urlscan.io logo urlscan.io
SecurityTrails logo

tours.wingontravel.com Open in urlscan Pro
14.136.236.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fsearch%2Fsearch...
Effective URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=ED...
Submission: On April 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 5 domains to perform 45 HTTP transactions. The main IP is 14.136.236.151, located in Central, Hong Kong and belongs to HKBN-AS-AP Hong Kong Broadband Network Ltd., HK. The main domain is tours.wingontravel.com.
TLS certificate: Issued by Thawte RSA CA 2018 on December 7th 2022. Valid for: a year.
This is the only time tours.wingontravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 23.73.141.168 16625 (AKAMAI-AS)
4 2.23.67.113 16625 (AKAMAI-AS)
2 18.139.59.215 16509 (AMAZON-02)
9 14.136.236.151 9269 (HKBN-AS-A...)
1 3.123.186.207 16509 (AMAZON-02)
11 14.136.236.131 10103 (HKBN-AS-A...)
1 2a00:1450:400... ()
3 115.160.189.13 9381 (HKBNES-AS...)
4 14.136.236.140 10103 (HKBN-AS-A...)
2 2a03:2880:f01... ()
3 2a00:1450:400... ()
45 12
4    23.73.141.168 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-141-168.deploy.static.akamaitechnologies.com
www.trip.com
m.trip.com
4    2.23.67.113 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-67-113.deploy.static.akamaitechnologies.com
ak-s.tripcdn.com
2    18.139.59.215 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-59-215.ap-southeast-1.compute.amazonaws.com
ubt-sin.tripcdn.com
9    14.136.236.151 (Central, Hong Kong)

ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK)
PTR: 014136236151.static.ctinets.com
tours.wingontravel.com
1    3.123.186.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-186-207.eu-central-1.compute.amazonaws.com
chloro.trip.com
11    14.136.236.131 (Central, Hong Kong)

ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK)
PTR: 014136236131.static.ctinets.com
webresource.wingontravel.com
1    2a00:1450:4001:829::200d (None, )

ASN- ()
accounts.google.com
3    115.160.189.13 (Sai Wan, Hong Kong)

ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK)
PTR: vsa12.hkecl.net
members.wingontravel.com
4    14.136.236.140 (Central, Hong Kong)

ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK)
PTR: 014136236140.static.ctinets.com
m.wingontravel.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (None, )

ASN- ()
connect.facebook.net
3    2a00:1450:4001:803::200e (None, )

ASN- ()
apis.google.com
Apex Domain
Subdomains		 Transfer
27 wingontravel.com
tours.wingontravel.com
webresource.wingontravel.com — Cisco Umbrella Rank: 918054
members.wingontravel.com
m.wingontravel.com — Cisco Umbrella Rank: 490754
307 KB
6 tripcdn.com
ak-s.tripcdn.com — Cisco Umbrella Rank: 64144
ubt-sin.tripcdn.com — Cisco Umbrella Rank: 42070
84 KB
5 trip.com
www.trip.com — Cisco Umbrella Rank: 42032
m.trip.com — Cisco Umbrella Rank: 61907
chloro.trip.com — Cisco Umbrella Rank: 96870
3 KB
4 google.com
accounts.google.com
apis.google.com
193 KB
2 facebook.net
connect.facebook.net
89 KB
45 5
Domain Requested by
11 webresource.wingontravel.com tours.wingontravel.com
webresource.wingontravel.com
9 tours.wingontravel.com ak-s.tripcdn.com
tours.wingontravel.com
4 m.wingontravel.com tours.wingontravel.com
webresource.wingontravel.com
4 ak-s.tripcdn.com www.trip.com
ak-s.tripcdn.com
3 apis.google.com webresource.wingontravel.com
apis.google.com
3 members.wingontravel.com tours.wingontravel.com
2 connect.facebook.net members.wingontravel.com
connect.facebook.net
2 ubt-sin.tripcdn.com www.trip.com
2 m.trip.com ak-s.tripcdn.com
2 www.trip.com ak-s.tripcdn.com
1 accounts.google.com tours.wingontravel.com
apis.google.com
1 chloro.trip.com ak-s.tripcdn.com
45 12
Subject Issuer Validity Valid
Trip.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-20 -
2023-12-20		 a year crt.sh
*.ctrip.com
GlobalSign RSA OV SSL CA 2018		 2022-06-22 -
2023-07-24		 a year crt.sh
*.wingontravel.com
Thawte RSA CA 2018		 2022-12-07 -
2023-12-24		 a year crt.sh
*.trip.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Frame ID: BBC42A99DACE73B0907E7C45DE3FC3EE
Requests: 43 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 44FA86FE353C7B84E1C9269E8861F974
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LMTI旅行團,LMTI旅遊,LMTI旅行團優惠-永安旅遊

Page URL History Show full URLs

  1. https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.c... Page URL
  2. https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_sour... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

27 %
IPv6

5
Domains

12
Subdomains

12
IPs

4
Countries

683 kB
Transfer

2512 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fsearch%2Fsearchtext%3DLMTI%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19 Page URL
  2. https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
edm
www.trip.com/forward/middlepages/channel/ 		833 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fsearch%2Fsearchtext%3DLMTI%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-141-168.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
e1667641682ce58c7636d0530172dfa7691962f05c029ba4841148ac797b657d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
833
content-type
text/html; charset=utf-8
date
Thu, 13 Apr 2023 07:51:58 GMT
server
nginx/1.20.1
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
10
x-frame-options
SAMEORIGIN
x-ibu-trip-region
SIN-AWS-IBU
x-readtime
9
x-trip-region
sg de
x-xss-protection
1; mode=block
_mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js
ak-s.tripcdn.com/modules/ubt/trip/ 		67 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ubt/trip/_mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js
Requested by
Host: www.trip.com
URL: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fsearch%2Fsearchtext%3DLMTI%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.67.113 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-67-113.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
3e01f09dab8a39687e91ef880e41ab9e02b6b82a58acedcc4712531154608745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:51:58 GMT
content-encoding
gzip
x-ares-server
r100013666-21038164-54xkg@FRA-AWS
content-length
27406
x-ares-source
aws
last-modified
Thu, 13 Apr 2023 07:09:58 GMT
server
nginx/1.20.1
x-ares-extended-request-id
QvzW+rcdSdsOUTZosIUuKmlRR3bXstNFZvKNsROvG7wfC8QZokFD8Lh1tr9HtzXFZEJSQIBNLDg=
etag
W/"cd6d4a59457fc26d96bbc7c951e835ef"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-expose-headers
cache-control
x-ares-request-id
TR5XESNPQVPNTXZ6
access-control-allow-credentials
true
cache-control
max-age=5181576
timing-allow-origin
*
expires
Mon, 12 Jun 2023 07:11:34 GMT
wakeup.639c56eb131566dc66672235c7175b8a.js
ak-s.tripcdn.com/modules/ibu/node-microservice/ 		125 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ibu/node-microservice/wakeup.639c56eb131566dc66672235c7175b8a.js
Requested by
Host: www.trip.com
URL: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fsearch%2Fsearchtext%3DLMTI%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.67.113 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-67-113.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
23528c848f2b4a70e0ffddcf5590c9fc4b0b66f0d0ccba6472c3e91dc84110ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:51:58 GMT
content-encoding
gzip
x-ares-server
r100013666-21038164-zs7fs@FRA-AWS
content-length
37198
x-ares-source
aws
last-modified
Tue, 04 Apr 2023 02:40:48 GMT
server
nginx/1.20.1
x-ares-extended-request-id
wPTdwNkNts0CtEh7xLa8i+Dm5qUZrA+utEh+MCxJLus3Zh1854MmxzoMKw1ygBCjFc+qEAHL9eE=
etag
W/"639c56eb131566dc66672235c7175b8a"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-expose-headers
cache-control
x-ares-request-id
WW05AW5BEMYJNKDD
access-control-allow-credentials
true
cache-control
max-age=4391359
timing-allow-origin
*
expires
Sat, 03 Jun 2023 03:41:17 GMT
getAppConfig.json
m.trip.com/restapi/soa2/18088/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-141-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.trip.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.trip.com
access-control-expose-headers
x-service-call x-gate-region
content-length
0
content-type
text/html
date
Thu, 13 Apr 2023 07:51:59 GMT
x-gate
ctrip-gate
x-gate-region
SHAXY
x-gate-root-id
100025527-0a6e5f3d-467047-4476135
x-originating-url
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
getAppConfig.json
m.trip.com/restapi/soa2/18088/ 		667 B
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ubt/trip/_mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-141-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.trip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type
application/json

Response headers

date
Thu, 13 Apr 2023 07:52:00 GMT
content-encoding
gzip
x-service-call
0.005
clogging_trace_id
1537174203936366182
content-length
425
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.trip.com
x-gate-root-id
100025527-0a70c343-467047-4480733
access-control-expose-headers
RootMessageId, x-service-call, x-gate-region
access-control-allow-credentials
true
x-gate-region
SHAXY
x-originating-url
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
servermessageid
100025527-0a70c343-467047-4480734
rootmessageid
100025527-0a70c343-467047-4480733
x-gate
ctrip-gate
bf.gif
ubt-sin.tripcdn.com/ 		43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ubt-sin.tripcdn.com/bf.gif?ac=g&d=%7B%22c%22%3A%5B%2210650038432%22%2C%221681372318795.gx93wt%22%2C1%2C1%2C%22%22%2C%22%22%2C%22%22%2C%224.1.34%2Ftrip%22%2C%22vlc3zj-153xat0-1k1mivz%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22h5%22%2C%22SIN-AWS-IBU%22%2C1%2C%22%22%2C%22https%3A%2F%2Fwww.trip.com%2Fforward%2Fmiddlepages%2Fchannel%2Fedm%3FtargetUrl%3Dhttps%253A%252F%252Ftours.wingontravel.com%252Fsearch%252Fsearchtext%253DLMTI%253Fallianceid%253D7%2526ouid%253D1iXEdYcBvhzjj6G_IC9I%2526SID%253D1%2526utm_source%253Dfoxpage%2526utm_id%253DEDM2023DM123%2526utm_medium%253DEmail%2526utm_campaign%253DEDM2023DM123-TBS-23Apr12%2526%26bizData%3DeyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19%22%5D%2C%22d%22%3A%7B%22uinfo%22%3A%5B17%2C0%2C0%2C%22https%3A%2F%2Fwww.trip.com%2Fforward%2Fmiddlepages%2Fchannel%2Fedm%3FtargetUrl%3Dhttps%253A%252F%252Ftours.wingontravel.com%252Fsearch%252Fsearchtext%253DLMTI%253Fallianceid%253D7%2526ouid%253D1iXEdYcBvhzjj6G_IC9I%2526SID%253D1%2526utm_source%253Dfoxpage%2526utm_id%253DEDM2023DM123%2526utm_medium%253DEmail%2526utm_campaign%253DEDM2023DM123-TBS-23Apr12%2526%26bizData%3DeyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19%22%2C1600%2C1200%2C%22cl%3D169%2Cckl%3D2%2Clk%3D1%2Clog%3DEAh~%22%2C%22en-US%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C1%2C0%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22h5%22%2C1%2C1%2C%22%7B%5C%22fef_name%5C%22%3A%5C%22%5C%22%2C%5C%22fef_ver%5C%22%3A%5C%22%5C%22%2C%5C%22lizard%5C%22%3A%5C%22%5C%22%2C%5C%22rg%5C%22%3A%5C%22%5C%22%2C%5C%22lang%5C%22%3A%5C%22en%5C%22%7D%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2Cnull%2C%7B%22eid%22%3A%22%22%7D%2Cnull%2Cnull%2Cnull%5D%7D%7D&v=4.1.34/trip&t=1681372318809&_mt=lgeto09lmfgam
Requested by
Host: www.trip.com
URL: https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fsearch%2Fsearchtext%3DLMTI%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.139.59.215 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-59-215.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 07:51:59 GMT
x-content-type-options
nosniff
server
nginx/1.20.1
content-type
image/gif
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
getUniversalLinkH5
www.trip.com/restapi/soa2/13618/json/ 		313 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.trip.com/restapi/soa2/13618/json/getUniversalLinkH5
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ibu/node-microservice/wakeup.639c56eb131566dc66672235c7175b8a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.141.168 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-141-168.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://www.trip.com/forward/middlepages/channel/edm?targetUrl=https%3A%2F%2Ftours.wingontravel.com%2Fsearch%2Fsearchtext%3DLMTI%3Fallianceid%3D7%26ouid%3D1iXEdYcBvhzjj6G_IC9I%26SID%3D1%26utm_source%3Dfoxpage%26utm_id%3DEDM2023DM123%26utm_medium%3DEmail%26utm_campaign%3DEDM2023DM123-TBS-23Apr12%26&bizData=eyJldmVudCI6ImNsaWNrIiwia2V5IjoiU0hBWFktMjA2MjEtMTA4ODUxOTMtMTY4MTMwODIxNzcxNy4zOTEiLCJ0aXRsZSI6Im1haWwtYnV0dG9uIiwidHlwZSI6InJlYWN0LmNvbXBvbmVudCIsIm5hbWUiOiJAY3RyaXAvY2xvdWQtY29tcG9uZW50LW1haWwtYnV0dG9uIiwibGFiZWwiOiJidXR0b24iLCJpZCI6InN0cnVfSnlUREY3U0c0SDFXbGg2IiwiZmlsZUlkIjoiZmlsZV9zcXg1OFJGbmZhdG1nMWsiLCJ0ZW1wbGF0ZUlkIjoiY29udF9BOWxVNFFlVlQ1Sm1USjYiLCJ0ZW1wbGF0ZVZlcnNpb24iOjgsImZveHBhZ2VWZXJzaW9uIjoyLCJkYXRhIjp7Im5hbWUiOiJtYWlsLWJ1dHRvbiIsImxpbmsiOiJodHRwczovL3RvdXJzLndpbmdvbnRyYXZlbC5jb20vc2VhcmNoL3NlYXJjaHRleHQ9TE1UST9hbGxpYW5jZWlkPTcmb3VpZD0xaVhFZFljQnZoempqNkdfSUM5SSZTSUQ9MSZ1dG1fc291cmNlPWZveHBhZ2UmdXRtX2lkPUVETTIwMjNETTEyMyZ1dG1fbWVkaXVtPUVtYWlsJnV0bV9jYW1wYWlnbj1FRE0yMDIzRE0xMjMtVEJTLTIzQXByMTIiLCJidXR0b25UZXh0Ijoi56uL5Y2z5aCx5ZCNIn19
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 13 Apr 2023 07:51:59 GMT
content-encoding
gzip
x-capa-server
capa-service
x-envoy-upstream-service-time
6
x-service-call
0.027
x-ibu-trip-region
SIN-AWS-IBU
content-length
248
x-trip-region
sg, de
server
nginx/1.20.1
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.trip.com
x-gate-root-id
100025527-0a816403-467047-6765919
access-control-expose-headers
RootMessageId, x-service-call, x-gate-region
access-control-allow-credentials
true
x-gate-region
SIN-AWS
x-originating-url
https://www.trip.com/restapi/soa2/13618/json/getUniversalLinkH5
x-gate
ctrip-gate
mrms.b3e2fe310462520e86c081d1da12862c.macro.js
ak-s.tripcdn.com/modules/sysdev/rms.ubt/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/mrms.b3e2fe310462520e86c081d1da12862c.macro.js?v=20230413
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ubt/trip/_mubt.min.cd6d4a59457fc26d96bbc7c951e835ef.macro.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.67.113 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-67-113.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
8e889a40128050733d2b40336871caf5e79e3c90522670cae3447ec0d2f26898

Request headers

Referer
https://www.trip.com/
Origin
https://www.trip.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
97
date
Thu, 13 Apr 2023 07:51:58 GMT
content-encoding
gzip
x-ares-server
r100013666-21038164-54xkg@FRA-AWS
x-edgeconnect-midmile-rtt
2
content-length
2589
x-ares-source
aws
last-modified
Wed, 02 Nov 2022 02:18:54 GMT
server
nginx/1.20.1
x-ares-extended-request-id
EYL52JMA+RFC2gAPOq7mp68qPxv0R2M3G7uB9IpOa0w7TDaqyUzMcxizBE/4EWUQ6llwDp89MPA=
etag
W/"b3e2fe310462520e86c081d1da12862c"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.trip.com
access-control-expose-headers
cache-control
x-ares-request-id
D1NJAQ18B8XKFZKY
access-control-allow-credentials
true
cache-control
max-age=5123726
timing-allow-origin
*
expires
Sun, 11 Jun 2023 15:07:24 GMT
md.min.43e82c9d4777c65439c87b6385903e26.js
ak-s.tripcdn.com/modules/sysdev/rms.ubt/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/md.min.43e82c9d4777c65439c87b6385903e26.js
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/mrms.b3e2fe310462520e86c081d1da12862c.macro.js?v=20230413
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.67.113 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-67-113.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
af93fca4f5243ec0a7f7fbd6ed4fd230cc04b9865d4b50ed60864bca471aa6e5

Request headers

Referer
https://www.trip.com/
Origin
https://www.trip.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:51:58 GMT
content-encoding
gzip
x-ares-server
r100013666-21038164-nwkpt@FRA-AWS
content-length
15356
x-ares-source
aws
last-modified
Thu, 10 Dec 2020 01:29:07 GMT
server
nginx/1.20.1
x-ares-extended-request-id
FRsVkHVvzHY17/R9VO55hqmkH3vu/NnGjNMWksyERBqU2TZEUT2PptkUNWarfQMXJXcYl7ACsAw=
etag
W/"43e82c9d4777c65439c87b6385903e26"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.trip.com
access-control-expose-headers
cache-control
x-ares-request-id
1W0YBZTKMVTHRS09
access-control-allow-credentials
true
cache-control
max-age=2206608
timing-allow-origin
*
expires
Mon, 08 May 2023 20:48:46 GMT
Primary Request searchtext=LMTI
tours.wingontravel.com/search/ 		56 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ibu/node-microservice/wakeup.639c56eb131566dc66672235c7175b8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
2543be3b79e9c377b4b2f1f3dbc385b9fd3fccf922414c015f1782df0695feb4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.trip.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Thu, 13 Apr 2023 07:52:00 GMT
server
tengine
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-envoy-upstream-service-time
153
x-frame-options
SAMEORIGIN
x-powered-by
wingonServer
x-xss-protection
1; mode=block
bf.gif
ubt-sin.tripcdn.com/ 		43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ubt-sin.tripcdn.com/bf.gif?ac=a&d=E8dbWzQsIm1hdHJpeCJdLFsiMTA2NTAwMzg0MzIiLCIxNjgxMzcyMzE4Nzk1Lmd4OTN3dCIsMSwxLCIAGwAAAAD5NC4xLjM0LwA__3AAC-p2bGMzemotMTUzeGF0MC0xazFtaXZ6BiQGAP5oNQAC8lNJTi1BV1MtSUJVIiwyAxL1dHRwczovL3d3dy4BT9EuY29tL2ZvcndhcmQvbWlkZGxlcGFnZXMvY2hhbm5lbC9lZG0_dGFyZ2V0VXJsPQI6-iUzQSUyRgAA7nRvdXJzLndpbmdvbnRyYXZlbAFLABb6c2VhcmNoBgDodGV4dCUzRExNVEklM0ZhbGxpYW5jZWlkABH6NyUyNm91AgbsMWlYRWRZY0J2aHpqajZHX0lDOUkAG_1TSUQBGQAH-3V0bV9zAHD-Y2UADv1mb3gBpQEEEAI89EVETTIwMjNETTEyMwQR-m1lZGl1bQEY_G1haWwEDvhjYW1wYWlnbgwk9C1UQlMtMjNBcHIxMgAnvCZiaXpEYXRhPWV5SmxkbVZ1ZENJNkltTnNhV05ySWl3aWEyVjVJam9pVTBoQldGa3RNakEyTWpFdE1UQTRPRFV4T1RNAAngWTRNVE13T0RJeE56Y3hOeTR6T1RFaUxDSjBhWFJzWlMBUPIxaGFXd3RZblYwZEc5dQFY_GRIbHcCF_BuSmxZV04wTG1OdmJYQnZiA4IB3nNJbTVoYldVaU9pSkFZM1J5YVhBdlkyeHZkV1F0WTI5dGMARfpaVzUwTFcPSvliR0ZpWld3ATj4aWRYUjBiMjQBjAH-cFoB3AHlbk4wY25WZlNubFVSRVkzVTBjMFNERlhiR2cyATj4Wm1sc1pVbGsB9AECB-pWOXpjWGcxT0ZKR2JtWmhkRzFuTVdzAtsB_FpXMXcAaf8wBSgAlQHodWRGOUJPV3hWTkZGbFZsUTFTbTFVU2pZCyL5VlpsY25OcAGUAf1PamcA6QHwWnZlSEJoWjJWV1pYSnphVwDFAf1qb3kAMfdrWVhSaElqcDcIhQLxdFlXbHNMV0oxZEhSdmJpAagC-3hwYm1zARj_bwAR9ndjem92TDNSdmQASf1MbmQAGdRkdmJuUnlZWFpsYkM1amIyMHZjMlZoY21Ob0wzTmxZWEpqYUhSbGVIUTlURQCtAcFUOWhiR3hwWVc1alpXbGtQVGNtYjNWcFpEMHhhVmhGWkZsalFuWm9lbXBxTmtkZlNVTTVTU1pUU1VROU1TWjEAoQL7ZmMyOTEAXf1sUFcF1AH-VW0AiQP9dFgyAE32VVZFVFRJd01qTgAF_EV5TXkDLvhiV1ZrYVhWdAAdAt8B_0oA0QP7YlY5alkAtQIADfNuYmoxRlJFMHlNREl6AAXveE1qTXRWRUpUTFRJelFYQnkA-wYB5AIE7QP6NVVaWGgwAZQD7DU2dUw1WTJ6NWFDeDVaQ05JbjE5AagJ6nsibmFtZSI6ImlidV9hamF4X3BlcmYAwQj1dGFncyI6eyJ1cmwAGxK9COhyZXN0YXBpL3NvYTIvMTM2MTgvanNvbi8Bwwjzbml2ZXJzYWxMaW5rSAGjCftETlNUaQFm-jAsIlRDUAYD_VNTTAYD_HJlcXUAUQMK7jI0My4yOTk5OTkyMzcwNjA1NQEd-nNwb25zZQQr8C43MDAwMDA3NjI5Mzk0NTMAzwr4ZHVyYXRpb24BPP00LjYBG_cyMjg4ODE4MzYBPP9nAhcFrQr-In0A6gr9YWx1AmoPHf90AP8BBrUL8TkwNzcsImNsaWVudENvZAGwAvwifV1d&c=1&v=4.1.34/trip&t=1681372319079&_mt=lgeto0h3ekg4t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.139.59.215 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-59-215.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 07:51:59 GMT
x-content-type-options
nosniff
server
nginx/1.20.1
content-type
image/gif
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
d
chloro.trip.com/v2/ 		109 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chloro.trip.com/v2/d
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/sysdev/rms.ubt/md.min.43e82c9d4777c65439c87b6385903e26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
3.123.186.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-186-207.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Referer
https://www.trip.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.trip.com
date
Thu, 13 Apr 2023 07:51:59 GMT
access-control-allow-credentials
true
server
nginx/1.20.1
access-control-allow-headers
x-ctrip-canary-req,x-ctx-CanaryReq,x-ctx-CanarySrc,x-ctx-CanaryIdc,x-cat-trace-mode
content-length
109
web_chat_entry.css
webresource.wingontravel.com/cui/css/ 		984 B
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/cui/css/web_chat_entry.css
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
eb01b6ff65c49df827739b4ccc46e4f02f85a51ff54b51b3b4673a9802c61af7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Thu, 22 Aug 2019 02:55:31 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"3d8-590abd2a412f7-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
353
x-xss-protection
1; mode=block
header_footer.min.css
webresource.wingontravel.com/headerfooter/Content/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
e35d2aaac97c14c8d193d4453092d80a569dc6b35eb734134e76446ad1297548
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Mar 2023 01:00:09 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"65f5-5f75e90adabca-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
5493
x-xss-protection
1; mode=block
iconfont.min.css
webresource.wingontravel.com/headerfooter/Content/icon/ 		13 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/headerfooter/Content/icon/iconfont.min.css
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
d248bdda7062529418aabb155224862066083eeb03cc9fe6f7d00e54ecc5357c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Mar 2023 01:00:10 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"322d-5f75e90b485b2-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
8603
x-xss-protection
1; mode=block
masterpage.min.js
webresource.wingontravel.com/headerfooter/Content/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/headerfooter/Content/js/masterpage.min.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
330908701ec91e9121a64524e12fcd1af08bfa68565f597324838f9d61fcb787
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Mar 2023 01:00:13 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"1a46-5f75e90eb58da-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
2606
x-xss-protection
1; mode=block
chunks.common.css
tours.wingontravel.com/Content/WebJS/css/ 		247 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Content/WebJS/css/chunks.common.css?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
bf498c3a44e99172073df70525d863cb4e99130a5e6c7ffd34ce93e8b47e7d0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d966102462e9b6"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-envoy-upstream-service-time
5
x-xss-protection
1; mode=block
product.search.css
tours.wingontravel.com/Content/WebJS/css/ 		293 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Content/WebJS/css/product.search.css?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
6651bd66f89751ff3b1c15f7295a0250d70b605488a17862a0d5f47fcdcdd5f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d966102465a6ae"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
header.query.min.js
webresource.wingontravel.com/headerfooter/Content/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/headerfooter/Content/js/header.query.min.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
280a2efc19b95696ae52b137e0d7e07889f15bcd075add47706c3bba5f0ef14c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Mar 2023 01:00:13 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"160d8-5f75e90e7884a-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
31516
x-xss-protection
1; mode=block
client
accounts.google.com/gsi/ 		195 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
8e0b314b9b2882ef366a8d0c38bec7b26a5bbcc0356229f48fcc405c5ec06202
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rUN4qgPOk2-6lo080vY9nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rUN4qgPOk2-6lo080vY9nQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 13 Apr 2023 07:52:02 GMT
header-message.js
webresource.wingontravel.com/headerfooter/Content/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/headerfooter/Content/js/header-message.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
b1be1585f542c01a314e1c7a301fdeeeb036d1fac34f2b952124e24b97b86eb8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Mar 2023 01:00:13 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"908-5f75e90df4ed2-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
610
x-xss-protection
1; mode=block
CrmQuickLogin.js
members.wingontravel.com/Home/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.wingontravel.com/Home/CrmQuickLogin.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
115.160.189.13 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),
Reverse DNS
vsa12.hkecl.net
Software
/
Resource Hash
2b707125b3c310fad257d554a21463bb98f261a18d5ba966f2848ee04a65daa6
Security Headers
Name Value
Content-Security-Policy object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

CONTENT-SECURITY-POLICY
object-src 'self'
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 13 Apr 2023 07:51:15 GMT
ETag
a0b6a5e3dd10a861dab4a4a0a6b65b70
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Content-Length
24591
X-XSS-PROTECTION
1; mode=block
CrmWealComponent.js
members.wingontravel.com/Home/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.wingontravel.com/Home/CrmWealComponent.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
115.160.189.13 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),
Reverse DNS
vsa12.hkecl.net
Software
/
Resource Hash
f704be628d8d83aeb9a7da1d3bb660087017822abfabf67888c7657a6761dada
Security Headers
Name Value
Content-Security-Policy object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

CONTENT-SECURITY-POLICY
object-src 'self'
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 13 Apr 2023 07:51:15 GMT
ETag
4769d5ddcab5b7650b5d930bcbdc192e
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Content-Length
12473
X-XSS-PROTECTION
1; mode=block
google-oauth.min.js
webresource.wingontravel.com/headerfooter/Content/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/headerfooter/Content/js/google-oauth.min.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
802c1b40ff27875ff4654ce8499c1c2b9bf499c2a6358405bab05850b199fd2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Mar 2023 01:00:13 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"e13-5f75e90dea6da-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1463
x-xss-protection
1; mode=block
manifest.js
tours.wingontravel.com/Content/WebJS/js/ 		826 B
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Content/WebJS/js/manifest.js?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
a5f450c93d3e937e8e5fb011fb6fd2a5f5d979265eb4f23a4b72dd74b10a90c1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d966102461303a"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
vendor.js
tours.wingontravel.com/Content/WebJS/js/ 		377 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Content/WebJS/js/vendor.js?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d96610246e6805"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
chunks.common.js
tours.wingontravel.com/Content/WebJS/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Content/WebJS/js/chunks.common.js?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d9661024609b00"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
product.search.js
tours.wingontravel.com/Content/WebJS/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Content/WebJS/js/product.search.js?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d966102463f99a"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
2vm.jpg
webresource.wingontravel.com/headerfooter/Content/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webresource.wingontravel.com/headerfooter/Content/images/2vm.jpg
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
c8aa9c8a8e396abb567b45cd194d6a1e63068026ed2b5a157e2219b0a3b5888c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 21 Mar 2023 01:00:10 GMT
server
nginx
etag
"99d3-5f75e90bb964a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
39379
x-xss-protection
1; mode=block
eztravel.png
webresource.wingontravel.com/headerfooter/Content/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webresource.wingontravel.com/headerfooter/Content/images/eztravel.png
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
3aedb297adf29cff8f749e6c53093d8bc7e61f420a87750c6b5d34abab2a68e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 21 Mar 2023 01:00:11 GMT
server
nginx
etag
"91d-5f75e90c5b03a"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
2333
x-xss-protection
1; mode=block
analysis.min.js
webresource.wingontravel.com/headerfooter/Content/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.wingontravel.com/headerfooter/Content/js/analysis.min.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
db3b633da4f579137dbd65a532beda8c381b6f0a96dc4f8a7a2f2ef58b890ce0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Tue, 21 Mar 2023 01:00:12 GMT
server
nginx
content-security-policy
frame-ancestors 'self'
etag
"e59-5f75e90dd474a-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1528
x-xss-protection
1; mode=block
TBS_events.js
tours.wingontravel.com/Scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Scripts/TBS_events.js?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:03 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d966102461224e"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-envoy-upstream-service-time
114
x-xss-protection
1; mode=block
jquery-1.7.1.min.js
tours.wingontravel.com/Scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.wingontravel.com/Scripts/jquery-1.7.1.min.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
14.136.236.151 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
014136236151.static.ctinets.com
Software
tengine / wingonServer
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:02 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
last-modified
Mon, 03 Apr 2023 09:39:10 GMT
server
tengine
etag
W/"1d9661024605daf"
x-powered-by
wingonServer
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-envoy-upstream-service-time
4
x-xss-protection
1; mode=block
CrmQuickLogin.js
members.wingontravel.com/Home/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://members.wingontravel.com/Home/CrmQuickLogin.js?_=tbs_online_8_25_20
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
115.160.189.13 Sai Wan, Hong Kong, ASN9381 (HKBNES-AS-AP HKBN Enterprise Solutions HK Limited, HK),
Reverse DNS
vsa12.hkecl.net
Software
/
Resource Hash
2b707125b3c310fad257d554a21463bb98f261a18d5ba966f2848ee04a65daa6
Security Headers
Name Value
Content-Security-Policy object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

CONTENT-SECURITY-POLICY
object-src 'self'
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 13 Apr 2023 07:51:17 GMT
ETag
a0b6a5e3dd10a861dab4a4a0a6b65b70
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private
Content-Length
24591
X-XSS-PROTECTION
1; mode=block
web_chat_entry.js
m.wingontravel.com/crocodile/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.wingontravel.com/crocodile/web_chat_entry.js
Requested by
Host: tours.wingontravel.com
URL: https://tours.wingontravel.com/search/searchtext=LMTI?allianceid=7&ouid=1iXEdYcBvhzjj6G_IC9I&SID=1&utm_source=foxpage&utm_id=EDM2023DM123&utm_medium=Email&utm_campaign=EDM2023DM123-TBS-23Apr12&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
14.136.236.140 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236140.static.ctinets.com
Software
Tengine / wingonServer
Resource Hash
c251648289ae2cceda511cbcc2221901f4f6978113159c8d3f51ff1b8ff1e922
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self', frame-ancestors 'self'
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000, max-age=31536000
content-security-policy
frame-ancestors 'self', frame-ancestors 'self'
x-powered-by
wingonServer
content-length
1582
x-xss-protection
1; mode=block, 1; mode=block
last-modified
Wed, 18 Sep 2019 09:26:12 GMT
server
Tengine
etag
"159a-592d06d8c0bf1-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
clientid
m.wingontravel.com/api/wireless/ 		35 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.wingontravel.com/api/wireless/clientid?platform=03
Requested by
Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/masterpage.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
14.136.236.140 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236140.static.ctinets.com
Software
Tengine / Express, wireless_wingon_p
Resource Hash
72039c4974378c940a3f4c65a7033e299479941fdbaebb14bbfbff786f9b4cac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:02 GMT
server
Tengine
x-powered-by
Express, wireless_wingon_p
etag
W/"23-u+DHLApaxg3e8sodaPEZOsbOoWM"
access-control-allow-methods
PUT,POST,GET,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
6
access-control-allow-headers
X-Requested-With, accept, origin, content-type
content-length
35
logo_v2.png
webresource.wingontravel.com/headerfooter/Content/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webresource.wingontravel.com/headerfooter/Content/images/logo_v2.png
Requested by
Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.136.236.131 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236131.static.ctinets.com
Software
nginx /
Resource Hash
d13a6c75642a6537e18a56944f3ada6efe7df43d1522b6daec8191f4668a91a2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webresource.wingontravel.com/headerfooter/Content/css/header_footer.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:52:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
last-modified
Tue, 21 Mar 2023 01:00:12 GMT
server
nginx
etag
"9a5c-5f75e90cf4d2a"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
39516
x-xss-protection
1; mode=block
truncated
/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26b486e9a2f9f2610e7725137323ca62f301a668c5be5bc0ed21b67f323b4a49

Request headers

Referer
Origin
https://tours.wingontravel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: members.wingontravel.com
URL: https://members.wingontravel.com/Home/CrmQuickLogin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b0247fcdda5cb3d01f155bb872ac6a05fea084a3e872bf54433bb9a2f3f330a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Apr 2023 07:52:02 GMT
content-md5
+axDG+Qzdx1Ll07ANSuJdw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
sy0RlslHNQy9ipmepq37bXidkzcmw2sOULDbb1tQkqGCq0aNsEsIDIogwL3/jojK5IdNlKkhM0D+kqN6xEA9Kg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
437d67716334f0fe4f9256874930c6ff
cross-origin-opener-policy
same-origin-allow-popups
etag
"f029e18a24566091cea162a40712957c"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 13 Apr 2023 08:06:00 GMT
api:client.js
apis.google.com/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api:client.js?_=1681372322909
Requested by
Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/header.query.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
550ee32bde7c6b77cf9cbcf143cb827c877de135f42aa5804953ce539c050413
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Apr 2023 07:52:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6896
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"046c18c2ba79326c"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Apr 2023 07:52:02 GMT
GetWealByPageCode
m.wingontravel.com/api/member/appreciation/MemberWeal/ 		71 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.wingontravel.com/api/member/appreciation/MemberWeal/GetWealByPageCode
Requested by
Host: webresource.wingontravel.com
URL: https://webresource.wingontravel.com/headerfooter/Content/js/header.query.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
14.136.236.140 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236140.static.ctinets.com
Software
Tengine /
Resource Hash
b3bd4f98dbc336d8ae942f7abfec18bc81ba8f4faace4fd70f9e7c3772b1e276

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tours.wingontravel.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 13 Apr 2023 07:52:03 GMT
content-encoding
gzip
server
Tengine
vary
Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers
upstream
K1
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://tours.wingontravel.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
63
GetWealByPageCode
m.wingontravel.com/api/member/appreciation/MemberWeal/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://m.wingontravel.com/api/member/appreciation/MemberWeal/GetWealByPageCode
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
14.136.236.140 Central, Hong Kong, ASN10103 (HKBN-AS-AP HK Broadband Network Ltd., HK),
Reverse DNS
014136236140.static.ctinets.com
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://tours.wingontravel.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,POST,DELETE,PUT
access-control-allow-origin
https://tours.wingontravel.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 13 Apr 2023 07:52:03 GMT
server
Tengine
upstream
K1
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b86dd03183153deb67cbde02e8c14079
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b816647b078f2967c9daffd11d2850815f309df01aed05ebf3a93559c3e003fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://tours.wingontravel.com/
Origin
https://tours.wingontravel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Apr 2023 07:52:03 GMT
content-md5
kVCO6TwQD9FTPMg08C58/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88564
x-fb-rlafr
0
x-fb-debug
HhyjZn+Oj+O0GpK/QzHDYx7HiBj3/250rKJhnkEc/gC5K4aEyi14p+W+Vem2L9roulKEqS0ZvSmbj0yXYWfJhg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
7ddd6314a0d412ad5a03aae42d5ecb83
cross-origin-opener-policy
same-origin-allow-popups
etag
"3e61226bf857319924fed8ecef8d4a95"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 12 Apr 2024 07:35:33 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ 		315 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js?_=1681372322909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
22bb5a785e770febe7c9102627e128c94a999614f6ded1a40673e32e910f6a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 18:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110193
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 18:32:24 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ 		62 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js?_=1681372322909
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tours.wingontravel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 17:19:34 GMT
x-content-type-options
nosniff
age
52349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 Apr 2024 17:19:34 GMT
iframe
accounts.google.com/o/oauth2/ Frame 44FA 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
accounts.google.com
URL
https://accounts.google.com/o/oauth2/iframe

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| SITEROOT string| cuckooPath object| globalConfig object| MasterPageJS object| oBase function| changeLangAndCurr function| loginActive function| loginDefault object| _siteAnalysis object| subGlobalConfig object| header_jq undefined| originalJQ object| crm undefined| $ undefined| jQuery object| showContentItems object| intervalMessage undefined| localPath function| showContentFun function| intervalMessageContent function| showMessageContent function| closeMessageContent function| crmAttachSignin object| crm_js string| googlejs object| googleUser function| crmStartGoogleApp object| crmBookingUbt object| UtilGtm object| crm_login function| fbAsyncInit object| crm_jq object| crmWealUbt object| crmWeal number| c_start

11 Cookies

Domain/Path Name / Value
chloro.trip.com/ Name: _RGUID
Value: 012c0dec-255f-4e7c-8b1e-dcd11dcc3ef7
.trip.com/ Name: _RF1
Value: 217.114.218.24
.trip.com/ Name: _RSG
Value: yvqNbmU3i40tx3pT4DtUi8
.trip.com/ Name: _RDG
Value: 286e6cb839d19a24591b623c66042bf0d0
.trip.com/ Name: _RGUID
Value: 012c0dec-255f-4e7c-8b1e-dcd11dcc3ef7
ubt-sin.tripcdn.com/ Name: suid
Value: s/T1Ee0R0NmJCqKvxm6O4Q==
.trip.com/ Name: _bfa
Value: 1.1681372318795.gx93wt.1.1681372318795.1681372319707.1.1.10650038432
.trip.com/ Name: _ubtstatus
Value: %7B%22vid%22%3A%221681372318795.gx93wt%22%2C%22sid%22%3A1%2C%22pvid%22%3A1%2C%22pid%22%3A10650038432%7D
.wingontravel.com/ Name: culture
Value: zh-HK
.wingontravel.com/ Name: ASP.NET_SessionId_Global
Value: 8cb87111-aed2-4c27-9618-dd12e15ac5cb
.wingontravel.com/ Name: WINGON_TRACKING_CID
Value: 03168137232283698114

1 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs(Line 408)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ak-s.tripcdn.com
apis.google.com
chloro.trip.com
connect.facebook.net
m.trip.com
m.wingontravel.com
members.wingontravel.com
tours.wingontravel.com
ubt-sin.tripcdn.com
webresource.wingontravel.com
www.trip.com
accounts.google.com
115.160.189.13
14.136.236.131
14.136.236.140
14.136.236.151
18.139.59.215
2.23.67.113
23.73.141.168
2a00:1450:4001:803::200e
2a00:1450:4001:829::200d
2a03:2880:f01c:8012:face:b00c:0:3
3.123.186.207
22bb5a785e770febe7c9102627e128c94a999614f6ded1a40673e32e910f6a7a
23528c848f2b4a70e0ffddcf5590c9fc4b0b66f0d0ccba6472c3e91dc84110ad
2543be3b79e9c377b4b2f1f3dbc385b9fd3fccf922414c015f1782df0695feb4
26b486e9a2f9f2610e7725137323ca62f301a668c5be5bc0ed21b67f323b4a49
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
280a2efc19b95696ae52b137e0d7e07889f15bcd075add47706c3bba5f0ef14c
2b707125b3c310fad257d554a21463bb98f261a18d5ba966f2848ee04a65daa6
330908701ec91e9121a64524e12fcd1af08bfa68565f597324838f9d61fcb787
3aedb297adf29cff8f749e6c53093d8bc7e61f420a87750c6b5d34abab2a68e6
3e01f09dab8a39687e91ef880e41ab9e02b6b82a58acedcc4712531154608745
550ee32bde7c6b77cf9cbcf143cb827c877de135f42aa5804953ce539c050413
6651bd66f89751ff3b1c15f7295a0250d70b605488a17862a0d5f47fcdcdd5f0
72039c4974378c940a3f4c65a7033e299479941fdbaebb14bbfbff786f9b4cac
7b0247fcdda5cb3d01f155bb872ac6a05fea084a3e872bf54433bb9a2f3f330a
802c1b40ff27875ff4654ce8499c1c2b9bf499c2a6358405bab05850b199fd2b
8e0b314b9b2882ef366a8d0c38bec7b26a5bbcc0356229f48fcc405c5ec06202
8e889a40128050733d2b40336871caf5e79e3c90522670cae3447ec0d2f26898
a5f450c93d3e937e8e5fb011fb6fd2a5f5d979265eb4f23a4b72dd74b10a90c1
af93fca4f5243ec0a7f7fbd6ed4fd230cc04b9865d4b50ed60864bca471aa6e5
b1be1585f542c01a314e1c7a301fdeeeb036d1fac34f2b952124e24b97b86eb8
b3bd4f98dbc336d8ae942f7abfec18bc81ba8f4faace4fd70f9e7c3772b1e276
b816647b078f2967c9daffd11d2850815f309df01aed05ebf3a93559c3e003fc
bf498c3a44e99172073df70525d863cb4e99130a5e6c7ffd34ce93e8b47e7d0e
c251648289ae2cceda511cbcc2221901f4f6978113159c8d3f51ff1b8ff1e922
c8aa9c8a8e396abb567b45cd194d6a1e63068026ed2b5a157e2219b0a3b5888c
d13a6c75642a6537e18a56944f3ada6efe7df43d1522b6daec8191f4668a91a2
d248bdda7062529418aabb155224862066083eeb03cc9fe6f7d00e54ecc5357c
db3b633da4f579137dbd65a532beda8c381b6f0a96dc4f8a7a2f2ef58b890ce0
e1667641682ce58c7636d0530172dfa7691962f05c029ba4841148ac797b657d
e35d2aaac97c14c8d193d4453092d80a569dc6b35eb734134e76446ad1297548
eb01b6ff65c49df827739b4ccc46e4f02f85a51ff54b51b3b4673a9802c61af7
f704be628d8d83aeb9a7da1d3bb660087017822abfabf67888c7657a6761dada