red-by-dufry-en.gowento.com Open in urlscan Pro
2606:4700:20::681a:789 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mg.gowento.fr/c/eJx1UctugzAQ_Bp8A_kJ-OBDGhSpn2GwDW6MTRyHlH59HdQ2uVRajVbamdHsrhaorjmBLeYtUKKnpKXACgwxRghTVFPKaK...
Effective URL:
https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=emai...
Submission: On November 26 via manual (November 26th 2022, 3:15:10 pm UTC) from US — Scanned from FR

Summary HTTP 19 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 19 HTTP transactions. The main IP is 2606:4700:20::681a:789, located in United States and belongs to CLOUDFLARENET, US. The main domain is red-by-dufry-en.gowento.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.

This is the only time red-by-dufry-en.gowento.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.86.85.56 34.86.85.56	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2606:4700:20:... 2606:4700:20::681a:4e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::681a:789	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::393	54113 (FASTLY) (FASTLY)
1	2606:50c0:800... 2606:50c0:8003::154	54113 (FASTLY) (FASTLY)
2	52.33.233.22 52.33.233.22	16509 (AMAZON-02) (AMAZON-02)
19	8

1 34.86.85.56 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.85.86.34.bc.googleusercontent.com

email.mg.gowento.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4e4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gwn.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:789 (United States)

ASN13335 (CLOUDFLARENET, US)

red-by-dufry-en.gowento.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.gowento.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8003::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.33.233.22 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-233-22.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	gowento.com red-by-dufry-en.gowento.com app.gowento.com	348 KB
2	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1534	204 B
2	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3059	12 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 467	141 KB
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 3725	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	961 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 300	2 KB
1	gwn.to 1 redirects gwn.to	981 B
1	gowento.fr 1 redirects email.mg.gowento.fr	358 B
19	9

	Domain	Requested by
9	red-by-dufry-en.gowento.com	red-by-dufry-en.gowento.com
2	api.amplitude.com	red-by-dufry-en.gowento.com
2	res.cloudinary.com	red-by-dufry-en.gowento.com
2	cdn.jsdelivr.net	red-by-dufry-en.gowento.com
1	raw.githubusercontent.com	red-by-dufry-en.gowento.com
1	app.gowento.com	red-by-dufry-en.gowento.com
1	fonts.googleapis.com	red-by-dufry-en.gowento.com
1	cdnjs.cloudflare.com	red-by-dufry-en.gowento.com
1	gwn.to	1 redirects
1	email.mg.gowento.fr	1 redirects
19	10

This site contains links to these domains. Also see Links.

Domain
red-by-dufry-fr.gowento.com
gwn.to

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Frame ID: 6126C06E1F5454F67DECD7480C02B824
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Red By Dufry Card | Red By Dufry

Page URL History Show full URLs

http://email.mg.gowento.fr/c/eJx1UctugzAQ_Bp8A_kJ-OBDGhSpn2GwDW6MTRyHlH59HdQ2uVRajVbamdHsrhaorjmBLeYtUK... HTTP 302
https://gwn.to/5q9hvi?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr HTTP 301
https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?noti... Page URL

Detected technologies

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

19
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

523 kB
Transfer

1978 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://red-by-dufry-fr.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Title: Passer en français

Search URL Search Domain Scan URL

URL: https://gwn.to/pkpass-backfields?redirect_url=https%3A%2F%2Fsso.dufry.com%2Fprofile&userId=clavb22w101rpb91i2kqv159x&organizationId=dufry
Title: Update my profile

Search URL Search Domain Scan URL

URL: https://gwn.to/pkpass-backfields?redirect_url=https%3A%2F%2Fwww.redbydufry.com%2Fen%2F&userId=clavb22w101rpb91i2kqv159x&organizationId=dufry
Title: redbydufry.com

Search URL Search Domain Scan URL

URL: https://gwn.to/pkpass-backfields?redirect_url=http%3A%2F%2Fapi.addthis.com%2Foexchange%2F0.8%2Foffer%3Furl%3Dhttps%253A%252F%252Fgwn.to%252Fdufry-share%26title%3DDiscover%2520the%2520Red%2520by%2520Dufry%2520program&userId=clavb22w101rpb91i2kqv159x&organizationId=dufry
Title: Invite your loved ones to discover the Red By Dufry program

Search URL Search Domain Scan URL

URL: https://gwn.to/pkpass-backfields?redirect_url=https%3A%2F%2Fwww.redbydufry.com%2Fen%2Fcustomer-service.html&userId=clavb22w101rpb91i2kqv159x&organizationId=dufry
Title: Before reaching out, check out our most frequently asked questions

Search URL Search Domain Scan URL

URL: https://gwn.to/pkpass-backfields?redirect_url=https%3A%2F%2Fwww.shopdutyfree.com%2Fen%2F&userId=clavb22w101rpb91i2kqv159x&organizationId=dufry
Title: Reserve & Collect Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mg.gowento.fr/c/eJx1UctugzAQ_Bp8A_kJ-OBDGhSpn2GwDW6MTRyHlH59HdQ2uVRajVbamdHsrhaorjmBLeYtUKKnpKXACgwxRghTVFPKaKWJQc3AoOJQKQVNQeE8VmO4a59CZSLwIVljB5ls8KJo3gqMrcpQkEPGwcm1x3hbIQofeECWTcH3ZowPBj5mDHGU3n7t-venUN1M3P5IaVv001POi7SjL5315zL4UulZ-l3adMCJKaXlulNPuca7r1LIDbvwabUFOb0mPk7Se-0K0mUP6wpcv05zHtL9uwKI4irdKlOIupq1V8FZme_Tq2oIM0jiN-jD5hC1Kvut3PcqtQeTaGkLFZaS0YYhrntNmgblJxhW63xxCG5XHUurxE-CO4IoLj1HFp8vK2L88xsZso2z HTTP 302
https://gwn.to/5q9hvi?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr HTTP 301
https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 749cab6532141491e81a7d27becef6d7dfdb23d5 Show response
red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/
Redirect Chain

http://email.mg.gowento.fr/c/eJx1UctugzAQ_Bp8A_kJ-OBDGhSpn2GwDW6MTRyHlH59HdQ2uVRajVbamdHsrhaorjmBLeYtUKKnpKXACgwxRghTVFPKaKWJQc3AoOJQKQVNQeE8VmO4a59CZSLwIVljB5ls8KJo3gqMrcpQkEPGwcm1x3hbIQofeECWTcH3...
https://gwn.to/5q9hvi?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr
https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-de...

74 KB
13 KB

479ms
433ms

Document
text/html

2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js 7.0.2
Resource Hash: 075b7d97bbf1fd30d771e52ea36f8a33a39a02506dfcd9f7a6091d5d29cc42c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 770393c8cac72294-CDG
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 26 Nov 2022 15:15:03 GMT
etag: W/"1299e-4Yq/o82boMFMrNfE2xpW/4TJ+SU"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHlbsXhAvW4O%2FKawduEfH7ksae9qYoDMdJE1WOMPExxFnhIvzZ8xespcG%2FOaFaZx0ZPXCHE1URqLS4thxaK%2Frvn1GQPjlU769joO14aqv%2FJL9Xkum7uHME1YGhAM5ppK%2FW68HI7LXQ32BtT6z8gIhhVEZqcGpfe%2Frw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 vegur
x-powered-by: Next.js 7.0.2

Redirect headers

access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 770393c7a94b2167-CDG
content-security-policy: img-src 'self' res.cloudinary.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sat, 26 Nov 2022 15:15:03 GMT
location: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDgfsk9d1XAN3iDQVsnMnyN%2FRxPEWADtuTCpB7ZjCI2O5mTB668LDWsD%2B3sJL2NjPfKiJeyC%2F5rWYOA6j%2BnPlW5zH0%2F%2Bpub4tM6moJMaqcZGj6lFOiQuetc7Qfv%2BSue06uiNCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 le.min.js Show response
cdnjs.cloudflare.com/ajax/libs/le_js/0.0.3/ 4 KB
2 KB 117ms
45ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/le_js/0.0.3/le.min.js

Requested by

Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df2ee84028c1f926191fc3ac53718d62139982c401cd45bc7b49657fab5e762d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://red-by-dufry-en.gowento.com/
Origin: https://red-by-dufry-en.gowento.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4521191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1517
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-fc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ce98yt0rGVbzEb0CCq79Ylnpb6Eup89wuLC7rElsEZ8hE9kUcX%2Bu0fkgv9gA1dnmHSmSbfbuGLMvEfpycjdkqPF3RyucrwLf5%2BfpzMyTIAUGTMQRBzQAFApVZalTV7KySvlnmsg2mSjY1LgB8w3UzaGT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 770393cc0eabf0b3-CDG
expires: Thu, 16 Nov 2023 15:15:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
961 B 135ms
35ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 15:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 14:55:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 15:15:03 GMT

GET
H2 200 icons.woff2
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/themes/default/assets/fonts/ 39 KB
40 KB 131ms
70ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/themes/default/assets/fonts/icons.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://red-by-dufry-en.gowento.com/
Origin: https://red-by-dufry-en.gowento.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4521040
x-jsd-version: 2.4.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40148
x-served-by: cache-fra19136-FRA, cache-mia11383-MIA
x-jsd-version-type: version
server: cloudflare
etag: W/"9cd4-bsbTbLJGS06CHPq7Uy8xC9NCYBw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kIbKkfMtS9N7HHmnabGuy57h8QiBIoGErcHQVzH%2B%2FsPtwzgY6jkWuqCG5qBT38q%2BZFYV4Vh54ygxxTTTDXFQcMmavjkURtBuF86Xeu3sY7nU7e2qVNQdjLOnvkO5DT4sPIFicv3hgZ6UAPyxHvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 770393cc09b3f0bf-CDG

GET
H2 200 semantic.min.css
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/ 614 KB
101 KB 132ms
71ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://red-by-dufry-en.gowento.com/
Origin: https://red-by-dufry-en.gowento.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4521029
x-jsd-version: 2.4.2
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19173-FRA, cache-yyz4540-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"99738-xBtVnjRc5piOJZyFKbhk0QxxYOQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UO9IQnuhfFiyysnxesNQVIB6bzcZ3DpoE0wdJP7HlL6oMHlGdROH%2BmzZtm2vSAdX%2FUqAXR3F1sunPdcf4KwGBTEBfVVp%2BbF8HQyAX5xQhxPfmUcbZUkH9CtwTpVsDJebaQgmSj2tTDqTG%2Fq1tc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 770393cc09b1f0bf-CDG

GET
H2 200 pass.js Show response
red-by-dufry-en.gowento.com/_next/static/QlXsjh23Cs5Sq5_Kcm5~F/pages/ 72 KB
19 KB 50ms
44ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/QlXsjh23Cs5Sq5_Kcm5~F/pages/pass.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f2181a9d8d183115fdc2862e2299d669bb23c8202a3a79e23d1fd2d43e045f05

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240179
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
server: cloudflare
etag: W/"11fda-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeYE8RP7WbtqvNJFsv5NnUsheB42LeFbDNkDPZ5gSn40n3iw7jy894Fpz5EtzCk%2BprRfcsqqNiFSQuulK4LgdXxS6z82x3OTS75zaWK1xRKrK5kv4bozNopBAD%2Fz62shLeMbUb40gRqT5n4FoY5lgNJrya7jzIfVng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cbbfd72294-CDG

GET
H2 200 _app.js Show response
red-by-dufry-en.gowento.com/_next/static/QlXsjh23Cs5Sq5_Kcm5~F/pages/ 6 KB
3 KB 62ms
58ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/QlXsjh23Cs5Sq5_Kcm5~F/pages/_app.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 340ab8de2e08ce96a3d1471ed1db2f3aa38ded43f0a9511d0dc51d252c1a9987

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240179
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
server: cloudflare
etag: W/"16a4-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNrohAFW2hr%2B223VgElK4fDiTbNZpXVwDMRl3zW6oNqN71671KWg1%2FJdDYAcWMM2uUNLysD9V56ohXd5AaSIG6IlEuck%2FZkYYQ5%2BNdH%2FDFgNhpxYTIGsk%2B9yp%2B02nSJ1JFhcNL6yqMTxr9dhmR2oCTWtPn0cIpthSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cbbfda2294-CDG

GET
H2 200 _error.js Show response
red-by-dufry-en.gowento.com/_next/static/QlXsjh23Cs5Sq5_Kcm5~F/pages/ 255 B
498 B 52ms
49ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/QlXsjh23Cs5Sq5_Kcm5~F/pages/_error.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6efe262334593c6935503c688ea74913a7e05943e4f84e68b2c0fd7457c9dc35

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240179
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
server: cloudflare
etag: W/"ff-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78dkwdXMd8AHS3%2BFB3m%2BHXBWL47lLXMSpOxJfKoNVLGDNmmWDnAW4JT0Lalr9h8v2aUTIlhx5UXcnxIhOg73yrWBuUwdQMnf%2BQMPwEe0cr9sydPQZ1xLrdMhUkaeF%2BvMvIcgIW0QB2e9%2BwvgmduR7mW56GsrEDj0Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cbbfeb2294-CDG

GET
H2 200 108.2c7d484f1aa92cd787f2.js Show response
red-by-dufry-en.gowento.com/_next/static/chunks/ 230 KB
58 KB 197ms
194ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/chunks/108.2c7d484f1aa92cd787f2.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 97f3ebe55c0bb77e3dbee0abd1bd7f0ba541246ef8d965f05255f10f0df4475e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"39853-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwRSucrCI7YaYXLPafVI8OJ0q28vvn4rr%2BtuUtwuh5IlSJ0ug05cu5w8gvHo%2FTGo9RR2qefuNI4ouFpIt9uYcyr8hatK4No85kYpnt4sYJE6vA8p6wvNfU1AHABRi3bg3cCCZcn1Zf1Ix9vUwzlWbAfbF6%2BDT6gltw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cbbfed2294-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 webpack-a4616497a58a4fe784c6.js Show response
red-by-dufry-en.gowento.com/_next/static/runtime/ 5 KB
3 KB 53ms
50ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/runtime/webpack-a4616497a58a4fe784c6.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d1bfce4d58dd843c339d3f6e5589f868941c0b69bea3587eab4de5f7c6ffbaba

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240179
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
server: cloudflare
etag: W/"134d-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCHdHqhG2Sft0YngoU0f2%2Fpsm6V1dQ%2F4KlSAwchUgQccaDfDGRe6kdsT29s%2BM%2B05Z60nrzOjiUh%2FsKhf5aiW162DVbGsB84bb%2BxZ1pcULRLyGmmvpKOE1aFx2kQjjLf6OL6BcADSpt9vQxVpD81VVTy5QVSklShWLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cbbff02294-CDG

GET
H2 200 commons.0360a93ac9f291d3e41c.js Show response
red-by-dufry-en.gowento.com/_next/static/chunks/ 656 KB
189 KB 113ms
110ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/chunks/commons.0360a93ac9f291d3e41c.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ac457ffd6e588b08833947bfa89cb7aee46a51c19d74c970d3cd77fa1d0a241f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 240179
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
server: cloudflare
etag: W/"a40f9-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgBNvQSxkClep1V3NjUiCYlp9fwg75Sxenvr8AwUAu7VDqvB6%2BOirRjGOoyuGCriu4YTNyUCReRKjV9TYo6e6rtUO9VAt0zC7VkzP7fsDX7aEKEXXCnhStBw%2Bva52gBYs0IOZsX1GX9YjjOfsD5kn%2FXd5%2F3P%2FoEKXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cbbff32294-CDG

GET
H2 200 main-65faf83ff53259a657fc.js Show response
red-by-dufry-en.gowento.com/_next/static/runtime/ 13 KB
5 KB 54ms
52ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/runtime/main-65faf83ff53259a657fc.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 328ccb8623ec29a606490ee70c3bfe80fb4293ea2166d9238f5ec7a3f61d34b3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87470
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
server: cloudflare
etag: W/"35d9-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leAWAKloJMwUOoT9NFzouBBFFuXO65z5kbciJc3JQ2f8Ng4RCgD6imNwF%2ByC2CWUwFGEzMFWmWdLYHuaucbpvHYV%2BS8g5CpDu8o88RDcDg2lTL4k9NUaqPAx7rBNo8gySoCdP%2FsMjaQCo%2FRF7dyCZtnpRaUjJos5LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cbbff82294-CDG

GET
H2 200 logo_1657876312293
res.cloudinary.com/hqgkh0ynz/image/upload/t_webpass_logo-h100/f_auto/v1657876328/customers/dufry/ 2 KB
2 KB 311ms
22ms Image
image/webp 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hqgkh0ynz/image/upload/t_webpass_logo-h100/f_auto/v1657876328/customers/dufry/logo_1657876312293

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f2931b1f8b1f3035dd17dfe0da56a57350bc9dfd999c5e31c996ee2d3830fb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://red-by-dufry-en.gowento.com/
Origin: https://red-by-dufry-en.gowento.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="logo_1657876312293.webp"
server-timing: fastly;dur=3;cpu=1;start=2022-11-26T15:15:03.938Z;desc=hit,rtt;dur=17
content-length: 1566
last-modified: Fri, 15 Jul 2022 09:17:07 GMT
server: Cloudinary
etag: "1175bad0d073ac1ce340ce6bd7c21235"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 strip_1541150524736
res.cloudinary.com/hqgkh0ynz/image/upload/t_webpass_strip-640x246/f_auto/v1541150529/customers/dufry/ 10 KB
11 KB 309ms
20ms Image
image/webp 2a04:4e42:400::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hqgkh0ynz/image/upload/t_webpass_strip-640x246/f_auto/v1541150529/customers/dufry/strip_1541150524736

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0935fbc8b47dd203ae807d0b12c6ed00396b0cb6a920c0dca626eb0bd96c09b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://red-by-dufry-en.gowento.com/
Origin: https://red-by-dufry-en.gowento.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="strip_1541150524736.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-11-26T15:15:03.938Z;desc=hit,rtt;dur=17
content-length: 10382
last-modified: Fri, 02 Nov 2018 09:54:58 GMT
server: Cloudinary
etag: "9c637a041763813a6630dd6edd6a50bc"
vary: Accept,User-Agent
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 barcode
app.gowento.com/ 5 KB
6 KB 325ms
256ms Image
image/png 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.gowento.com/barcode?bcid=qrcode&text=7387772111123Salvatore%7CMendolia%3CDQR%20PromoType%3D%22Platinum%22%20CustomerID%3D%227387772%22%20ExpiryDate%3D%22112023%22%20CheckDigit%3D%229%22%2F%3E&scale=3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d5deda79928eaa87941a24a655031e54f1fc144196ec92e87b9df6174fb868

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' res.cloudinary.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://red-by-dufry-en.gowento.com/
Origin: https://red-by-dufry-en.gowento.com
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:03 GMT
content-security-policy: img-src 'self' res.cloudinary.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4767
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: "129f-nqgHZxFRjdYcAAnpXRLDUtga2c8"
x-download-options: noopen
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtcpmOpcFXqySJA2113GUT%2F4dklnnpWnoJ9iaEySCDWRIcTog%2BjflkmaipisH9UoFVxJJEOeJ%2F6FDtU4dD8ky4JepfzuJccMknGCX04EVQJgRfmS2xK5VsQm6iJ98Ue12ajzRLf4fINZsfytbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 770393cc3c51d6d2-CDG

GET
H2 200 flags.png
raw.githubusercontent.com/patw0929/react-intl-tel-input/master/src/ 18 KB
19 KB 58ms
19ms Image
image/png 2606:50c0:8003::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/patw0929/react-intl-tel-input/master/src/flags.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: c228f6a7f5fda76efa42ab2dc756f88f7b8a8654
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 15:15:03 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
content-length: 18747
x-xss-protection: 1; mode=block
x-served-by: cache-cdg20737-CDG
x-github-request-id: 5802:10C3:5A335:AF382:637EAAFE
x-timer: S1669475704.859380,VS0,VE1
etag: W/"95d6faf5b5ba0926a6c648234a41ddb659da84140accbd067915e2e138bc473d"
source-age: 171
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sat, 26 Nov 2022 15:20:03 GMT

GET
DATA 200
OK truncated
/ 960 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef4942d48fb43ccba878b4078605c7b63713af13d111adef8913271705c0d730

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 2493ms
1279ms Preflight 52.33.233.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.233.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-233-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://red-by-dufry-en.gowento.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Sat, 26 Nov 2022 15:15:05 GMT
strict-transport-security: max-age=15768000

GET
H3 200 115.b842d42e3dca9fef41e1.js Show response
red-by-dufry-en.gowento.com/_next/static/chunks/ 226 KB
53 KB 42ms
41ms Script
application/javascript 2606:4700:20::681a:789
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://red-by-dufry-en.gowento.com/_next/static/chunks/115.b842d42e3dca9fef41e1.js
Requested by: Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/_next/static/runtime/webpack-a4616497a58a4fe784c6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:789 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 62e7ffeadbd3b0da16978500e5b5f623eebbe3974d94d7b29835453542eb1113

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://red-by-dufry-en.gowento.com/pass/clavb22w101rpb91i2kqv159x/749cab6532141491e81a7d27becef6d7dfdb23d5?notificationChannel=email&notificationId=clavb22yv01oj2c1i5honbfgr&gwt_channel=instore-device&gwt_tablet_id=LIN00001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 15:15:04 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1237
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 16:51:29 GMT
server: cloudflare
etag: W/"387b2-184a566ce68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gFhzEqIiglt77gKrNAYtuHdyR%2FtwLja8YT7tkcYGAezQpZFysOT3gRb4Vt5thdsFrnMQUI5tQ9bw%2FbEA4Ngs8wcjERmSaaJj0874pRz4MFBTwIhbaxqgiiuLG%2B%2FR2cbgXOudStn3%2BOW1OZ3fklLSMRUnfJ%2FUXYEOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 770393cdedc799c3-CDG

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 1306ms
1287ms XHR
text/html 52.33.233.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: red-by-dufry-en.gowento.com
URL: https://red-by-dufry-en.gowento.com/_next/static/chunks/commons.0360a93ac9f291d3e41c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.233.22 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-233-22.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://red-by-dufry-en.gowento.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 15:15:06 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63822d7a-26af76a00cc00c1e097ed638
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gowento.com/	1970-01-20 16:30:11	Name: amp_1feaf3 Value: Mz1WAngLaqkUVH7iCMDQzY.Y2xhdmIyMncxMDFycGI5MWkya3F2MTU5eA==..1giq8376h.1giq8376o.0.1.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
app.gowento.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
email.mg.gowento.fr
fonts.googleapis.com
gwn.to
raw.githubusercontent.com
red-by-dufry-en.gowento.com
res.cloudinary.com
2606:4700:20::681a:4e4
2606:4700:20::681a:789
2606:4700::6810:5514
2606:4700::6811:180e
2606:50c0:8003::154
2a00:1450:4001:80b::200a
2a04:4e42:400::393
34.86.85.56
52.33.233.22
075b7d97bbf1fd30d771e52ea36f8a33a39a02506dfcd9f7a6091d5d29cc42c5
0935fbc8b47dd203ae807d0b12c6ed00396b0cb6a920c0dca626eb0bd96c09b8
11d5deda79928eaa87941a24a655031e54f1fc144196ec92e87b9df6174fb868
328ccb8623ec29a606490ee70c3bfe80fb4293ea2166d9238f5ec7a3f61d34b3
340ab8de2e08ce96a3d1471ed1db2f3aa38ded43f0a9511d0dc51d252c1a9987
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124
62e7ffeadbd3b0da16978500e5b5f623eebbe3974d94d7b29835453542eb1113
6efe262334593c6935503c688ea74913a7e05943e4f84e68b2c0fd7457c9dc35
7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01
97f3ebe55c0bb77e3dbee0abd1bd7f0ba541246ef8d965f05255f10f0df4475e
ac457ffd6e588b08833947bfa89cb7aee46a51c19d74c970d3cd77fa1d0a241f
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
d1bfce4d58dd843c339d3f6e5589f868941c0b69bea3587eab4de5f7c6ffbaba
df2ee84028c1f926191fc3ac53718d62139982c401cd45bc7b49657fab5e762d
ef4942d48fb43ccba878b4078605c7b63713af13d111adef8913271705c0d730
f2181a9d8d183115fdc2862e2299d669bb23c8202a3a79e23d1fd2d43e045f05
f2931b1f8b1f3035dd17dfe0da56a57350bc9dfd999c5e31c996ee2d3830fb81

red-by-dufry-en.gowento.com Open in urlscan Pro 2606:4700:20::681a:789 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

78 %IPv6

9 Domains

10 Subdomains

8 IPs

2 Countries

523 kBTransfer

1978 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

red-by-dufry-en.gowento.com Open in urlscan Pro
2606:4700:20::681a:789 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

523 kB
Transfer

1978 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions