www.ebookers.ch Open in urlscan Pro
2.17.186.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xn--billigflege-0hb.ch/
Effective URL:
https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.1005...
Submission: On January 29 via api (January 29th 2024, 9:19:44 am UTC) from CH — Scanned from CH

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 45 HTTP transactions. The main IP is 2.17.186.144, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.ebookers.ch. The Cisco Umbrella rank of the primary domain is 560514.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 27th 2023. Valid for: a year.

This is the only time www.ebookers.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	85.13.130.124 85.13.130.124	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	85.13.138.41 85.13.138.41	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
3 3	89.207.16.75 89.207.16.75	41041 (VCLK-EU-SE) (VCLK-EU-SE)
11	2.17.186.144 2.17.186.144	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a02:26f0:170... 2a02:26f0:1700:389::1994	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	2606:4700:440... 2606:4700:4400::ac40:9a56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	5

2 85.13.130.124 (Germany) 1 redirects

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd5510.kasserver.com

xn--billigflege-0hb.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.138.41 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd17422.kasserver.com

www.reissen.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.207.16.75 (Amsterdam, Netherlands) 3 redirects

ASN41041 (VCLK-EU-SE, US)

www.jdoqocy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cj.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.emjcd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.17.186.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-186-144.deploy.static.akamaitechnologies.com

www.ebookers.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:1700:389::1994 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.travel-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:4400::ac40:9a56 (United States)

ASN13335 (CLOUDFLARENET, US)

expedia-api.arkoselabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	arkoselabs.com expedia-api.arkoselabs.com — Cisco Umbrella Rank: 67825	396 KB
11	travel-assets.com c.travel-assets.com — Cisco Umbrella Rank: 13741	352 KB
11	ebookers.ch www.ebookers.ch — Cisco Umbrella Rank: 560514	46 KB
2	xn--billigflege-0hb.ch 1 redirects xn--billigflege-0hb.ch	637 B
1	emjcd.com 1 redirects www.emjcd.com — Cisco Umbrella Rank: 10609	960 B
1	dotomi.com 1 redirects cj.dotomi.com — Cisco Umbrella Rank: 10532	1 KB
1	jdoqocy.com 1 redirects www.jdoqocy.com — Cisco Umbrella Rank: 63768	580 B
1	reissen.ch www.reissen.ch	561 B
45	8

	Domain	Requested by
21	expedia-api.arkoselabs.com	c.travel-assets.com expedia-api.arkoselabs.com
11	c.travel-assets.com	www.ebookers.ch
11	www.ebookers.ch	www.reissen.ch www.ebookers.ch c.travel-assets.com
2	xn--billigflege-0hb.ch	1 redirects
1	www.emjcd.com	1 redirects
1	cj.dotomi.com	1 redirects
1	www.jdoqocy.com	1 redirects
1	www.reissen.ch	xn--billigflege-0hb.ch
45	8

This site contains no links.

Subject Issuer	Validity	Valid
www.ebookers.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-04-27`	a year	crt.sh
www.expedia.com GeoTrust RSA CA 2018	`2023-06-24` - `2024-06-26`	a year	crt.sh
arkoselabs.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Frame ID: A117A00017846AB13A7FBA598CC7298F
Requests: 25 HTTP requests in this frame

Frame: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html
Frame ID: 7CAA564FB6F6C803882566631329AAC6
Requests: 6 HTTP requests in this frame

Frame: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/index.html?session=64617aec6e1745c78.9189272005&r=eu-west-1&meta=3&metabgclr=%23ffffff&metaiconclr=%23757575&guitextcolor=%23000000&lang=de&pk=33C384C0-7DE5-4243-80DB-2C5E35802C15&at=40&ag=101&cdn_url=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fexpedia-api.arkoselabs.com&smurl=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager&theme=default
Frame ID: B57FDBB1B2DBFBBFC78CF96BEB0EA06E
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bot oder Mensch?

Page URL History Show full URLs

https://xn--billigflege-0hb.ch/ HTTP 301
http://xn--billigflege-0hb.ch/ Page URL
http://www.reissen.ch/ebsite.htm Page URL
https://www.jdoqocy.com/click-100520107-14556373 HTTP 302
https://cj.dotomi.com/mr72r098R/07C/QTUUVSWS/QPPURPQPW/P/P/P?d=x%3c%3ciuuqt%3A%2F%2Fxxx.keprpdz.dp... HTTP 302
https://www.emjcd.com/8l122mu21M/u05/JMNNOLPL/JIINKIJIP/I/MIIKINNOJKILNOKMPR:r_b7Um7-V.e2/QPOJQsxw... HTTP 302
https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKER... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

45
Requests

96 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

795 kB
Transfer

2564 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn--billigflege-0hb.ch/ HTTP 301
http://xn--billigflege-0hb.ch/ Page URL
http://www.reissen.ch/ebsite.htm Page URL
https://www.jdoqocy.com/click-100520107-14556373 HTTP 302
https://cj.dotomi.com/mr72r098R/07C/QTUUVSWS/QPPURPQPW/P/P/P?d=x%3c%3ciuuqt%3A%2F%2Fxxx.keprpdz.dpn%2Fdmjdl-211631218-25667484%3c%3cH%3ciuuq%3A%2F%2Fxxx.sfjttfo.di%2F%3c%3c2%3c2%3c1%3c1%3c HTTP 302
https://www.emjcd.com/8l122mu21M/u05/JMNNOLPL/JIINKIJIP/I/MIIKINNOJKILNOKMPR:r_b7Um7-V.e2/QPOJQsxwtwQPJJwwQINNsxPJIsJQtQxs?x=n%3cmty!7sED-n9v7snk%3cr33z2%3A%2F%2F666.tny0ym8.myw%2Fmvsmu-BAAFCABAH-BEFFGDHD%3c%3cQ%3cr33z%3A%2F%2F666.1os22ox.mr%2F%3cIpEGnDBJ-ECAA-EDDA-JpoJ-BJkGkHEGEFoF%3cB%3cB%3cA%3cA%3c HTTP 302
https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://xn--billigflege-0hb.ch/ HTTP 301
http://xn--billigflege-0hb.ch/

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
xn--billigflege-0hb.ch/
Redirect Chain

https://xn--billigflege-0hb.ch/
http://xn--billigflege-0hb.ch/

334 B
536 B

74ms
39ms

Document
text/html

85.13.130.124
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--billigflege-0hb.ch/
Protocol: HTTP/1.1
Server: 85.13.130.124 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd5510.kasserver.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 177
Content-Type: text/html
Date: Mon, 29 Jan 2024 09:19:39 GMT
ETag: "14e-54a3e2cbc1d42-gzip"
Keep-Alive: timeout=2, max=1000
Last-Modified: Wed, 08 Mar 2017 20:43:02 GMT
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent

Redirect headers

content-length: 238
content-type: text/html; charset=iso-8859-1
date: Mon, 29 Jan 2024 09:19:39 GMT
location: http://xn--billigflege-0hb.ch/
server: Apache

GET
H/1.1 200
OK ebsite.htm
www.reissen.ch/ 398 B
561 B 99ms
34ms Document
text/html 85.13.138.41
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.reissen.ch/ebsite.htm
Requested by: Host: xn--billigflege-0hb.ch
URL: http://xn--billigflege-0hb.ch/
Protocol: HTTP/1.1
Server: 85.13.138.41 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd17422.kasserver.com
Software: Apache /
Resource Hash

Request headers

Referer: http://xn--billigflege-0hb.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 202
Content-Type: text/html
Date: Mon, 29 Jan 2024 09:19:39 GMT
ETag: "18e-5d00dbb54bd0e-gzip"
Keep-Alive: timeout=2, max=1000
Last-Modified: Fri, 05 Nov 2021 17:11:19 GMT
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent

GET
H2

429

Primary Request / Show response
www.ebookers.ch/
Redirect Chain

https://www.jdoqocy.com/click-100520107-14556373
https://cj.dotomi.com/mr72r098R/07C/QTUUVSWS/QPPURPQPW/P/P/P?d=x%3c%3ciuuqt%3A%2F%2Fxxx.keprpdz.dpn%2Fdmjdl-211631218-25667484%3c%3cH%3ciuuq%3A%2F%2Fxxx.sfjttfo.di%2F%3c%3c2%3c2%3c1%3c1%3c
https://www.emjcd.com/8l122mu21M/u05/JMNNOLPL/JIINKIJIP/I/MIIKINNOJKILNOKMPR:r_b7Um7-V.e2/QPOJQsxwtwQPJJwwQINNsxPJIsJQtQxs?x=n%3cmty!7sED-n9v7snk%3cr33z2%3A%2F%2F666.tny0ym8.myw%2Fmvsmu-BAAFCABAH-B...
https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

208 KB
38 KB

229ms
162ms

Document
text/html

2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Requested by

Host: www.reissen.ch
URL: http://www.reissen.ch/ebsite.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

istio-envoy /

Resource Hash

6fcced5a26012d89ea3835b9134c8808acedf2dc44d4396e8a9e1b4aba1c8b1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: http://www.reissen.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-language: de-CH
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 09:19:40 GMT
server: istio-envoy
strict-transport-security: max-age=7776000; includeSubDomains;
trace-id: 4de465bf-b059-48ee-8259-b75f1166b063
vary: accept-encoding
x-app-info: captcha-pwa,2046ae68d90c2e46fccd619e2f9da8bb4d886b9f
x-b3-traceid: 4de465bfb05948ee8259b75f1166b063
x-cgp-info: noJvmRouteSet;878b7551-be87-11ee-b061-02420683cbf5
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 8
x-frame-options: SAMEORIGIN
x-page-id: arkose-challenge
x-permitted-cross-domain-policies: none
x-xss-protection: 1

Redirect headers

Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 385
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 09:19:39 GMT
Expires: Mon, 29 Jan 2024 09:19:39 GMT
Location: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Pragma: no-cache
Server: Resin/4.0.66
X-VC-HTTPS: On

GET
H2 200 logo.svg
www.ebookers.ch/_dms/header/ 3 KB
2 KB 48ms
48ms Image
image/svg+xml 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebookers.ch/_dms/header/logo.svg?locale=de_CH&siteid=undefined

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

c11908b7e7f4095bd9f6435f1b2856834e24b805fd36cb73f410e00dac0d71ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=7776000; includeSubDomains;
x-b3-traceid: bac3b7bbefac49f18e9b081fe90a08ea
date: Mon, 29 Jan 2024 09:19:40 GMT
x-envoy-upstream-service-time: 4
x-cgp-info: noJvmRouteSet;6bce856c-b43f-11ee-b18c-02425bf2874a
content-length: 1222
x-xss-protection: 1
last-modified: Tue, 16 Jan 2024 07:18:19 GMT
server: Akamai Resource Optimizer
etag: "80ad593779aa92324e93574d7f0dab316601388b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=604800 s-maxage=604800
trace-id: bac3b7bb-efac-49f1-8e9b-081fe90a08ea

GET
H2 204 challenge.initial.styles
www.ebookers.ch/cgp/simple/ 0
671 B 111ms
111ms Stylesheet
text/css 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebookers.ch/cgp/simple/challenge.initial.styles

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 6fa3a423cf784690950fd2a59caf7d0d
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
x-cgp-info: noJvmRouteSet;87ab0afc-be87-11ee-acc8-02428deac323
trace-id: 6fa3a423-cf78-4690-950f-d2a59caf7d0d
x-xss-protection: 1

GET
H2 204 challenge.dynamic.styles
www.ebookers.ch/cgp/simple/ 0
671 B 97ms
97ms Stylesheet
text/css 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebookers.ch/cgp/simple/challenge.dynamic.styles

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 691ef9158648459e89b4a983eca890f1
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
x-cgp-info: noJvmRouteSet;87a9d2ae-be87-11ee-b11f-024202e54267
trace-id: 691ef915-8648-459e-89b4-a983eca890f1
x-xss-protection: 1

GET
H2 200 de_CH.fa279352dcd02447e007.js Show response
c.travel-assets.com/captcha-pwa/l10nBundle/ 33 KB
10 KB 294ms
195ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/l10nBundle/de_CH.fa279352dcd02447e007.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b2ba20cc51e34fc59e0e121f22687291af155fa8eb1d084489b525a61c86f66

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: IytMchkz05q131h7E9ln5.PbCMdycjBW
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 23:48:04 GMT
server: AmazonS3
x-amz-request-id: 8FGARCDHH1A96EVK
etag: "e1a6d79c493dcfba2b5b30220ec0c31b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=784493
accept-ranges: bytes
content-length: 9659
x-amz-id-2: ozcK4A2TI+PjHF8Y8SDGmxBeDwxRolkj8Wgsz4lJxNug4kWVdKtYAnV9h3wDC4dezp7z8kasYp8=
x-client-ipv6: true

GET
H2 200 bernie.e3337b248db3c83f6767.js Show response
c.travel-assets.com/captcha-pwa/ 129 KB
27 KB 196ms
98ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/bernie.e3337b248db3c83f6767.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77e9c2c22f2284fef863623b3fc265b987517453e2c5defdb73fed3d5be40e8a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: AMAUNKCwdu7oldf7gAzGnh_OMo7I_nX9
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Fri, 19 Jan 2024 18:27:02 GMT
server: AmazonS3
x-amz-request-id: P9CBC1RKQYAFPDBR
etag: "fae929997230468f8dff075c0f99d894"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=382449
accept-ranges: bytes
content-length: 27278
x-amz-id-2: 8zXJf9Bv3yd0Zgi20b/W1P6NbF6S6s9Kc43AzxwDzY82vLotcg+TCUQMgOmcv7z0eEidgfMJ0XM=
x-client-ipv6: true

GET
H2 200 core.64f8215b4681aa119edb.js Show response
c.travel-assets.com/captcha-pwa/ 186 KB
58 KB 165ms
67ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/core.64f8215b4681aa119edb.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8954c977d5dfcb2838c736fe6287eabd9e0d8e0dad4896cedc2b1ecadc830b30

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 14TgbTbUQzVl3gADBrY8Qy1zoHugdz0l
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 16:48:30 GMT
server: AmazonS3
x-amz-request-id: TBC3X822HQ9X9ABA
etag: "472579423cdc3b2e60dc868d1a7e1c35"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1081970
accept-ranges: bytes
content-length: 59157
x-amz-id-2: BP+wuAhLFBOBIbmz5uH+Hq/wTylgu+JnRBYjlraMUHmuQRogFM2dUw06h/Xp4TVT0q4915Yda10=
x-client-ipv6: true

GET
H2 200 graphql.befb84e8f25f2c9a82bb.js Show response
c.travel-assets.com/captcha-pwa/ 179 KB
50 KB 184ms
86ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/graphql.befb84e8f25f2c9a82bb.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d233a2cb56bb3cdcc2fa87581b64adc161a9f3e54f6a1042f4d039142d3de8c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: EUzVagugXVzwS1xXGEpIwOJYKpAg5Qac
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 16:48:30 GMT
server: AmazonS3
x-amz-request-id: TBC3ZFW52GBM7439
etag: "1627bb0e39c974e91177e14bb6be1bc7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1081780
accept-ranges: bytes
content-length: 51138
x-amz-id-2: H+a8PDJTjweFaynbvEZTShB1cLVsMW4GxzNj1ikJZI1Cqr/S2LQSUjDW66E/FIdu3mJNKqykAUI=
x-client-ipv6: true

GET
H2 200 pap.47e986c6df1b0ea6d7c6.js Show response
c.travel-assets.com/captcha-pwa/ 216 KB
64 KB 124ms
27ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/pap.47e986c6df1b0ea6d7c6.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dba88bfd246a7932de312847fd129688160a991ab82175aee752422cd1ab0f9f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: vUzK_cd3TeKhUfqG8Fikc97ffU9vmwyp
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 23:48:05 GMT
server: AmazonS3
x-amz-request-id: BG31481EQ7VCZ7SM
etag: "268246599cc57bb8fc9dee87573836dc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1176497
accept-ranges: bytes
content-length: 65617
x-amz-id-2: h9mnv1o5FL3muX6EOodKq4QMsnwj1Oaa9DAHrlN6AjnCuuMR4HzfkhNgTfz5l5x+vN/rr7BqwoE=
x-client-ipv6: true

GET
H2 200 shared-ui.3c21b36b6de9ef81ed2f.js Show response
c.travel-assets.com/captcha-pwa/ 24 KB
6 KB 163ms
66ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/shared-ui.3c21b36b6de9ef81ed2f.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5135053a83b4edd50e0046bf433ecfb5d6597e702140f03d8a3205f75eeff5d0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: e0sthZf24rAKSQp4kUGjRH3adnnqBQJu
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 16:48:31 GMT
server: AmazonS3
x-amz-request-id: VSQTFR4N60V11X2N
etag: "baaf212d1380415347b6efd718f2a073"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1081808
accept-ranges: bytes
content-length: 5638
x-amz-id-2: hNvTXWtKENyTjkmRLmj8tSOHNrRjXqP3FCA58NFGCD5WCmJIpBOA9K1KG+H2k35lpoiKFCMx2P8=
x-client-ipv6: true

GET
H2 200 vendor.5c0ad4b0ee01ea60c5cc.js Show response
c.travel-assets.com/captcha-pwa/ 213 KB
67 KB 94ms
94ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/vendor.5c0ad4b0ee01ea60c5cc.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14044b17cfa4980c10b832e7d76bf9725682e8ab78e7eed11b38a454317ad8fd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: a_gh7gy_V_7RW7CwTQjWCuMRWyJ4URHv
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 23:48:05 GMT
server: AmazonS3
x-amz-request-id: BG3BN1CHKQTP2RZM
etag: "d9f059dad6834f4e0c70215757c95b06"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1176522
accept-ranges: bytes
content-length: 68559
x-amz-id-2: ggCSOoA4TUTiECaqgP3x1+E+JVbhTrwMXRhcBHYE+j/W7QjT3nsSlOFs1uRcrN3dJ5WjrQJT4wc=
x-client-ipv6: true

GET
H2 200 app.e4fedd91b1735330f65f.js Show response
c.travel-assets.com/captcha-pwa/ 45 KB
9 KB 95ms
95ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/app.e4fedd91b1735330f65f.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24c55579ace8c50bc6089dc53e5718a17f6e21a89b23ec0a0d55d4000f03b40e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: lJdyDg4sNDmf765z1pN4hfvuSbAGTj1B
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Fri, 19 Jan 2024 18:27:02 GMT
server: AmazonS3
x-amz-request-id: M86DZGVHJ2XA99QD
etag: "0813e4f01ad54c566d462a2dcaf90f81"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=382472
accept-ranges: bytes
content-length: 8477
x-amz-id-2: yWhjjrOUkXRbp8utfqWYTEGavfwnJUsoGioyWVHVmwa2GHzFDLsUj5Z79ptGqtCI9GT9VaLCnSY=
x-client-ipv6: true

GET
H2 200 brand-10198111111107101114115.580db9de2f7373b703df.js Show response
c.travel-assets.com/captcha-pwa/ 134 KB
43 KB 96ms
96ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/brand-10198111111107101114115.580db9de2f7373b703df.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0107a1b760060fbef578110800b88f3c204e1c1e1acc2171c09fdc12b4f7d4b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KmeUh3NLsi_b6ds4_Rdisith5kXaHfaL
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 16:48:30 GMT
server: AmazonS3
x-amz-request-id: K4D3FWQY2FBZGN58
etag: "b171b86e79a743a13c53ece1fe492115"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1083998
accept-ranges: bytes
content-length: 44004
x-amz-id-2: qb5/WOuf/6iivp36agwDgvNOt+z0fMUz8LytNl3Fzdm7xj/YPLJFtJIR4Kyp7qIPAZuSdHRABBg=
x-client-ipv6: true

GET
H2 202 2x2.gif
www.ebookers.ch/cl/ 42 B
767 B 194ms
194ms Image
image/gif 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-29T09%3A19%3A40.354Z&pageName=captcha-pwa&message=&appId=captcha-pwa&locale=de_CH&guid=0f1d634d-8ef7-4148-950f-6ab264200f63&visitid=0f1d634d-8ef7-4148-950f-6ab264200f63_1706519980354&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DANALYTICS_ENTRY)&label=bernie.client.analytics-entry&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3D87618afebe8711ee8055af710a18b8fa%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 1abed9837d2943718a3741173895f9c1
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=UTF-8
cache-control: no-cache, no-store
x-cgp-info: noJvmRouteSet;87dcc989-be87-11ee-a05d-02429ccae90e
trace-id: 1abed983-7d29-4371-8a37-41173895f9c1
x-app-info: collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length: 42
x-xss-protection: 1

GET
H2 202 2x2.gif
www.ebookers.ch/cl/ 42 B
767 B 164ms
164ms Image
image/gif 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-29T09%3A19%3A40.379Z&pageName=captcha-pwa&pageHydrated=1080.8000001907349&appId=captcha-pwa&locale=de_CH&guid=0f1d634d-8ef7-4148-950f-6ab264200f63&visitid=0f1d634d-8ef7-4148-950f-6ab264200f63_1706519980354&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DAPP_HYDRATION_START)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3D87618afebe8711ee8055af710a18b8fa%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 94c6a2b6d5a14a9f8b36b45a8d57c952
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=UTF-8
cache-control: no-cache, no-store
x-cgp-info: noJvmRouteSet;87dc05d4-be87-11ee-9540-02421c8b1403
trace-id: 94c6a2b6-d5a1-4a9f-8b36-b45a8d57c952
x-app-info: collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length: 42
x-xss-protection: 1

GET
H2 202 2x2.gif
www.ebookers.ch/cl/ 42 B
767 B 395ms
395ms Image
image/gif 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-29T09%3A19%3A40.385Z&pageName=captcha-pwa&message=Empty%20analytics%20data%20from%20hydration%20(%27publishClientSidePayload%27%20may%20have%20not%20been%20called%20during%20SSR)&appId=captcha-pwa&locale=de_CH&guid=0f1d634d-8ef7-4148-950f-6ab264200f63&visitid=0f1d634d-8ef7-4148-950f-6ab264200f63_1706519980354&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DWARN%20name%3DNO_ANALYTICS_DATA_WARN)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3D87618afebe8711ee8055af710a18b8fa%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 57500967dd3d41d9beeadc1c3e1122a6
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=UTF-8
cache-control: no-cache, no-store
x-cgp-info: noJvmRouteSet;87e0e851-be87-11ee-9796-0242a6246e1f
trace-id: 57500967-dd3d-41d9-beea-dc1c3e1122a6
x-app-info: collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length: 42
x-xss-protection: 1

GET
H2 200 uitk.f62144cdb147f1081f79.js Show response
c.travel-assets.com/captcha-pwa/ 21 KB
7 KB 27ms
27ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/uitk.f62144cdb147f1081f79.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04f00125cb2e03a3431cace66ec287f21224457380830e073caea9d94682b6c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: sNy9ki.lBUrSq_P1VoWB3BzJr8xXwW3F
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 23:48:05 GMT
server: AmazonS3
x-amz-request-id: BG31RHY40H0P71MT
etag: "17df865cf7ff96fc2528485d2a3863fd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1176387
accept-ranges: bytes
content-length: 6673
x-amz-id-2: vBlHP4HYvUtcIdRuxnPzEnRTOKu8BKdoTRE7TkVN0Bu7GhfvPETulGC7ev0Mf+VpvzUJdeIQPLLCDPu+EJiYiwKTGgTHXxmPmhEtFuV3Njk=
x-client-ipv6: true

GET
H2 200 captcha-challenge.18766651becc82a053fc.js Show response
c.travel-assets.com/captcha-pwa/ 28 KB
10 KB 48ms
47ms Script
application/javascript 2a02:26f0:1700:389::1994
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.travel-assets.com/captcha-pwa/captcha-challenge.18766651becc82a053fc.js
Requested by: Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:389::1994 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e673624b389098fcb49ad432c888b7b9e12c001055225ec6744f2d585b496e06

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 6Lj118oOCKdYbOnvIDIDMGJpZmiojGAA
content-encoding: gzip
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Tue, 02 Jan 2024 23:48:03 GMT
server: AmazonS3
x-amz-request-id: BG35JV560GWX3Q9P
etag: "b93760f5b1ec0bf20b748a9b54b4e175"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1176549
accept-ranges: bytes
content-length: 9587
x-amz-id-2: U6tRIMfIEV7ZgGDAddOQO7KaJwOP6/sXDI/ZGkDsm1bwabG/qorsRTtDWzQ7u5zrrhuG4/tsE1Y=
x-client-ipv6: true

GET
H2 204 1x1.gif
www.ebookers.ch/cl/ 0
720 B 187ms
186ms Image
text/html 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebookers.ch/cl/1x1.gif?action=logTrxEvent&logTime=2024-01-29T09%3A19%3A40.405Z&pageName=captcha-pwa&message=page%20loaded&pageUsable=1106.2&ttfb=229&dns=0&tcp=38&appId=captcha-pwa&locale=de_CH&guid=0f1d634d-8ef7-4148-950f-6ab264200f63&visitid=0f1d634d-8ef7-4148-950f-6ab264200f63_1706519980354&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&label=bernie.client.analytics-entry&bernie.client.analytics-entry_elapsedTime=52

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 87a2e9187c664162af4720e471d83def
x-frame-options: SAMEORIGIN
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store
x-cgp-info: noJvmRouteSet;87e4e040-be87-11ee-8666-0242341c3eda
trace-id: 87a2e918-7c66-4162-af47-20e471d83def
x-app-info: collector-web,74af81d68edb42341062d860c9e7c2af56363540
x-xss-protection: 1

GET
H2 202 2x2.gif
www.ebookers.ch/cl/ 42 B
767 B 174ms
174ms Image
image/gif 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebookers.ch/cl/2x2.gif?action=logErrors&logTime=2024-01-29T09%3A19%3A40.457Z&pageName=captcha-pwa&time=77.69999980926514&appId=captcha-pwa&locale=de_CH&guid=0f1d634d-8ef7-4148-950f-6ab264200f63&visitid=0f1d634d-8ef7-4148-950f-6ab264200f63_1706519980354&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&systemEvent=SystemEvent(level%3DINFO%20name%3DAPP_HYDRATION_COMPLETE)&label=bernie.client.hydrate&url=%22https%3A%2F%2Fwww.ebookers.ch%2F%3Fcjdata%3DMXxOfDB8WXww%26cjevent%3D87618afebe8711ee8055af710a18b8fa%26affcid%3DEBOOKERS-CH.NETWORK.CJ.100520107%22

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 01ed033809b8410793e751037ea8136d
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=UTF-8
cache-control: no-cache, no-store
x-cgp-info: noJvmRouteSet;87ea106b-be87-11ee-9ee9-024251463a42
trace-id: 01ed0338-09b8-4107-93e7-51037ea8136d
x-app-info: collector-web,74af81d68edb42341062d860c9e7c2af56363540
content-length: 42
x-xss-protection: 1

GET
H2 204 challenge.hydrated.styles
www.ebookers.ch/cgp/simple/ 0
671 B 109ms
109ms Stylesheet
text/css 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ebookers.ch/cgp/simple/challenge.hydrated.styles

Requested by

Host: c.travel-assets.com
URL: https://c.travel-assets.com/captcha-pwa/core.64f8215b4681aa119edb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: 7585ba57742e4bdf8fc7a3f10a2b220a
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache, no-store, must-revalidate
x-cgp-info: noJvmRouteSet;87e68d67-be87-11ee-9615-0242e53fee9e
trace-id: 7585ba57-742e-4bdf-8fc7-a3f10a2b220a
x-xss-protection: 1

GET
H2 200 api.js Show response
expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/ 57 KB
21 KB 101ms
43ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/api.js

Requested by

Host: c.travel-assets.com
URL: https://c.travel-assets.com/captcha-pwa/captcha-challenge.18766651becc82a053fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcc6798334cec59b663b423df9e1999aa5838107e69b337faede40b8be91cbe4

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; default-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; style-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age: 1054066
x-amz-request-id: TQGGMAT9Q9GNTNKF
x-amz-server-side-encryption: AES256
cache-tag: 33C384C0-7DE5-4243-80DB-2C5E35802C15,client-api
capi-worker-type: universal
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9Ri8X0ygfdJU1CFsDhUl3wPhUJRBlMnXUygiXnY+tsZDzoRcK2/rYDn8NAhgbJx2nwDLkhXON414qzGqxo0FWA==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:34:15 GMT
server: cloudflare
etag: W/"4213ba069e301b5c56604d480e0d14ec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=31536000
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray: 84d0651648365d98-FRA
cf-request-time: 13

GET
H2 204 1x1.gif
www.ebookers.ch/cl/ 0
720 B 189ms
189ms Image
text/html 2.17.186.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ebookers.ch/cl/1x1.gif?action=logTrxEvent&logTime=2024-01-29T09%3A19%3A40.458Z&pageName=captcha-pwa&hydration=1151.8999996185303&appId=captcha-pwa&locale=de_CH&guid=0f1d634d-8ef7-4148-950f-6ab264200f63&visitid=0f1d634d-8ef7-4148-950f-6ab264200f63_1706519980354&browser_name=Chrome&browser_version=120.0.6099.224&browser_major=120&engine_name=Blink&engine_version=120.0.6099.224&os_name=Windows&os_version=10&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&pwa=true&label=Application&Application_elapsedTime=105

Requested by

Host: www.ebookers.ch
URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-144.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=7776000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=7776000; includeSubDomains;
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 29 Jan 2024 09:19:40 GMT
x-b3-traceid: e3177864f3a74d3abf8dca39b1d023dc
x-frame-options: SAMEORIGIN
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store
x-cgp-info: noJvmRouteSet;87ead2fb-be87-11ee-9540-02421c8b1403
trace-id: e3177864-f3a7-4d3a-bf8d-ca39b1d023dc
x-app-info: collector-web,74af81d68edb42341062d860c9e7c2af56363540
x-xss-protection: 1

GET
H2 200 enforcement.c70df15cb97792b18c2f4978b68954a0.html Show response
expedia-api.arkoselabs.com/v2/2.3.4/ Frame 7CAA 903 B
1 KB 45ms
44ms Document
text/html 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2da84ffbcaec3e24a1c2480b87107978c3577251b746df3b8ad4851bd4167a00

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ebookers.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-origin: *
age: 1054066
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000, immutable
cache-tag: keyless,client-api
capi-worker-type: universal
cf-cache-status: HIT
cf-ray: 84d06516a88e5d98-FRA
cf-request-time: 11
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 09:19:40 GMT
last-modified: Wed, 17 Jan 2024 01:34:15 GMT
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-amz-id-2: YYKjLA0stbuUoRAr3YLGzkMgCor7nT85AGSqEeaIC5WN1nIez7d6FYp9KQdfUwR/7Z4EZsFz2fz4bFnqGGo7Lw==
x-amz-request-id: A60C6QJM7ZBVMR39
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 enforcement.c70df15cb97792b18c2f4978b68954a0.js Show response
expedia-api.arkoselabs.com/v2/2.3.4/ Frame 7CAA 227 KB
84 KB 37ms
37ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1289e1b8d38e339b6c36df1f5a12789c18610f0d10d7cc57a6dc3cdb36317ef

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; default-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; style-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/
Origin: https://expedia-api.arkoselabs.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age: 1054107
x-amz-request-id: HKEAFY7XN0KKGBSR
x-amz-server-side-encryption: AES256
cache-tag: keyless,client-api
capi-worker-type: universal
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JuRJTIYh1301vmKY2uKCsnOlLxGQ0AjLpLVnKJLFzz9YpL0iYW0vVBHwf1N9QgUG8DStkBcCoct6Fm7v9E0gdg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 01:34:16 GMT
server: cloudflare
etag: W/"4d987b2fe4f1a56f13aff81452f16351"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray: 84d06516fe625c5c-FRA
cf-request-time: 9

GET
H3 200 settings Show response
expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/ Frame 7CAA 342 B
1 KB 35ms
35ms Fetch
application/xml 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/v2/33C384C0-7DE5-4243-80DB-2C5E35802C15/settings

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cc2380fab5dff26ba4f9c526fee2f9a02cb811a0d7dba945afedf91ee014095

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; font-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; frame-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; img-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn data:; script-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; default-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn; style-src 'self' .arkoselabs.com .funcaptcha.com .arkoselabs.cn .arkose.com.cn;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: connect-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; font-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; frame-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; img-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn data:; script-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; default-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn; style-src 'self' *.arkoselabs.com *.funcaptcha.com *.arkoselabs.cn *.arkose.com.cn;
age: 1054096
x-amz-request-id: 3AR7X56Y3907KFJW
cache-tag: 33C384C0-7DE5-4243-80DB-2C5E35802C15,client-api
capi-worker-type: universal
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4Uq/1JYVCmbuiAIe0Xyi7w+c7buU7q9RqGuMaCChG6e986B/upvCrfhvbssyowi/mnH47NePKRzza2Z1tOARfg==
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Jan 2024 04:31:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
cache-control: public, max-age=0, s-maxage=31536000
permissions-policy: accelerometer=*, autoplay=*, camera=*, display-capture=*, document-domain=*, encrypted-media=*, fullscreen=*, geolocation=*, gyroscope=*, midi=*, payment=*, picture-in-picture=*, sync-xhr=*, usb=*
cf-ray: 84d06517af315c5c-FRA
cf-request-time: 7

POST
H3 200 33C384C0-7DE5-4243-80DB-2C5E35802C15 Show response
expedia-api.arkoselabs.com/fc/gt2/public_key/ Frame 7CAA 2 KB
1 KB 118ms
116ms Fetch
text/plain 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/gt2/public_key/33C384C0-7DE5-4243-80DB-2C5E35802C15

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

424492bf11ffc75cc86d1f71542a8596065d2c77bbbd6d013c5b84f90ce5d5ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 29 Jan 2024 09:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time: 44
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
hackers: www.arkoselabs.com/whitehat/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
sregion: eu-west-1
cf-ray: 84d065181f995c5c-FRA
version: 2.0

GET
H3 200 sri.json Show response
expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/ Frame 7CAA 100 B
515 B 57ms
57ms Fetch
application/json 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/sri.json

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3825c3d05c8348aa7d05587ace241c852e79676c5c82ea7bba30a2a0f6098982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: UQZS4NTR0fGWjCl99J4ejxr20T3_wAUS
age: 4730
x-amz-request-id: RT56TQXQHJASVFKB
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cRx+9oWn3ZbzdEaV0vSBrISv6D2217o6tUTBLVydF8qDWySjZublubztTMgIRApgq7wjKpeoMNw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 04:58:23 GMT
server: cloudflare
etag: W/"9c6ca1cacd44daecaeb8bff3d5754921"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 84d06518d84f5c5c-FRA

GET
H3 200 game_core_bootstrap.js Show response
expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/ Frame 7CAA 71 KB
27 KB 49ms
49ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/game_core_bootstrap.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b281f8bca3c56d13107823aa7aaaa36a7522e7082a69acdadeae7a661f6487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/
Origin: https://expedia-api.arkoselabs.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: IKmN_h0YBHaBGU3pi390b1C18ceRuUZx
age: 3685
x-amz-request-id: RT5D2SQ3ACPA5542
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FgAmyVXRQkIe8Y4dK2NNKzvfU4u1yS2qWEjohPpLHMx3AOWmmpMmzAKkQcmlqkog231Vr2VsuwM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 04:58:24 GMT
server: cloudflare
etag: W/"185644784fe794ad83b41be9a6ff6444"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651938ae5c5c-FRA

GET
H3 200 index.html Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 1 KB
1 KB 37ms
37ms Document
text/html 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/index.html?session=64617aec6e1745c78.9189272005&r=eu-west-1&meta=3&metabgclr=%23ffffff&metaiconclr=%23757575&guitextcolor=%23000000&lang=de&pk=33C384C0-7DE5-4243-80DB-2C5E35802C15&at=40&ag=101&cdn_url=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fexpedia-api.arkoselabs.com&smurl=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager&theme=default

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/cdn/fc/assets/ec-game-core/bootstrap/1.18.0/standard/game_core_bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2896cea6e091730fad8142671c673272b7d30954a7c76d5be7d7cf4e144ead0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://expedia-api.arkoselabs.com/v2/2.3.4/enforcement.c70df15cb97792b18c2f4978b68954a0.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-origin: *
age: 4719
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 84d06519a9125c5c-FRA
content-encoding: br
content-type: text/html
date: Mon, 29 Jan 2024 09:19:41 GMT
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-amz-id-2: BnLq5Ipio473OmWLY0+1cD4k9Ml4kt3MM0z2xjJxS6ggxluRhGUMauzpFwC6B+hFJ0528rQ7lsfRXVH197mZGZ95O4dfaVHy
x-amz-request-id: RT5C5V0GDH1RN1PQ
x-amz-server-side-encryption: AES256
x-amz-version-id: N_KOFU8o9ZkjPV.fX1ckCP8e33yoWoTo
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 main.8f1960876776c2884786.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 11 KB
5 KB 35ms
35ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/index.html?session=64617aec6e1745c78.9189272005&r=eu-west-1&meta=3&metabgclr=%23ffffff&metaiconclr=%23757575&guitextcolor=%23000000&lang=de&pk=33C384C0-7DE5-4243-80DB-2C5E35802C15&at=40&ag=101&cdn_url=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc&lurl=https%3A%2F%2Faudio-eu-west-1.arkoselabs.com&surl=https%3A%2F%2Fexpedia-api.arkoselabs.com&smurl=https%3A%2F%2Fexpedia-api.arkoselabs.com%2Fcdn%2Ffc%2Fassets%2Fstyle-manager&theme=default

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

406bd80fec4451332267035a2159405872af5f136b7175211db526974c8f4cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: CecmWD2M1VDR2Q.SStxdIpSu8eAnm_Vb
age: 4704
x-amz-request-id: RT56SB2PCQVFBD5Q
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8uhwIjYZbQ/odbLpE9isSJI4Y1Ny41P05XUhgngQ3tXkKyezmVMC1L6JZZL8ioQf3fW03qzmVmc=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
server: cloudflare
etag: W/"1d87fd3a3b747f55f679011827573388"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d06519e9515c5c-FRA

GET
H3 200 lib.chunk.9d5074c338f79881f2f4.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 70 KB
25 KB 36ms
36ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd106d1d10d230e167e33658e3ad320d44343ad3bd79526fd1d21cef811779a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: ANUo7fQdGjOGhhxZjxx7xxMxpFCQF50i
age: 4702
x-amz-request-id: F3FQ9MBQR1EHZ8S3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: HYB55Of6CdGci0vw89Y+aELFLWFa18i4mGjlh1Q481fzzkt3oCHZLgsSxFtQdsXJrvTcn7G3J+w=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
server: cloudflare
etag: W/"e8392a705abe187ad088461627ffff36"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651a39985c5c-FRA

GET
H3 200 532.vendors.1ed3858060ea568b3ffc.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 268 KB
88 KB 55ms
55ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/532.vendors.1ed3858060ea568b3ffc.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efeaeeeb2056f7f27c81a8ea0c1fbc74926edc38b0b43e559e25abfc4aa5d942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: CMvx3oKwVH1VbBkQwrZkZ3VLyqDaTaEK
age: 4702
x-amz-request-id: F3FYVFDFGM8RC3N8
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nKJJqEj0no+q2Rp9Rod49++jf3ZuwApL8rjum9puzjCmUgsWSl12bHSkboXgcBnlmm+wtEWFiFM=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
server: cloudflare
etag: W/"d7928d04c33892b20455490d99942094"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651a399d5c5c-FRA

GET
H3 200 378.chunk.79eadb757cd4e99357c7.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 12 KB
5 KB 73ms
73ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/378.chunk.79eadb757cd4e99357c7.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2818c86993b6d4ae124cef7813adcd61b48fd53dde3a9b8e8419c3c0e34e4215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: HWb7np127SzWbhoSY.anHplhfLikOrzC
age: 4188
x-amz-request-id: F3FM8YTZM0G7ZX9Z
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xleEFbS97Lqa62qR0pZR2rEu/y/FwsrH0pAyWFelvA3kYokjv8x4Ce1IQLjRJkejg59pbPpOwcw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
server: cloudflare
etag: W/"5cd1357fa0efad36ed89391fb466805d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651a39a05c5c-FRA

GET
H3 200 542.vendors.abe0e64e95582406fe38.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 121 KB
41 KB 34ms
34ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/542.vendors.abe0e64e95582406fe38.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db05a8f83715de0ef7d87feb02c65bbbebb4870c7855f7911d4decd5e9188022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: zwd7tpOi73RRI7NW_3rtvFM48_0KrDQO
age: 4702
x-amz-request-id: F3FGWP8E133DT1WQ
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IDCbpg9ZPIMGcvfoMbTrWut97M8CfVRDMO+LNGNFDs+xp6T5NxHU4S/PkmSz9rMbk2OYf+5g+Ik=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
server: cloudflare
etag: W/"dbc6d0247b75da98430e62f27fb07e9f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651a39a25c5c-FRA

GET
H3 200 924.vendors.ea33e7ebaefd19354536.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 37 KB
15 KB 74ms
74ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/924.vendors.ea33e7ebaefd19354536.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

858807237d92917430f4a0e45f721313b473b01016520ac5fa1da09b74cfec95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: r29uqbnXHyvxHlVEcZn2Ze08iDUuM3Fq
age: 4712
x-amz-request-id: F3FJS54QQ46QC7Z4
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pGc/XFOnPEs6n4+IL/JF9d6WVw2LcbOw497lnZ3KsnEnP9XGsvKqU7w6CUFZafaqVSbDF0Zv2cw=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
server: cloudflare
etag: W/"dc449a28528f5124f7844a97bd3e3913"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651a39a55c5c-FRA

GET
H3 200 406.chunk.e43483a2d1aaeec0b80d.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/ Frame B57F 239 KB
68 KB 75ms
74ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/406.chunk.e43483a2d1aaeec0b80d.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/main.8f1960876776c2884786.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b373a2686afc1e6d319403886f7e3798669abdd67dce1bee1eb5a068bc1c1433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 7zaDc2LzP4xnl7LHSxrZ_cH_btJzcjK8
age: 3307
x-amz-request-id: F3FX4VQQNE58YHWF
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KVIyYwdglDgrRuCmBr3GbTVs2zPHnpRNWzhKUF0l+Ctly6KTyIRdGiEca/7DgUYbo/+Tuh1T0jI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 05:00:37 GMT
server: cloudflare
etag: W/"092a65eb6be44557eafd0d2c24806039"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651a39a75c5c-FRA

GET
H3 200 / Show response
expedia-api.arkoselabs.com/fc/gc/ Frame B57F 3 B
475 B 120ms
120ms XHR
text/html 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/gc/?token=64617aec6e1745c78.9189272005

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/532.vendors.1ed3858060ea568b3ffc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'nonce-65b76dad55bd6657697873' ; style-src 'self' 'nonce-65b76dad55bd6657697873'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' 'nonce-65b76dad55bd6657697873' ; style-src 'self' 'nonce-65b76dad55bd6657697873'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
p3p: CP="IE6COMPAT"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
hackers: www.arkoselabs.com/whitehat/
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Jan 2024 09:19:41 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=utf-8
sregion: eu-west-1
cf-ray: 84d0651aea3a5c5c-FRA

POST
H3 200 / Show response
expedia-api.arkoselabs.com/fc/a/ Frame B57F 15 B
425 B 68ms
68ms XHR
text/plain 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/a/

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e8570386d338e4f7ad703ba8f80f4cf257223b7b09cf71b2dde405403471

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-Timestamp: 170651900981399
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 15
x-xss-protection: 1; mode=block
hackers: www.arkoselabs.com/whitehat/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
sregion: eu-west-1
cf-ray: 84d0651bcb025c5c-FRA
version: 2.0

GET
H3 200 1dee1b7a-b7d3-4f3f-a6c0-a20a135968a7.css
expedia-api.arkoselabs.com/cdn/fc/assets/style-manager/styles/ Frame B57F 787 B
756 B 33ms
33ms Stylesheet
text/css 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/cdn/fc/assets/style-manager/styles/1dee1b7a-b7d3-4f3f-a6c0-a20a135968a7.css

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/406.chunk.e43483a2d1aaeec0b80d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b54753c0fa152d99dc77389f6763a5242f19baa21ab9b29bbaee89a46e1464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/
Origin: https://expedia-api.arkoselabs.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: kJpP1dZai5o7j4uq.KrUD1Kkv9CuCMKY
age: 1339
x-amz-request-id: CX5469JM1QTCCQX1
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CXhyePf+fDXfNTi+ruRF6hMazzM7Bvo3gzf4nEJUTJ/RWrFu3DHRl+gNejSqGZ5tFTrOp5+uRhs=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Aug 2023 09:26:53 GMT
server: cloudflare
etag: W/"ec3eff5f36fe4d422dfe81751506cc20"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cf-ray: 84d0651bcb055c5c-FRA

POST
H3 200 / Show response
expedia-api.arkoselabs.com/fc/gfct/ Frame B57F 12 KB
5 KB 471ms
471ms XHR
application/json 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/gfct/

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9d04ddc55bb403b7e11856548347b768613c9c8897e6f29f0650f587ccc490

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'nonce-65b76dad6b199731781808' ; style-src 'self' 'nonce-65b76dad6b199731781808'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-Timestamp: 170651900981403
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'nonce-65b76dad6b199731781808' ; style-src 'self' 'nonce-65b76dad6b199731781808'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time: 407
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
hackers: www.arkoselabs.com/whitehat/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
sregion: eu-west-1
cf-ray: 84d0651bcb065c5c-FRA

POST
H3 200 / Show response
expedia-api.arkoselabs.com/fc/a/ Frame B57F 15 B
425 B 71ms
71ms XHR
text/plain 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/a/

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/lib.chunk.9d5074c338f79881f2f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad3e8570386d338e4f7ad703ba8f80f4cf257223b7b09cf71b2dde405403471

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-Timestamp: 170651900981877
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.google.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy: default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' cdn.funcaptcha.com cdn.arkoselabs.com data:; media-src 'self' data:; connect-src 'self'
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 15
x-xss-protection: 1; mode=block
hackers: www.arkoselabs.com/whitehat/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
sregion: eu-west-1
cf-ray: 84d0651ecd845c5c-FRA
version: 2.0

GET
H3 200 remoteEntry.js Show response
expedia-api.arkoselabs.com/fc/assets/ec-game-core/match-game/1.18.0/standard/ Frame B57F 13 KB
6 KB 39ms
39ms Script
application/javascript 2606:4700:4400::ac40:9a56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/match-game/1.18.0/standard/remoteEntry.js

Requested by

Host: expedia-api.arkoselabs.com
URL: https://expedia-api.arkoselabs.com/fc/assets/ec-game-core/game-core/1.18.0/standard/406.chunk.e43483a2d1aaeec0b80d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9a56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8eadb3e243156ea85e92e292c24a1607adbd3a82cf99da2c75a567ba8bd8a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:19:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-version-id: 6KFI6ssghFSIXO4jZr5OZzjAqlgf4ar4
age: 3661
x-amz-request-id: QEVHJ8J6TAD9S5B7
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cyiT6/aNTMteN7ZJXU4EGFii8DNdnxrbMCUFCSt3lNWNya4tXZXfZ+/UmEdvBO8fwBjagw2vQJs=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 10 Jan 2024 04:58:16 GMT
server: cloudflare
etag: W/"92b7089ffadfd64dc1514e4c97867543"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 84d0651edd905c5c-FRA

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dotomi.com/	1969-12-31 23:59:59	Name: CJSession Value: 8f46d319-4200-4330-9fe9-19a6a74645e5
.dotomi.com/	1970-01-21 03:29:21	Name: cjae Value: Z_JqCUqiD.Ml
.dotomi.com/	1970-01-21 03:29:21	Name: DotomiUser Value: 400205561203562479$0$1
.dotomi.com/	1970-01-21 03:29:21	Name: LCLK Value: cjo!xi43-dzlxida
.emjcd.com/	1970-01-21 03:29:21	Name: S Value: 400205561203562479:Z_JqCUqiD.Ml
.emjcd.com/	1970-01-21 03:29:21	Name: LCLK Value: cjo!xi43-dzlxida
.emjcd.com/	1969-12-31 23:59:59	Name: CJSession Value: 8f46d319-4200-4330-9fe9-19a6a74645e5
.ebookers.ch/	1970-01-20 18:02:01	Name: HMS Value: d5fb6356-76b4-4a11-8481-8f973e27ffcd
.ebookers.ch/	1970-01-21 03:37:59	Name: MC1 Value: GUID=0f1d634d8ef74148950f6ab264200f63
.ebookers.ch/	1970-01-21 03:37:59	Name: DUAID Value: 0f1d634d-8ef7-4148-950f-6ab264200f63
.ebookers.ch/	1970-01-21 03:37:59	Name: OIP Value: gdpr\|-1
.ebookers.ch/	1970-01-20 18:12:04	Name: CRAS Value: EBOOKERS-CH.NETWORK.CJ.100520107
.ebookers.ch/	1970-01-21 02:47:35	Name: _abck Value: DDB6860905605D64CEFF04F0C6AAE9D4~-1~YAAQoF5swQdg/RmNAQAA72eEVAvBztzYBHDts6juOCVuR04LWfw64y1QTkQ2uy60OFVmTA3lR1qn0k0Zxz84yI8AiLzo5LZvmK7oUPjtK3qyb+gF68xLvCAAx1LMXu11SFHTrvqIE4heuYZORbliabMTQac9spin/X9khLpke0FF+KcaUQlUrjw5ZqUNf8K9cNzhBzgJL7woMKee/wRfURzkDe9hN1zofAt83hCPd0zvCUo9ExL6inJ7HKhwBSgwNDekTgrWXcuMxht/2xWzd8V7lks0FmFGFWEAF8/olCInOgaKZTI2wS6kmL5fLkV7KEjHC0T+cRt+3V+d3X4BtiFFq2V2Z04mDwFxzAONPRKoXlUOAAC3Z1CpyAcN~-1~-1~-1
.ebookers.ch/	1970-01-20 18:02:07	Name: ak_bmsc Value: 86BB4EC080E013B4AA41CB786834B4B9~000000000000000000000000000000~YAAQoF5swQhg/RmNAQAA72eEVBZz6cPGly0slXKfzKLTu/9yG6oKh/ZWVRzMsrbvvBiHz5G1VcE6chPBnlzChbBoooXdOPnPLXPxsvOdBNhbtWTGjapOg2px++zGJ+NdprmnV3Kk18efgJ4dGfm6HqGuMEc4SVCl+xg9S5tQ3BK/k7h800FOwZp9NBa7SuBB+V+hRGmt2llaJBMAupaQ9jroHCkVIO1wFjTsh4NrwxB90E+eSKPE2igNWwVzWfT+S87k+4wuHIjfUD9v+v1oEoQXSxss8UM3dZzIc4UimcjzOYgbjZnt82/RCZv1ynl5uzkW0kZnt7zbVHXQcKbH7loy+sOd477ni0SKNIq6EvYI6Z1yWoRV24HeIrHb1+8fGGEWh/o2fMWRtw==
.ebookers.ch/	1970-01-20 18:02:14	Name: bm_sz Value: FB3DE9091971428325BA396541615BE5~YAAQoF5swQpg/RmNAQAA72eEVBaUOeR19aOtZ/oWxfpEf3q0ruR/FnibnnVhUBO8uHYLvvCRN8He34K0BVxwfeoV9xqd51KrblDzOQ7BMSf2DyHWjeXu6A5FcbuxjbltJ4gFRI/jgXDK9CJWZw2U1zbqA87Bx2otVVynyefhnPtfwy/aHquQr/IzLHfzoh+nYj9vxJ5GbLFkeoh5Bf2ZkFF42oLCvQrTb6ouhpukRNUZf+qM7+GmOcYZLDSfM6+tQ7jY3EEvXgLagZ6eJgnThNZWH5bZDcPow+PypllSPq04wtEdtwItBhkjGELGUTyQftSdxqF31tP44xXKPDI=~3420979~4272194
.arkoselabs.com/	1969-12-31 23:59:59	Name: _cfuvid Value: F0febQLSZp4wN.N_F2gC6vqGX123PJDoPXwLh6gRBcc-1706519980548-0-604800000
expedia-api.arkoselabs.com/	1969-12-31 23:59:59	Name: timestamp Value: 170651900981877

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.ebookers.ch/?cjdata=MXxOfDB8WXww&cjevent=87618afebe8711ee8055af710a18b8fa&affcid=EBOOKERS-CH.NETWORK.CJ.100520107 Message: Failed to load resource: the server responded with a status of 429 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.travel-assets.com
cj.dotomi.com
expedia-api.arkoselabs.com
www.ebookers.ch
www.emjcd.com
www.jdoqocy.com
www.reissen.ch
xn--billigflege-0hb.ch
2.17.186.144
2606:4700:4400::ac40:9a56
2a02:26f0:1700:389::1994
85.13.130.124
85.13.138.41
89.207.16.75
0107a1b760060fbef578110800b88f3c204e1c1e1acc2171c09fdc12b4f7d4b1
04f00125cb2e03a3431cace66ec287f21224457380830e073caea9d94682b6c3
0b2ba20cc51e34fc59e0e121f22687291af155fa8eb1d084489b525a61c86f66
14044b17cfa4980c10b832e7d76bf9725682e8ab78e7eed11b38a454317ad8fd
24c55579ace8c50bc6089dc53e5718a17f6e21a89b23ec0a0d55d4000f03b40e
2818c86993b6d4ae124cef7813adcd61b48fd53dde3a9b8e8419c3c0e34e4215
2896cea6e091730fad8142671c673272b7d30954a7c76d5be7d7cf4e144ead0f
2ad3e8570386d338e4f7ad703ba8f80f4cf257223b7b09cf71b2dde405403471
2d233a2cb56bb3cdcc2fa87581b64adc161a9f3e54f6a1042f4d039142d3de8c
2da84ffbcaec3e24a1c2480b87107978c3577251b746df3b8ad4851bd4167a00
3825c3d05c8348aa7d05587ace241c852e79676c5c82ea7bba30a2a0f6098982
406bd80fec4451332267035a2159405872af5f136b7175211db526974c8f4cd7
424492bf11ffc75cc86d1f71542a8596065d2c77bbbd6d013c5b84f90ce5d5ee
5135053a83b4edd50e0046bf433ecfb5d6597e702140f03d8a3205f75eeff5d0
5b9d04ddc55bb403b7e11856548347b768613c9c8897e6f29f0650f587ccc490
5cc2380fab5dff26ba4f9c526fee2f9a02cb811a0d7dba945afedf91ee014095
6fcced5a26012d89ea3835b9134c8808acedf2dc44d4396e8a9e1b4aba1c8b1b
75b54753c0fa152d99dc77389f6763a5242f19baa21ab9b29bbaee89a46e1464
77e9c2c22f2284fef863623b3fc265b987517453e2c5defdb73fed3d5be40e8a
858807237d92917430f4a0e45f721313b473b01016520ac5fa1da09b74cfec95
8954c977d5dfcb2838c736fe6287eabd9e0d8e0dad4896cedc2b1ecadc830b30
b373a2686afc1e6d319403886f7e3798669abdd67dce1bee1eb5a068bc1c1433
bd106d1d10d230e167e33658e3ad320d44343ad3bd79526fd1d21cef811779a8
c11908b7e7f4095bd9f6435f1b2856834e24b805fd36cb73f410e00dac0d71ab
c8eadb3e243156ea85e92e292c24a1607adbd3a82cf99da2c75a567ba8bd8a01
d1289e1b8d38e339b6c36df1f5a12789c18610f0d10d7cc57a6dc3cdb36317ef
db05a8f83715de0ef7d87feb02c65bbbebb4870c7855f7911d4decd5e9188022
dba88bfd246a7932de312847fd129688160a991ab82175aee752422cd1ab0f9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b281f8bca3c56d13107823aa7aaaa36a7522e7082a69acdadeae7a661f6487
e673624b389098fcb49ad432c888b7b9e12c001055225ec6744f2d585b496e06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeaeeeb2056f7f27c81a8ea0c1fbc74926edc38b0b43e559e25abfc4aa5d942
fcc6798334cec59b663b423df9e1999aa5838107e69b337faede40b8be91cbe4

www.ebookers.ch Open in urlscan Pro 2.17.186.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

96 %HTTPS

33 %IPv6

8 Domains

8 Subdomains

5 IPs

3 Countries

795 kBTransfer

2564 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ebookers.ch Open in urlscan Pro
2.17.186.144 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

96 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

795 kB
Transfer

2564 kB
Size

17
Cookies

45 HTTP transactions
0 data transactions