1cLVsMW4GxzNj1ikJZI1Cqr/S2LQSUjDW66E/FIdu3mJNKqykAUI=
x-client-ipv6
true
pap.47e986c6df1b0ea6d7c6.js
c.travel-assets.com/captcha-pwa/ 		216 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/pap.47e986c6df1b0ea6d7c6.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dba88bfd246a7932de312847fd129688160a991ab82175aee752422cd1ab0f9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
vUzK_cd3TeKhUfqG8Fikc97ffU9vmwyp
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 23:48:05 GMT
server
AmazonS3
x-amz-request-id
BG31481EQ7VCZ7SM
etag
"268246599cc57bb8fc9dee87573836dc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=530434
accept-ranges
bytes
content-length
65617
x-amz-id-2
h9mnv1o5FL3muX6EOodKq4QMsnwj1Oaa9DAHrlN6AjnCuuMR4HzfkhNgTfz5l5x+vN/rr7BqwoE=
x-client-ipv6
true
shared-ui.3c21b36b6de9ef81ed2f.js
c.travel-assets.com/captcha-pwa/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/shared-ui.3c21b36b6de9ef81ed2f.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5135053a83b4edd50e0046bf433ecfb5d6597e702140f03d8a3205f75eeff5d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
e0sthZf24rAKSQp4kUGjRH3adnnqBQJu
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 16:48:31 GMT
server
AmazonS3
x-amz-request-id
VSQTFR4N60V11X2N
etag
"baaf212d1380415347b6efd718f2a073"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=435724
accept-ranges
bytes
content-length
5638
x-amz-id-2
hNvTXWtKENyTjkmRLmj8tSOHNrRjXqP3FCA58NFGCD5WCmJIpBOA9K1KG+H2k35lpoiKFCMx2P8=
x-client-ipv6
true
vendor.5c0ad4b0ee01ea60c5cc.js
c.travel-assets.com/captcha-pwa/ 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/vendor.5c0ad4b0ee01ea60c5cc.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14044b17cfa4980c10b832e7d76bf9725682e8ab78e7eed11b38a454317ad8fd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
a_gh7gy_V_7RW7CwTQjWCuMRWyJ4URHv
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 23:48:05 GMT
server
AmazonS3
x-amz-request-id
BG3BN1CHKQTP2RZM
etag
"d9f059dad6834f4e0c70215757c95b06"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=530397
accept-ranges
bytes
content-length
68559
x-amz-id-2
ggCSOoA4TUTiECaqgP3x1+E+JVbhTrwMXRhcBHYE+j/W7QjT3nsSlOFs1uRcrN3dJ5WjrQJT4wc=
x-client-ipv6
true
app.e4fedd91b1735330f65f.js
c.travel-assets.com/captcha-pwa/ 		45 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/app.e4fedd91b1735330f65f.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24c55579ace8c50bc6089dc53e5718a17f6e21a89b23ec0a0d55d4000f03b40e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
lJdyDg4sNDmf765z1pN4hfvuSbAGTj1B
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Fri, 19 Jan 2024 18:27:02 GMT
server
AmazonS3
x-amz-request-id
M86DZGVHJ2XA99QD
etag
"0813e4f01ad54c566d462a2dcaf90f81"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=825098
accept-ranges
bytes
content-length
8477
x-amz-id-2
yWhjjrOUkXRbp8utfqWYTEGavfwnJUsoGioyWVHVmwa2GHzFDLsUj5Z79ptGqtCI9GT9VaLCnSY=
x-client-ipv6
true
brand-10198111111107101114115.580db9de2f7373b703df.js
c.travel-assets.com/captcha-pwa/ 		134 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/brand-10198111111107101114115.580db9de2f7373b703df.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0107a1b760060fbef578110800b88f3c204e1c1e1acc2171c09fdc12b4f7d4b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KmeUh3NLsi_b6ds4_Rdisith5kXaHfaL
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 16:48:30 GMT
server
AmazonS3
x-amz-request-id
K4D3FWQY2FBZGN58
etag
"b171b86e79a743a13c53ece1fe492115"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=437229
accept-ranges
bytes
content-length
44004
x-amz-id-2
qb5/WOuf/6iivp36agwDgvNOt+z0fMUz8LytNl3Fzdm7xj/YPLJFtJIR4Kyp7qIPAZuSdHRABBg=
x-client-ipv6
true
2x2.gif
www.ebookers.ch/cl/ 		42 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-24T06%3A22%3A34.603Z&pageName=captcha-pwa&message=&appId=captcha-pwa&locale=de_CH&guid=25ff9b44-568f-482f-9652-caf8bdc06533&visitid=25ff9b44-568f-482f-9652-caf8bdc06533_1706077354603&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DANALYTICS_ENTRY)&label=bernie.client.analytics-entry&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3Df5e713acba8011ee83e200170a18b8fb%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
3a88da3a905a4a16b537e64c6ee3b41d
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=UTF-8
cache-control
no-cache, no-store
x-cgp-info
noJvmRouteSet;f654b2b9-ba80-11ee-bb03-0242d4ad04ee
trace-id
3a88da3a-905a-4a16-b537-e64c6ee3b41d
x-app-info
collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length
42
x-xss-protection
1
2x2.gif
www.ebookers.ch/cl/ 		42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-24T06%3A22%3A34.636Z&pageName=captcha-pwa&pageHydrated=1080.3000001907349&appId=captcha-pwa&locale=de_CH&guid=25ff9b44-568f-482f-9652-caf8bdc06533&visitid=25ff9b44-568f-482f-9652-caf8bdc06533_1706077354603&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DAPP_HYDRATION_START)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3Df5e713acba8011ee83e200170a18b8fb%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
797e43f37230473980ff4d4c1e766d3b
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=UTF-8
cache-control
no-cache, no-store
x-cgp-info
noJvmRouteSet;f65ca22a-ba80-11ee-a3fa-02424268b02c
trace-id
797e43f3-7230-4739-80ff-4d4c1e766d3b
x-app-info
collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length
42
x-xss-protection
1
2x2.gif
www.ebookers.ch/cl/ 		42 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-24T06%3A22%3A34.641Z&pageName=captcha-pwa&message=Empty%20analytics%20data%20from%20hydration%20(%27publishClientSidePayload%27%20may%20have%20not%20been%20called%20during%20SSR)&appId=captcha-pwa&locale=de_CH&guid=25ff9b44-568f-482f-9652-caf8bdc06533&visitid=25ff9b44-568f-482f-9652-caf8bdc06533_1706077354603&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DWARN%20name%3DNO_ANALYTICS_DATA_WARN)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3Df5e713acba8011ee83e200170a18b8fb%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
798f00bb4c3648459ac995e1ffda54a6
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=UTF-8
cache-control
no-cache, no-store
x-cgp-info
noJvmRouteSet;f65e76ca-ba80-11ee-bb03-0242d4ad04ee
trace-id
798f00bb-4c36-4845-9ac9-95e1ffda54a6
x-app-info
collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length
42
x-xss-protection
1
uitk.f62144cdb147f1081f79.js
c.travel-assets.com/captcha-pwa/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/uitk.f62144cdb147f1081f79.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04f00125cb2e03a3431cace66ec287f21224457380830e073caea9d94682b6c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
sNy9ki.lBUrSq_P1VoWB3BzJr8xXwW3F
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 23:48:05 GMT
server
AmazonS3
x-amz-request-id
BG31RHY40H0P71MT
etag
"17df865cf7ff96fc2528485d2a3863fd"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=530446
accept-ranges
bytes
content-length
6673
x-amz-id-2
vBlHP4HYvUtcIdRuxnPzEnRTOKu8BKdoTRE7TkVN0Bu7GhfvPETulGC7ev0Mf+VpvzUJdeIQPLLCDPu+EJiYiwKTGgTHXxmPmhEtFuV3Njk=
x-client-ipv6
true
captcha-challenge.18766651becc82a053fc.js
c.travel-assets.com/captcha-pwa/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.travel-assets.com/captcha-pwa/captcha-challenge.18766651becc82a053fc.js
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:392::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e673624b389098fcb49ad432c888b7b9e12c001055225ec6744f2d585b496e06

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
6Lj118oOCKdYbOnvIDIDMGJpZmiojGAA
content-encoding
gzip
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Tue, 02 Jan 2024 23:48:03 GMT
server
AmazonS3
x-amz-request-id
BG35JV560GWX3Q9P
etag
"b93760f5b1ec0bf20b748a9b54b4e175"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=530564
accept-ranges
bytes
content-length
9587
x-amz-id-2
U6tRIMfIEV7ZgGDAddOQO7KaJwOP6/sXDI/ZGkDsm1bwabG/qorsRTtDWzQ7u5zrrhuG4/tsE1Y=
x-client-ipv6
true
1x1.gif
www.ebookers.ch/cl/ 		0
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebookers.ch/cl/1x1.gif?action=logTrxEvent&logTime=2024-01-24T06%3A22%3A34.654Z&pageName=captcha-pwa&message=page%20loaded&pageUsable=1098.1&ttfb=262&dns=0&tcp=47&appId=captcha-pwa&locale=de_CH&guid=25ff9b44-568f-482f-9652-caf8bdc06533&visitid=25ff9b44-568f-482f-9652-caf8bdc06533_1706077354603&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&label=bernie.client.analytics-entry&bernie.client.analytics-entry_elapsedTime=52
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
e96f9d9c996c419e8a973f611ceab8da
x-frame-options
SAMEORIGIN
content-type
text/html;charset=UTF-8
cache-control
no-cache, no-store
x-cgp-info
noJvmRouteSet;f65ec4f8-ba80-11ee-a6d2-024247157d51
trace-id
e96f9d9c-996c-419e-8a97-3f611ceab8da
x-app-info
collector-web,74af81d68edb42341062d860c9e7c2af56363540
x-xss-protection
1
2x2.gif
www.ebookers.ch/cl/ 		42 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-24T06%3A22%3A34.716Z&pageName=captcha-pwa&time=79.80000019073486&appId=captcha-pwa&locale=de_CH&guid=25ff9b44-568f-482f-9652-caf8bdc06533&visitid=25ff9b44-568f-482f-9652-caf8bdc06533_1706077354603&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DAPP_HYDRATION_COMPLETE)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3Df5e713acba8011ee83e200170a18b8fb%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
3a71f8ed219d436da99fbdb300194966
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=UTF-8
cache-control
no-cache, no-store
x-cgp-info
noJvmRouteSet;f668afd2-ba80-11ee-b2ad-024244352d38
trace-id
3a71f8ed-219d-436d-a99f-bdb300194966
x-app-info
collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length
42
x-xss-protection
1
challenge.hydrated.styles
www.ebookers.ch/cgp/simple/ 		0
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ebookers.ch/cgp/simple/challenge.hydrated.styles
Requested by
Host: c.travel-assets.com
URL: https://c.travel-assets.com/captcha-pwa/core.64f8215b4681aa119edb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
c338caaf541d4ff1b1575d000d2ccad7
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
x-cgp-info
noJvmRouteSet;f6679e14-ba80-11ee-83db-024247f04928
trace-id
c338caaf-541d-4ff1-b157-5d000d2ccad7
x-xss-protection
1
api.js
expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/api.js
Requested by
Host: c.travel-assets.com
URL: https://c.travel-assets.com/captcha-pwa/captcha-challenge.18766651becc82a053fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcc6798334cec59b663b423df9e1999aa5838107e69b337faede40b8be91cbe4
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
611440
x-amz-request-id
TQGGMAT9Q9GNTNKF
x-amz-server-side-encryption
AES256
cache-tag
33C384C0-7DE5-4243-80DB-2C5E35802C15,client-api
capi-worker-type
universal
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9Ri8X0ygfdJU1CFsDhUl3wPhUJRBlMnXUygiXnY+tsZDzoRcK2/rYDn8NAhgbJx2nwDLkhXON414qzGqxo0FWA==
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Jan 2024 01:34:15 GMT
server
cloudflare
etag
W/"4213ba069e301b5c56604d480e0d14ec"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=31536000
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray
84a62ecb6fdb5d3d-FRA
cf-request-time
18
1x1.gif
www.ebookers.ch/cl/ 		0
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ebookers.ch/cl/1x1.gif?action=logTrxEvent&logTime=2024-01-24T06%3A22%3A34.717Z&pageName=captcha-pwa&hydration=1155&appId=captcha-pwa&locale=de_CH&guid=25ff9b44-568f-482f-9652-caf8bdc06533&visitid=25ff9b44-568f-482f-9652-caf8bdc06533_1706077354603&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&label=Application&Application_elapsedTime=115
Requested by
Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.235.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-235-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=7776000; includeSubDomains;
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Wed, 24 Jan 2024 06:22:34 GMT
x-b3-traceid
b1475458a4e24d3992a046a29780571e
x-frame-options
SAMEORIGIN
content-type
text/html;charset=UTF-8
cache-control
no-cache, no-store
x-cgp-info
noJvmRouteSet;f668d6d5-ba80-11ee-9529-024253ee0ff6
trace-id
b1475458-a4e2-4d39-92a0-46a29780571e
x-app-info
collector-web,74af81d68edb42341062d860c9e7c2af56363540
x-xss-protection
1
enforcement.c70df15cb97792b18c2f4978b68954a0.html
expedia-api.arkoselabs.com/v2/2.3.4/ Frame 894B 		903 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2da84ffbcaec3e24a1c2480b87107978c3577251b746df3b8ad4851bd4167a00
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ebookers.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

access-control-allow-origin
*
age
611440
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000, immutable
cache-tag
keyless,client-api
capi-worker-type
universal
cf-cache-status
HIT
cf-ray
84a62ecbc81a5d3d-FRA
cf-request-time
10
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 06:22:34 GMT
last-modified
Wed, 17 Jan 2024 01:34:15 GMT
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-amz-id-2
YYKjLA0stbuUoRAr3YLGzkMgCor7nT85AGSqEeaIC5WN1nIez7d6FYp9KQdfUwR/7Z4EZsFz2fz4bFnqGGo7Lw==
x-amz-request-id
A60C6QJM7ZBVMR39
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
x-xss-protection
1; mode=block
enforcement.c70df15cb97792b18c2f4978b68954a0.js
expedia-api.arkoselabs.com/v2/2.3.4/ Frame 894B 		227 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1289e1b8d38e339b6c36df1f5a12789c18610f0d10d7cc57a6dc3cdb36317ef
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Origin
https://expedia-api.arkoselabs.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
611485
x-amz-request-id
RF20GBFPP9YTW54R
x-amz-server-side-encryption
AES256
cache-tag
keyless,client-api
capi-worker-type
universal
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ixCalPC+oYrIBTc1j/zQjWA7hk8cHXSD2/2ROv1NnUqt5hGpNo0d0NK1zPbdA6E00SREdoI1c/s=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Jan 2024 01:34:16 GMT
server
cloudflare
etag
W/"4d987b2fe4f1a56f13aff81452f16351"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray
84a62ecc18d539da-FRA
cf-request-time
8
settings
expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/ Frame 894B 		330 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/settings
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f3aee0c1e1d2934aacd279a8728314124d01d861f489ae9c3396a1a775fe35
Security Headers
Name Value
Content-Security-Policy connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age
611485
x-amz-request-id
FC8PW3H486SKNQDW
cache-tag
33C384C0-7DE5-4243-80DB-2C5E35802C15,client-api
capi-worker-type
universal
alt-svc
h3=":443"; ma=86400
x-amz-id-2
4XdLTjSoNDIEkx9Y/nCB0ByoTYlaHDzlHyrc7oj07Q1dMmcvSmF+xmgGAW2sJR7gfCJ1Q7gYi/w=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 17 Jan 2024 04:31:10 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=31536000
permissions-policy
accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray
84a62eccc95439da-FRA
cf-request-time
7
33C384C0-7DE5-4243-80DB-2C5E35802C15
expedia-api.arkoselabs.com/fc/gt2/public_key/ Frame 894B 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/gt2/public_key/33C384C0-7DE5-4243-80DB-2C5E35802C15
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22663cc57af5390946c61cbf5c91051481a15a4435169c1f88166e783a90ff2d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy
default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time
100
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
hackers
www.arkoselabs.com/whitehat/
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
sregion
eu-west-1
cf-ray
84a62ecd198739da-FRA
version
2.0
sri.json
expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/ Frame 894B 		100 B
515 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/sri.json
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3825c3d05c8348aa7d05587ace241c852e79676c5c82ea7bba30a2a0f6098982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
UQZS4NTR0fGWjCl99J4ejxr20T3_wAUS
age
1333
x-amz-request-id
RT54VG9WS4AH2KM2
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
38F4kGxWbJ99l9Tnn7KHBVPl8WUlOKf7BNtNLM+sOMT8B3ADYVmelvSGgvwXsJ6nCZZ9qvK3OMM=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 04:58:23 GMT
server
cloudflare
etag
W/"9c6ca1cacd44daecaeb8bff3d5754921"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
84a62ece3a7d39da-FRA
game_core_bootstrap.js
expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/ Frame 894B 		71 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/game_core_bootstrap.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b281f8bca3c56d13107823aa7aaaa36a7522e7082a69acdadeae7a661f6487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Origin
https://expedia-api.arkoselabs.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
IKmN_h0YBHaBGU3pi390b1C18ceRuUZx
age
1332
x-amz-request-id
RT547E8MFHB0XHYV
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SWdRVH8qLIFtnscTU98rn+ZWp9qQ5Rgh2xzmlVAh49f3qCAp+0UnjKu7VIJm9jNypN0VSSyxLd4=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 04:58:24 GMT
server
cloudflare
etag
W/"185644784fe794ad83b41be9a6ff6444"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ece7ab239da-FRA
index.html
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/index.html?session=67417ad3450698768.2748070605&r=eu-west-1&meta=3&metabgclr=%23ffffff&metaiconclr=%23757575&guitextcolor=%23000000&lang=de&pk=33C384C0-7DE5-4243-80DB-2C5E35802C15&at=40&ag=101&cdn_url=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fexpedia-api.arkoselabs.com&smurl=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager&theme=default
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/game_core_bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2896cea6e091730fad8142671c673272b7d30954a7c76d5be7d7cf4e144ead0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9
referer
https://www.google.com/

Response headers

access-control-allow-origin
*
age
645
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
84a62ecebb2139da-FRA
content-encoding
br
content-type
text/html
date
Wed, 24 Jan 2024 06:22:35 GMT
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-amz-id-2
WKBWMii6hdIqkIFPOy+tblO5DPev3uW+pfl4CevlOGHZGmIcog3f44ypavylDAsLo2Rv4OVD3mc=
x-amz-request-id
RT57RBFTW1FY2V0N
x-amz-server-side-encryption
AES256
x-amz-version-id
N_KOFU8o9ZkjPV.fX1ckCP8e33yoWoTo
x-content-type-options
nosniff
x-xss-protection
1; mode=block
main.8f1960876776c2884786.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/index.html?session=67417ad3450698768.2748070605&r=eu-west-1&meta=3&metabgclr=%23ffffff&metaiconclr=%23757575&guitextcolor=%23000000&lang=de&pk=33C384C0-7DE5-4243-80DB-2C5E35802C15&at=40&ag=101&cdn_url=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fexpedia-api.arkoselabs.com&smurl=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager&theme=default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406bd80fec4451332267035a2159405872af5f136b7175211db526974c8f4cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
CecmWD2M1VDR2Q.SStxdIpSu8eAnm_Vb
age
1308
x-amz-request-id
F3FM50F9XNQNPC9C
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
5AOga2UJIYVa5YoJJxaT1i7v562hVlLrtOq5nXOQ1ketDdsgPoeguRKQNlrLCHWqW7T6nSSxw6k=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
server
cloudflare
etag
W/"1d87fd3a3b747f55f679011827573388"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ecf0b8139da-FRA
lib.chunk.9d5074c338f79881f2f4.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd106d1d10d230e167e33658e3ad320d44343ad3bd79526fd1d21cef811779a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
ANUo7fQdGjOGhhxZjxx7xxMxpFCQF50i
age
1286
x-amz-request-id
F3FVWB4MTPE5490R
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uyDQFiBLMdE3l8FFRi6nMNleVwoHklCjVfg+RrFQnIeTHWFPDDz/IIzcq8HvQczq7BMndiAEZ5c=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
server
cloudflare
etag
W/"e8392a705abe187ad088461627ffff36"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ecf4baa39da-FRA
532.vendors.1ed3858060ea568b3ffc.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		268 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/532.vendors.1ed3858060ea568b3ffc.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efeaeeeb2056f7f27c81a8ea0c1fbc74926edc38b0b43e559e25abfc4aa5d942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
CMvx3oKwVH1VbBkQwrZkZ3VLyqDaTaEK
age
1300
x-amz-request-id
F3FJVGYYVEGGRG6Z
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
TyAgz+kdhQE5Ap9ueYMNmmD/YHcgiUGhZMffbG1i1d4fHq9qBsI6srI7gk7Ns0D2cAPt/Uk31uH8Z+3Hbymh1A==
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
server
cloudflare
etag
W/"d7928d04c33892b20455490d99942094"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ecf4bab39da-FRA
378.chunk.79eadb757cd4e99357c7.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/378.chunk.79eadb757cd4e99357c7.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2818c86993b6d4ae124cef7813adcd61b48fd53dde3a9b8e8419c3c0e34e4215
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
HWb7np127SzWbhoSY.anHplhfLikOrzC
age
1298
x-amz-request-id
F3FS4VR4AJ1VPM3Y
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
l6TqcIows7h24bVBQYtAvtCRnyUQWw3QIAAotsXMqh9UuwXruIl5ihFiiJlJSFThMcr6Joklveg=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
server
cloudflare
etag
W/"5cd1357fa0efad36ed89391fb466805d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ecf4bac39da-FRA
542.vendors.abe0e64e95582406fe38.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		121 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/542.vendors.abe0e64e95582406fe38.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db05a8f83715de0ef7d87feb02c65bbbebb4870c7855f7911d4decd5e9188022
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
zwd7tpOi73RRI7NW_3rtvFM48_0KrDQO
age
1290
x-amz-request-id
F3FH92NTZ8GPFK90
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
n0t56qjdiSoNra2yoEfV2jL6PLiHB3HQY4AuxpWlW7sOhzl4OwCtNBrjjsFsS7MrLQn8uZN94T9ja3fppX53SA==
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
server
cloudflare
etag
W/"dbc6d0247b75da98430e62f27fb07e9f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ecf4bad39da-FRA
924.vendors.ea33e7ebaefd19354536.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/924.vendors.ea33e7ebaefd19354536.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858807237d92917430f4a0e45f721313b473b01016520ac5fa1da09b74cfec95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
r29uqbnXHyvxHlVEcZn2Ze08iDUuM3Fq
age
1288
x-amz-request-id
F3FW3BVG0B5B1E45
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
OrTyR2lNFg67xO2uoBe5cXR33yUzZFFSygs+pOBOCfnor7oCWLq6illxFU/kFW5LmqkwehVDtmw=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
server
cloudflare
etag
W/"dc449a28528f5124f7844a97bd3e3913"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ecf4bb539da-FRA
406.chunk.e43483a2d1aaeec0b80d.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame 26AB 		239 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/406.chunk.e43483a2d1aaeec0b80d.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b373a2686afc1e6d319403886f7e3798669abdd67dce1bee1eb5a068bc1c1433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
7zaDc2LzP4xnl7LHSxrZ_cH_btJzcjK8
age
6752
x-amz-request-id
F3FXJ1E1FTN9BSJZ
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Y2F459NJaZObupb/qqCnnU8aMGHb4II+AoLFX9Ugj8Lww0QP0NQk6gJooipK8aDSsMFCv61o5yOrK71h9L28jQiztHSH0MsQ8e91dNIAmfQ=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 05:00:37 GMT
server
cloudflare
etag
W/"092a65eb6be44557eafd0d2c24806039"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ecf4bb639da-FRA
/
expedia-api.arkoselabs.com/fc/gc/ Frame 26AB 		3 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/gc/?token=67417ad3450698768.2748070605
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/532.vendors.1ed3858060ea568b3ffc.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-65b0acab89d1d743085264' ; style-src 'self' 'nonce-65b0acab89d1d743085264'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.google.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy
default-src 'self'; script-src 'self' 'nonce-65b0acab89d1d743085264' ; style-src 'self' 'nonce-65b0acab89d1d743085264'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
p3p
CP="IE6COMPAT"
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
hackers
www.arkoselabs.com/whitehat/
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jan 2024 06:22:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=utf-8
sregion
eu-west-1
cf-ray
84a62ed00c5839da-FRA
/
expedia-api.arkoselabs.com/fc/a/ Frame 26AB 		15 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/a/
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e8570386d338e4f7ad703ba8f80f4cf257223b7b09cf71b2dde405403471
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-Timestamp
170607700355613
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.google.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
content-length
15
x-xss-protection
1; mode=block
hackers
www.arkoselabs.com/whitehat/
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
sregion
eu-west-1
cf-ray
84a62ed0acd239da-FRA
version
2.0
1dee1b7a-b7d3-4f3f-a6c0-a20a135968a7.css
expedia-api.arkoselabs.com/cdn/fc/assets/style-manager/styles/ Frame 26AB 		787 B
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/cdn/fc/assets/style-manager/styles/1dee1b7a-b7d3-4f3f-a6c0-a20a135968a7.css
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/406.chunk.e43483a2d1aaeec0b80d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b54753c0fa152d99dc77389f6763a5242f19baa21ab9b29bbaee89a46e1464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Origin
https://expedia-api.arkoselabs.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
kJpP1dZai5o7j4uq.KrUD1Kkv9CuCMKY
age
2963
x-amz-request-id
KDTND0ZTNXT4SPNW
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LFQbKiRDGQIGFS63Cts3EqyqWXTF0UJIPFw3GRXhJb2cN6CPWno15xxI38RIEeabZBxFGiUTUPo=
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 01 Aug 2023 09:26:53 GMT
server
cloudflare
etag
W/"ec3eff5f36fe4d422dfe81751506cc20"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cf-ray
84a62ed0acd339da-FRA
/
expedia-api.arkoselabs.com/fc/gfct/ Frame 26AB 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/gfct/
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db32a07eb3683c07d38091176cad6be2b6ea006dd1e7c2cb4f302311bd4a530
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'nonce-65b0acaba0ebe917833123' ; style-src 'self' 'nonce-65b0acaba0ebe917833123'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-Timestamp
170607700355617
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.google.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 24 Jan 2024 06:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' 'nonce-65b0acaba0ebe917833123' ; style-src 'self' 'nonce-65b0acaba0ebe917833123'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time
623
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
hackers
www.arkoselabs.com/whitehat/
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
sregion
eu-west-1
cf-ray
84a62ed0acd539da-FRA
/
expedia-api.arkoselabs.com/fc/a/ Frame 26AB 		15 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/a/
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad3e8570386d338e4f7ad703ba8f80f4cf257223b7b09cf71b2dde405403471
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-Timestamp
170607700356314
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.google.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 24 Jan 2024 06:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=86400
content-length
15
x-xss-protection
1; mode=block
hackers
www.arkoselabs.com/whitehat/
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
sregion
eu-west-1
cf-ray
84a62ed5094039da-FRA
version
2.0
remoteEntry.js
expedia-api.arkoselabs.com/fc/assets/ec-game-core/match-game/1.18.0/standard/ Frame 26AB 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/match-game/1.18.0/standard/remoteEntry.js
Requested by
Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/406.chunk.e43483a2d1aaeec0b80d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8eadb3e243156ea85e92e292c24a1607adbd3a82cf99da2c75a567ba8bd8a01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 06:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-version-id
6KFI6ssghFSIXO4jZr5OZzjAqlgf4ar4
age
1136
x-amz-request-id
AAXY683M0KBQ8F7B
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Wa5JA8ZSIte2GPgFF4cbiJQfSsX8Wh3jM/uxsF+R/lwsCtuIZ/Lj3jHBTnPAclB6Fn7nvMRh3DwojlZGA4ZYDg==
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 10 Jan 2024 04:58:16 GMT
server
cloudflare
etag
W/"92b7089ffadfd64dc1514e4c97867543"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cf-ray
84a62ed5194839da-FRA

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| __PUBLIC_PATH__ string| __dctk__guid__ object| __PLUGIN_STATE__ object| webpackChunkcaptcha_pwa function| Bernie_l10nBundle_de_CH object| perfMetrics object| __tti object| Bernie number| __mobxInstanceCount object| __mobxGlobals object| DD_RUM object| __APOLLO_CLIENT__ function| setupEnforcement object| arkoseLabsClientApida16b26c object| arkose

17 Cookies

Domain/Path Name / Value
.dotomi.com/ Name: CJSession
Value: 3cb00188-0406-422f-8f30-b1ca62880e99
.dotomi.com/ Name: cjae
Value: wPMI70mhD1i4
.dotomi.com/ Name: DotomiUser
Value: 400105556943040775$0$1
.dotomi.com/ Name: LCLK
Value: cjo!xi43-1l17ixu
.emjcd.com/ Name: S
Value: 400105556943040775:wPMI70mhD1i4
.emjcd.com/ Name: LCLK
Value: cjo!xi43-1l17ixu
.emjcd.com/ Name: CJSession
Value: 3cb00188-0406-422f-8f30-b1ca62880e99
.ebookers.ch/ Name: HMS
Value: e8bcacf2-b02a-49f6-865a-c699d144c1bc
.ebookers.ch/ Name: MC1
Value: GUID=25ff9b44568f482f9652caf8bdc06533
.ebookers.ch/ Name: DUAID
Value: 25ff9b44-568f-482f-9652-caf8bdc06533
.ebookers.ch/ Name: OIP
Value: gdpr|-1
.ebookers.ch/ Name: CRAS
Value: EBOOKERS-CH.NETWORK.CJ.100520107
.ebookers.ch/ Name: _abck
Value: C492859C9A851253D9EFCEBE3834D1D3~-1~YAAQrnsTAk8aTRSNAQAAfXkiOgvo6GRcrdKpykqG92RRKT+sI4q9gyFkMkIey2o9dDEpUrAX+xaXTpQ0el541WO8HaFj1WGWtPXxSA4/zpCYrB/N+CxDP6b6+yX5MkGAlRkviPaV4xY0p0iZEznZoDFIm0s5RfISgq1LoAcd73sTZOGY23RYJCIQZ3ZTkrCOinXWsEqh0oLrmj3og24gbzidXUSXnEnYLRIeyE1QKb/o4B2XU8qeq6lOIz2fFN/Cw5b0GXWRvH5PJYx28orA5hSWSkR35E1YkvLu4qvRAnApVz7FayqznhjKWp5KmBeNxvLkjEpExlDAvHzOQYoGguukgu8mhl6hIZwhJlpxZM6ZXJEmkiHvYUrFO2Zx~-1~-1~-1
.ebookers.ch/ Name: ak_bmsc
Value: 663CE44EE87A0859441796B2C7F5090F~000000000000000000000000000000~YAAQrnsTAlAaTRSNAQAAfXkiOhaody22ap+JZQa3sCqAXVhNZSzBXecNXHaWcTMoAPBuO+vEJxaS7mkGbtuX1AiiDoBpNwTh2uM7vKR5HcBiVLKBIZlRwlx28Szb74GkUHA5t8p07rcaB4mvru1LfbKP9PS2O2PHIDZ1Px3cj+JQngMMVlDb17jTTh+EPoczkv9M3a+YDDJWBkGeki2lChjjLOjEalnlmq/brnwqpLITYU+8Gz3IU5GE8ESAdoLfrXQwe3tIeKW8rDLaUEmoNLdjdhjIpL6+omrDTjGTCfD0U3TqijjokUB9YTIDnEnv6CNBUs4cjRSBGiOVHaPv/vs2SAN/ohIroO+1zvFcVSrtJ4yfrf4D19ywtkRUdduzj6jhhUMwJor/aw==
.ebookers.ch/ Name: bm_sz
Value: 1F6A398FA44DBEDB4A1628A05BF9E48E~YAAQrnsTAlIaTRSNAQAAfXkiOhZOgbAsiYVGv+dLeAQLGZeC2XCeU0Xp2QlgK9EW1gEArekgWOoY3y215UfLt/dI1V3KIgFsub1/yfNuJDrNuj0wzQTKsINyxgTYzZcuxCPvzuO8dZndjtM8CCu5tN/AxSfScCIBMuD+BaerRq5Q/0ofrGITmUYm1VOh3tbQ+xKFwAa9dwlgbER6vHG6wydJ6YTArXLnvR/lC2beesMfPPTfaaHLRjIa+pj55WSbM7s13tzerNkmzQZYQGGd3zD7HYrKh1lnNUZunuSxZ/Qw5ccZdmJYezabnrAPjTdHpXOQ4YQMCU6BFpBIJck=~3289155~3422018
.arkoselabs.com/ Name: _cfuvid
Value: dgmXjMWcYqJu1GkYFTAaLEJiQlSyDcC3LF1vcERFVJU-1706077354809-0-604800000
expedia-api.arkoselabs.com/ Name: timestamp
Value: 170607700356314

2 Console Messages

Source Level URL
Text
network error URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=f5e713acba8011ee83e200170a18b8fb&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.travel-assets.com
cj.dotomi.com
expedia-api.arkoselabs.com
resien.ch
www.ebookers.ch
www.emjcd.com
www.jdoqocy.com
www.reissen.ch
23.196.235.239
2606:4700:4400::ac40:9a56
2a02:26f0:1700:392::1994
85.13.138.41
89.207.16.75
0107a1b760060fbef578110800b88f3c204e1c1e1acc2171c09fdc12b4f7d4b1
04f00125cb2e03a3431cace66ec287f21224457380830e073caea9d94682b6c3
0b2ba20cc51e34fc59e0e121f22687291af155fa8eb1d084489b525a61c86f66
0db32a07eb3683c07d38091176cad6be2b6ea006dd1e7c2cb4f302311bd4a530
14044b17cfa4980c10b832e7d76bf9725682e8ab78e7eed11b38a454317ad8fd
22663cc57af5390946c61cbf5c91051481a15a4435169c1f88166e783a90ff2d
24c55579ace8c50bc6089dc53e5718a17f6e21a89b23ec0a0d55d4000f03b40e
2818c86993b6d4ae124cef7813adcd61b48fd53dde3a9b8e8419c3c0e34e4215
2896cea6e091730fad8142671c673272b7d30954a7c76d5be7d7cf4e144ead0f
2ad3e8570386d338e4f7ad703ba8f80f4cf257223b7b09cf71b2dde405403471
2d233a2cb56bb3cdcc2fa87581b64adc161a9f3e54f6a1042f4d039142d3de8c
2da84ffbcaec3e24a1c2480b87107978c3577251b746df3b8ad4851bd4167a00
3825c3d05c8348aa7d05587ace241c852e79676c5c82ea7bba30a2a0f6098982
406bd80fec4451332267035a2159405872af5f136b7175211db526974c8f4cd7
4b54a3af79aae7ba6368172957253423376097a64169f9ee584e768216dbec8f
5135053a83b4edd50e0046bf433ecfb5d6597e702140f03d8a3205f75eeff5d0
75b54753c0fa152d99dc77389f6763a5242f19baa21ab9b29bbaee89a46e1464
77e9c2c22f2284fef863623b3fc265b987517453e2c5defdb73fed3d5be40e8a
858807237d92917430f4a0e45f721313b473b01016520ac5fa1da09b74cfec95
8954c977d5dfcb2838c736fe6287eabd9e0d8e0dad4896cedc2b1ecadc830b30
b373a2686afc1e6d319403886f7e3798669abdd67dce1bee1eb5a068bc1c1433
bd106d1d10d230e167e33658e3ad320d44343ad3bd79526fd1d21cef811779a8
c11908b7e7f4095bd9f6435f1b2856834e24b805fd36cb73f410e00dac0d71ab
c7f3aee0c1e1d2934aacd279a8728314124d01d861f489ae9c3396a1a775fe35
c8eadb3e243156ea85e92e292c24a1607adbd3a82cf99da2c75a567ba8bd8a01
d1289e1b8d38e339b6c36df1f5a12789c18610f0d10d7cc57a6dc3cdb36317ef
db05a8f83715de0ef7d87feb02c65bbbebb4870c7855f7911d4decd5e9188022
dba88bfd246a7932de312847fd129688160a991ab82175aee752422cd1ab0f9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b281f8bca3c56d13107823aa7aaaa36a7522e7082a69acdadeae7a661f6487
e673624b389098fcb49ad432c888b7b9e12c001055225ec6744f2d585b496e06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeaeeeb2056f7f27c81a8ea0c1fbc74926edc38b0b43e559e25abfc4aa5d942
fcc6798334cec59b663b423df9e1999aa5838107e69b337faede40b8be91cbe4