eps-permissions-main-us-west-2.test.epsdecaf.expedia.com Open in urlscan Pro
35.163.181.184 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/
Effective URL:
https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json
Submission: On September 19 via automatic, source certstream-suspicious (September 19th 2024, 10:39:24 am UTC) — Scanned from US

Summary HTTP 8 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 35.163.181.184, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is eps-permissions-main-us-west-2.test.epsdecaf.expedia.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 19th 2024. Valid for: a year.

This is the only time eps-permissions-main-us-west-2.test.epsdecaf.expedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	35.163.181.184 35.163.181.184	16509 (AMAZON-02) (AMAZON-02)
1 2	34.206.109.42 34.206.109.42	14618 (AMAZON-AES) (AMAZON-AES)
8	3

7 35.163.181.184 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-181-184.us-west-2.compute.amazonaws.com

eps-permissions-main-us-west-2.test.epsdecaf.expedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.206.109.42 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-109-42.compute-1.amazonaws.com

online.swagger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
validator.swagger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	expedia.com 1 redirects eps-permissions-main-us-west-2.test.epsdecaf.expedia.com	2 MB
2	swagger.io 1 redirects online.swagger.io — Cisco Umbrella Rank: 332695 validator.swagger.io — Cisco Umbrella Rank: 186093	2 KB
0	googleapis.com Failed fonts.googleapis.com Failed
8	3

	Domain	Requested by
7	eps-permissions-main-us-west-2.test.epsdecaf.expedia.com	1 redirects eps-permissions-main-us-west-2.test.epsdecaf.expedia.com
1	validator.swagger.io
1	online.swagger.io	1 redirects
0	fonts.googleapis.com Failed	eps-permissions-main-us-west-2.test.epsdecaf.expedia.com
8	4

This site contains links to these domains. Also see Links.

Domain
confluence.expedia.biz

Subject Issuer	Validity	Valid
eps-permissions-main-us-west-2.test.epsdecaf.expedia.com Entrust Certification Authority - L1K	`2024-09-19` - `2025-10-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json
Frame ID: 7AF88D7DF4548AFAE570A60DC845B15D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Swagger UI

Page URL History Show full URLs

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/ HTTP 307
https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

2005 kB
Transfer

2000 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://confluence.expedia.biz/pages/viewpage.action?spaceKey=EPSTECH&title=Platform+Permissions
Title: Platform Permissions

Search URL Search Domain Scan URL

URL: https://confluence.expedia.biz/pages/viewpage.action?spaceKey=EPSProducts&title=Platform+Permissions+Structure
Title: Platform Permissions Structure

Search URL Search Domain Scan URL

URL: https://confluence.expedia.biz/pages/viewpage.action?spaceKey=EPSTECH&title=Platform+Permission
Title: Platform Permissions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/ HTTP 307
https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://online.swagger.io/validator?url=../openapi.json HTTP 302
https://validator.swagger.io/validator?url=../openapi.json

8 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/
Redirect Chain

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/
https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json

1 KB
2 KB

115ms
114ms

Document
text/html

35.163.181.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.181.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-181-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

66f3e61a0eadfab139de269b4330ea17df3c40948e179825ebac15c99e758b34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: https: ; script-src 'self' https://.epsdecaf.expedia.com https://.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 1517
content-security-policy: default-src 'self'; img-src data: https: ; script-src 'self' https://*.epsdecaf.expedia.com https://*.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
content-type: text/html
date: Thu, 19 Sep 2024 10:39:18 GMT
expires: 0
last-modified: Tue, 09 Jul 2024 14:48:36 GMT
pragma: no-cache
referrer-policy: no-referrer
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: default-src 'self'; img-src data: https: ; script-src 'self' https://*.epsdecaf.expedia.com https://*.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
date: Thu, 19 Sep 2024 10:39:18 GMT
expires: 0
location: swagger-ui/index.html?url=../openapi.json
pragma: no-cache
referrer-policy: no-referrer
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1 ; mode=block

GET
H2 200 swagger-ui.css
eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/ 150 KB
151 KB 117ms
116ms Stylesheet
text/css 35.163.181.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/swagger-ui.css

Requested by

Host: eps-permissions-main-us-west-2.test.epsdecaf.expedia.com
URL: https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.181.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-181-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

cd99ba47131ea0b8182d6019041912de3093833adb282b4b48bc9b542c96d6ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: https: ; script-src 'self' https://.epsdecaf.expedia.com https://.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: default-src 'self'; img-src data: https: ; script-src 'self' https://*.epsdecaf.expedia.com https://*.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer
expires: 0
accept-ranges: bytes
content-length: 153930
date: Thu, 19 Sep 2024 10:39:18 GMT
x-xss-protection: 1 ; mode=block
content-type: text/css
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 09 Jul 2024 14:48:36 GMT
x-frame-options: DENY

GET
H2 200 swagger-ui-bundle.js Show response
eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/ 1 MB
1 MB 115ms
115ms Script
application/javascript 35.163.181.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/swagger-ui-bundle.js

Requested by

Host: eps-permissions-main-us-west-2.test.epsdecaf.expedia.com
URL: https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.181.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-181-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

c3978239040cade3b67f4e338d56ebf1854f5609159b9f0b9c1a95cfe666d295

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: https: ; script-src 'self' https://.epsdecaf.expedia.com https://.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: default-src 'self'; img-src data: https: ; script-src 'self' https://*.epsdecaf.expedia.com https://*.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer
expires: 0
accept-ranges: bytes
content-length: 1428809
date: Thu, 19 Sep 2024 10:39:18 GMT
x-xss-protection: 1 ; mode=block
content-type: application/javascript
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 09 Jul 2024 14:48:36 GMT
x-frame-options: DENY

GET
H2 200 swagger-ui-standalone-preset.js Show response
eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/ 430 KB
431 KB 117ms
117ms Script
application/javascript 35.163.181.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/swagger-ui-standalone-preset.js

Requested by

Host: eps-permissions-main-us-west-2.test.epsdecaf.expedia.com
URL: https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.181.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-181-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

21c9c0d41d3551ec3803de5920a350e991e73486cf1ae3f3dd3394dfbf30ce90

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: https: ; script-src 'self' https://.epsdecaf.expedia.com https://.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: default-src 'self'; img-src data: https: ; script-src 'self' https://*.epsdecaf.expedia.com https://*.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer
expires: 0
accept-ranges: bytes
content-length: 440437
date: Thu, 19 Sep 2024 10:39:18 GMT
x-xss-protection: 1 ; mode=block
content-type: application/javascript
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 09 Jul 2024 14:48:36 GMT
x-frame-options: DENY

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 openapi.json Show response
eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/ 20 KB
20 KB 119ms
119ms Fetch
application/json 35.163.181.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/openapi.json

Requested by

Host: eps-permissions-main-us-west-2.test.epsdecaf.expedia.com
URL: https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/swagger-ui-bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.181.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-181-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

817475110df97a6c4ed38b078007ce2b74c503bff44158b1120b16cd52f45734

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: https: ; script-src 'self' https://.epsdecaf.expedia.com https://.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json,*/*
Referer

Response headers

content-security-policy: default-src 'self'; img-src data: https: ; script-src 'self' https://*.epsdecaf.expedia.com https://*.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer
expires: 0
content-length: 20164
date: Thu, 19 Sep 2024 10:39:19 GMT
x-xss-protection: 1 ; mode=block
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY

GET
DATA 200
OK truncated
/ 458 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75bac2b1f7c9b580a0a547a9e0f98da1fa5d1c82bd0625bf8395f2728f518fe8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2

200

validator
validator.swagger.io/
Redirect Chain

https://online.swagger.io/validator?url=../openapi.json
https://validator.swagger.io/validator?url=../openapi.json

2 KB
2 KB

224ms
160ms

Image
image/png

34.206.109.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://validator.swagger.io/validator?url=../openapi.json
Protocol: H2
Server: 34.206.109.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-109-42.compute-1.amazonaws.com
Software: Jetty(9.4.53.v20231009) /
Resource Hash: 503516f9cccdbfa57c8ca528d4397cd78ad1a154f4c2a9c2e3ddf944885cfddc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Content-Disposition
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
content-length: 1635
date: Thu, 19 Sep 2024 10:39:20 GMT
content-type: image/png
server: Jetty(9.4.53.v20231009)
access-control-allow-headers: Content-Type, api_key, Authorization

Redirect headers

location: https://validator.swagger.io:443/validator?url=../openapi.json
content-length: 110
date: Thu, 19 Sep 2024 10:39:20 GMT
content-type: text/html
server: awselb/2.0

GET
H2 200 favicon-32x32.png
eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/ 1 KB
2 KB 113ms
112ms Other
image/png 35.163.181.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.163.181.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-163-181-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

16058a65628324ecdb3db99e9420898b536e250f15894a4a7ed05baf16a957ba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: https: ; script-src 'self' https://.epsdecaf.expedia.com https://.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy: default-src 'self'; img-src data: https: ; script-src 'self' https://*.epsdecaf.expedia.com https://*.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
referrer-policy: no-referrer
expires: 0
accept-ranges: bytes
content-length: 1141
date: Thu, 19 Sep 2024 10:39:19 GMT
x-xss-protection: 1 ; mode=block
content-type: image/png
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 09 Jul 2024 14:48:36 GMT
x-frame-options: DENY

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74bb6e4d4d9dce03624a54590957e142b49b0467bc617b7cc637f87d6e9d3f9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 575ebc6a2f086b5de60916aa1b65dd785f69143178fc204ef7432db79ee08a50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700|Source+Code+Pro:300,600|Titillium+Web:400,600,700

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://eps-permissions-main-us-west-2.test.epsdecaf.expedia.com/swagger-ui/index.html?url=../openapi.json(Line 6) Message: Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Open+Sans:400,700\|Source+Code+Pro:300,600\|Titillium+Web:400,600,700' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src data: https: ; script-src 'self' https://.epsdecaf.expedia.com https://.expediapartnersolutions.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eps-permissions-main-us-west-2.test.epsdecaf.expedia.com
fonts.googleapis.com
online.swagger.io
validator.swagger.io
fonts.googleapis.com
34.206.109.42
35.163.181.184
16058a65628324ecdb3db99e9420898b536e250f15894a4a7ed05baf16a957ba
21c9c0d41d3551ec3803de5920a350e991e73486cf1ae3f3dd3394dfbf30ce90
503516f9cccdbfa57c8ca528d4397cd78ad1a154f4c2a9c2e3ddf944885cfddc
575ebc6a2f086b5de60916aa1b65dd785f69143178fc204ef7432db79ee08a50
66f3e61a0eadfab139de269b4330ea17df3c40948e179825ebac15c99e758b34
74bb6e4d4d9dce03624a54590957e142b49b0467bc617b7cc637f87d6e9d3f9e
75bac2b1f7c9b580a0a547a9e0f98da1fa5d1c82bd0625bf8395f2728f518fe8
817475110df97a6c4ed38b078007ce2b74c503bff44158b1120b16cd52f45734
c3978239040cade3b67f4e338d56ebf1854f5609159b9f0b9c1a95cfe666d295
cd99ba47131ea0b8182d6019041912de3093833adb282b4b48bc9b542c96d6ba

eps-permissions-main-us-west-2.test.epsdecaf.expedia.com Open in urlscan Pro 35.163.181.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

75 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

2005 kBTransfer

2000 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

eps-permissions-main-us-west-2.test.epsdecaf.expedia.com Open in urlscan Pro
35.163.181.184 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

2005 kB
Transfer

2000 kB
Size

0
Cookies

8 HTTP transactions
3 data transactions