demo4.bookingengine.hk Open in urlscan Pro
118.143.209.56  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response demo4.bookingengine.hk/	690 B 1 KB	548ms 180ms	Document text/html	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 97299fd07fffef0eca760df4627ecf05055a7a6a04de68497cf9929a141d8c9e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-control private Connection keep-alive Content-Length 690 Content-Type text/html Date Sat, 18 Feb 2023 16:03:04 GMT ETag "63e08713-2b2" Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1
GET H/1.1	200 OK	chunk-vendors.da652dee.js Show response demo4.bookingengine.hk/js/	1 MB 1 MB	361ms 361ms	Script application/javascript	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/js/chunk-vendors.da652dee.js Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash ae33170333e5f192f4f82ad3a31f267dd7c26205494f18825862a02b64a338a4 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:04 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-120a5b" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1182299
GET H/1.1	200 OK	app.43b2a6ef.js Show response demo4.bookingengine.hk/js/	946 KB 946 KB	724ms 359ms	Script application/javascript	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/js/app.43b2a6ef.js Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 9246630c4fe368c1e2f61919acfcf91aba8e050aa5ddba1c645bf2d6f53515d0 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:05 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-ec79f" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 968607
GET H/1.1	200 OK	chunk-vendors.f5fab4c2.css demo4.bookingengine.hk/css/	431 KB 431 KB	709ms 357ms	Stylesheet text/css	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/css/chunk-vendors.f5fab4c2.css Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash aae98ea49aafd7787445011b6d3a0242ef716de713ce7badef66f007c715c77b Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:05 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-6ba98" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 440984
GET H/1.1	200 OK	app.8f5293d4.css demo4.bookingengine.hk/css/	82 KB 82 KB	721ms 364ms	Stylesheet text/css	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/css/app.8f5293d4.css Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 154514fb4b78152303ff00968088cf9241c02091fdc9adc5446c845a90f2d385 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:05 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-14753" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 83795
GET H2	200	api.js Show response apis.google.com/js/	17 KB 7 KB	263ms 134ms	Script text/javascript	2a00:1450:400d:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/js/chunk-vendors.da652dee.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff date Sat, 18 Feb 2023 16:03:06 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6890 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" etag "54342ea4be5fb089" vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 accept-ranges bytes timing-allow-origin * expires Sat, 18 Feb 2023 16:03:06 GMT
GET H/1.1	404 Not Found	card.jpg demo4.bookingengine.hk/assets/images/card/	570 B 570 B	183ms 182ms	Image text/html	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Show image Full URL https://demo4.bookingengine.hk/assets/images/card/card.jpg Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 9a3255c995cfb19d85ba8f8ff31677bcf1b0b32b07ae850acc312acee8f4ba91 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:06 GMT Server nginx/1.20.1 Connection keep-alive Content-Length 570 Content-Type text/html
GET H/1.1	200 OK	fontawesome-webfont.e9955780.woff2 demo4.bookingengine.hk/fonts/	75 KB 76 KB	180ms 180ms	Font font/woff2	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/fonts/fontawesome-webfont.e9955780.woff2 Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/css/chunk-vendors.f5fab4c2.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://demo4.bookingengine.hk/css/chunk-vendors.f5fab4c2.css Origin https://demo4.bookingengine.hk accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:06 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-12d68" Content-Type font/woff2 Connection keep-alive Accept-Ranges bytes Content-Length 77160
POST H/1.1	200 OK	login-status Show response demo4.bookingengine.hk/api/v1/account/	17 B 481 B	186ms 185ms	XHR application/json	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/api/v1/account/login-status Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/js/chunk-vendors.da652dee.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 ; mode=block Request headers Accept application/json, text/plain, */* Referer https://demo4.bookingengine.hk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/json Response headers Pragma no-cache Date Sat, 18 Feb 2023 16:03:06 GMT X-Content-Type-Options nosniff Referrer-Policy no-referrer Server nginx/1.20.1 X-Frame-Options DENY Content-Type application/json Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection keep-alive Content-Length 17 X-XSS-Protection 1 ; mode=block Expires 0
GET H/1.1	200 OK	423.48d5aefa.css demo4.bookingengine.hk/css/	21 KB 21 KB	182ms 181ms	Stylesheet text/css	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/css/423.48d5aefa.css Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/js/app.43b2a6ef.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 742b2e7b7ceba38967edce0b5bef0a396d66f8b1782e2a422c685908a3b643b3 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:06 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-547e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 21630
GET H/1.1	200 OK	423.4ac6138f.js Show response demo4.bookingengine.hk/js/	63 KB 63 KB	342ms 180ms	Script application/javascript	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/js/423.4ac6138f.js Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/js/app.43b2a6ef.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 5739eb0599f9c410bb52b1c1a72b4b3bbbae8afd979178696bdeb892713f3605 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:06 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-fa58" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 64088
GET H/1.1	200 OK	index_bg.4709e89e.png demo4.bookingengine.hk/img/	1 MB 1 MB	183ms 181ms	Image image/png	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Show image Full URL https://demo4.bookingengine.hk/img/index_bg.4709e89e.png Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 3c607cd5738acebdae439a6c26b7dc1ad275351dd5ad587fddd9ff04a5db395f Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:07 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-14263a" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1320506
GET H/1.1	200 OK	index_bg1.58044179.png demo4.bookingengine.hk/img/	977 KB 977 KB	212ms 209ms	Image image/png	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Show image Full URL https://demo4.bookingengine.hk/img/index_bg1.58044179.png Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash b3469095e23f6d8f9df39579c96d3a9094a41a5c8c629ae5f142350d73d1ee85 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:07 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-f4435" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1000501
GET H/1.1	200 OK	index_bg2.96687626.png demo4.bookingengine.hk/img/	1 MB 1 MB	199ms 198ms	Image image/png	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Show image Full URL https://demo4.bookingengine.hk/img/index_bg2.96687626.png Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 039547a0c5b9d89e85515388a0e9975e3cc622d8702dcc22f93ee02cb797c808 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Sat, 18 Feb 2023 16:03:07 GMT Last-Modified Mon, 06 Feb 2023 04:50:27 GMT Server nginx/1.20.1 ETag "63e08713-12b785" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1226629
GET H/1.1	500 Internal Server Error	popular-destinations Show response demo4.bookingengine.hk/api/v1/air/	135 B 522 B	213ms 212ms	XHR application/json	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/api/v1/air/popular-destinations Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/js/chunk-vendors.da652dee.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 2e3b73a1a1ee6de4385fbf5133d0bb980c8ba852df2b71ec5afb3f2baac56000 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 ; mode=block Request headers Accept application/json, text/plain, */* Referer https://demo4.bookingengine.hk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Sat, 18 Feb 2023 16:03:07 GMT X-Content-Type-Options nosniff Referrer-Policy no-referrer Server nginx/1.20.1 X-Frame-Options DENY Content-Type application/json Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection keep-alive Content-Length 135 X-XSS-Protection 1 ; mode=block Expires 0
GET H/1.1	500 Internal Server Error	popular-cities Show response demo4.bookingengine.hk/api/v1/hotel/	131 B 518 B	208ms 207ms	XHR application/json	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/api/v1/hotel/popular-cities Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/js/chunk-vendors.da652dee.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 100f35c4965fe35dd8cdf2bf08551ab930fea78de02c533f9bf024001e784792 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 ; mode=block Request headers Accept application/json, text/plain, */* Referer https://demo4.bookingengine.hk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Sat, 18 Feb 2023 16:03:07 GMT X-Content-Type-Options nosniff Referrer-Policy no-referrer Server nginx/1.20.1 X-Frame-Options DENY Content-Type application/json Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection keep-alive Content-Length 131 X-XSS-Protection 1 ; mode=block Expires 0
GET H/1.1	500 Internal Server Error	hot-deals Show response demo4.bookingengine.hk/api/v1/booking/	128 B 515 B	439ms 231ms	XHR application/json	118.143.209.56 ISP-AS-AP ISP
General Check archive.org Show headers Download Go to Full URL https://demo4.bookingengine.hk/api/v1/booking/hot-deals Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/js/chunk-vendors.da652dee.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 118.143.209.56 Central, Hong Kong, ASN55355 (ISP-AS-AP ISP, HK), Reverse DNS d1-56-209-143-118-on-nets.com Software nginx/1.20.1 / Resource Hash 010461df37cdbb3dd680b1e87cd0ae863591264d6c5cad125df9737a56fabc01 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 ; mode=block Request headers Accept application/json, text/plain, */* Referer https://demo4.bookingengine.hk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Pragma no-cache Date Sat, 18 Feb 2023 16:03:07 GMT X-Content-Type-Options nosniff Referrer-Policy no-referrer Server nginx/1.20.1 X-Frame-Options DENY Content-Type application/json Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection keep-alive Content-Length 128 X-XSS-Protection 1 ; mode=block Expires 0
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/	115 KB 39 KB	48ms 47ms	Script text/javascript	2a00:1450:400d:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b7722cf2a37addcff21e4f02d982f6d5e31c5a52424e289f33df6cae569b5ed4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://demo4.bookingengine.hk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 15:29:03 GMT content-encoding gzip x-content-type-options nosniff age 174844 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39730 x-xss-protection 0 last-modified Sat, 07 Jan 2023 15:19:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="social-frontend-mpm-access" vary Accept-Encoding report-to {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]} content-type text/javascript; charset=UTF-8 cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 16 Feb 2024 15:29:03 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame C5E7	280 B 1 KB	1773ms 1681ms	Document text/html	2a00:1450:4001:811::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2832547898fe79aa7f0b89655ee3732c8621b5f5fe4278c1f88ba34398aa61aa Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-KpwqsBFwoPiEAGxl1XFgww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://demo4.bookingengine.hk/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-KpwqsBFwoPiEAGxl1XFgww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Sat, 18 Feb 2023 16:03:08 GMT expires Mon, 01 Jan 1990 00:00:00 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-xss-protection 0
POST H2	400	cspreport accounts.google.com/_/IdpIFrameHttp/ Frame C5E7	2 KB 914 B	53ms 52ms	Other text/html	2a00:1450:4001:811::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/_/IdpIFrameHttp/cspreport Requested by Host: demo4.bookingengine.hk URL: https://demo4.bookingengine.hk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4feb040a89aa14a5b8848b57f17b1c22b9e1e27d95a18ec106fbb228b742cea5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://accounts.google.com/o/oauth2/iframe accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Sat, 18 Feb 2023 16:03:09 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	m=base Show response www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.iKE45d1TMAg.es5.O/d=1/rs=AOaEmlHGNfIpDtNZi5Y8IbCDoUbbLTIHXQ/ Frame C5E7	100 KB 35 KB	202ms 36ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.iKE45d1TMAg.es5.O/d=1/rs=AOaEmlHGNfIpDtNZi5Y8IbCDoUbbLTIHXQ/m=base Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 974287e088915b03b5f34da54cbe8fa17e04197d1ee1589b55e8db1c8d98c094 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 17:46:59 GMT content-encoding gzip x-content-type-options nosniff age 166570 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35036 x-xss-protection 0 last-modified Sat, 11 Feb 2023 03:39:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/identity-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Fri, 16 Feb 2024 17:46:59 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame C5E7	50 B 93 B	332ms 331ms	XHR application/json	2a00:1450:4001:811::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdemo4.bookingengine.hk&client_id=764595691158-9m3agl8de3n9jstvpkcd6ehd2s6av03u.apps.googleusercontent.com Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.iKE45d1TMAg.es5.O/d=1/rs=AOaEmlHGNfIpDtNZi5Y8IbCDoUbbLTIHXQ/m=base Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-Xk6wDoolD6Z9sRaVUKxTfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Sat, 18 Feb 2023 16:03:09 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-security-policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-Xk6wDoolD6Z9sRaVUKxTfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist content-encoding gzip cross-origin-embedder-policy require-corp p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="IdpIFrameHttp" server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin report-to {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]} content-type application/json; charset=utf-8 cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Sat, 18 Feb 2023 16:03:09 GMT

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| webpackChunkbookingengine_web_vue object| __vueuse_ssr_handlers__ boolean| __VUE__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| gapi object| ___jsl object| osapi

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			demo4.bookingengine.hk/	1969-12-31 23:59:59	Name: c6ec3eab65ac15272be2cfebd328245b Value: d2f3f463aff30fa04111a62ad9aa5337
			demo4.bookingengine.hk/	1969-12-31 23:59:59	Name: 09aaaea7b591306a8d1427afe94791a7 Value: a4b7039b0fa574d5879d1a0e86828836
			.demo4.bookingengine.hk/	1970-01-20 19:21:36	Name: G_ENABLED_IDPS Value: google
			.google.com/	1970-01-20 14:09:07	Name: NID Value: 511=alwGoWB4PM9OMN00Hkoi5CdFnLIy-M5PzRqGN3E9e4Ac4yObux4LhAlh9s6TcZ5HWKSJHQ99bvvSXZdhXUvoJLqbtuHlhfJDPQLrX-t0oIwe6ukChI2T41u2kiL4SVLtaIStK6MSvS6xXs6CN52GtSbPO3KYMskJTIiuwLb4L0E

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://demo4.bookingengine.hk/assets/images/card/card.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.IpWeeLsup8c.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-7vGeOZpyfcbeljIbxyJzXpK39XA/cb=gapi.loaded_0?le=scs(Line 173) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://demo4.bookingengine.hk/api/v1/hotel/popular-cities Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://demo4.bookingengine.hk/api/v1/air/popular-destinations Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://demo4.bookingengine.hk/api/v1/booking/hot-deals Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
demo4.bookingengine.hk
www.gstatic.com
118.143.209.56
2a00:1450:4001:811::200d
2a00:1450:4001:830::2003
2a00:1450:400d:806::200e
010461df37cdbb3dd680b1e87cd0ae863591264d6c5cad125df9737a56fabc01
039547a0c5b9d89e85515388a0e9975e3cc622d8702dcc22f93ee02cb797c808
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
100f35c4965fe35dd8cdf2bf08551ab930fea78de02c533f9bf024001e784792
154514fb4b78152303ff00968088cf9241c02091fdc9adc5446c845a90f2d385
2832547898fe79aa7f0b89655ee3732c8621b5f5fe4278c1f88ba34398aa61aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e3b73a1a1ee6de4385fbf5133d0bb980c8ba852df2b71ec5afb3f2baac56000
3c607cd5738acebdae439a6c26b7dc1ad275351dd5ad587fddd9ff04a5db395f
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
4feb040a89aa14a5b8848b57f17b1c22b9e1e27d95a18ec106fbb228b742cea5
5739eb0599f9c410bb52b1c1a72b4b3bbbae8afd979178696bdeb892713f3605
742b2e7b7ceba38967edce0b5bef0a396d66f8b1782e2a422c685908a3b643b3
9246630c4fe368c1e2f61919acfcf91aba8e050aa5ddba1c645bf2d6f53515d0
97299fd07fffef0eca760df4627ecf05055a7a6a04de68497cf9929a141d8c9e
974287e088915b03b5f34da54cbe8fa17e04197d1ee1589b55e8db1c8d98c094
9a3255c995cfb19d85ba8f8ff31677bcf1b0b32b07ae850acc312acee8f4ba91
aae98ea49aafd7787445011b6d3a0242ef716de713ce7badef66f007c715c77b
ae33170333e5f192f4f82ad3a31f267dd7c26205494f18825862a02b64a338a4
b3469095e23f6d8f9df39579c96d3a9094a41a5c8c629ae5f142350d73d1ee85
b7722cf2a37addcff21e4f02d982f6d5e31c5a52424e289f33df6cae569b5ed4
ea12dfa0a21ef0aff014277a2a2f37e1cdb77aa0d12418d163d32a24236228f1