www.hainanairlines.com Open in urlscan Pro
107.154.76.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hainanairlines.com/
Effective URL:
http://www.hainanairlines.com/
Submission Tags: tranco_l324
Submission: On November 23 via api (November 23rd 2021, 8:20:06 am UTC) from DE — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 107.154.76.69, located in United States and belongs to INCAPSULA, US. The main domain is www.hainanairlines.com.

This is the only time www.hainanairlines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	107.154.76.69 107.154.76.69	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a05:d018:183... 2a05:d018:183:5c00:9390:b15c:ef8d:738c	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:ccb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

10 107.154.76.69 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.69.ip.incapdns.net

hainanairlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hainanairlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:183:5c00:9390:b15c:ef8d:738c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

api.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:ccb (United States)

ASN13335 (CLOUDFLARENET, US)

static.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	hainanairlines.com 1 redirects hainanairlines.com www.hainanairlines.com	73 KB
5	geetest.com api.geetest.com static.geetest.com	102 KB
1	googleapis.com ajax.googleapis.com	31 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	21 KB
16	4

	Domain	Requested by
9	www.hainanairlines.com	www.hainanairlines.com
3	static.geetest.com	www.hainanairlines.com static.geetest.com
2	api.geetest.com	www.hainanairlines.com static.geetest.com
1	ajax.googleapis.com	www.hainanairlines.com
1	maxcdn.bootstrapcdn.com	www.hainanairlines.com
1	hainanairlines.com	1 redirects
16	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
global.hnair.com Sectigo RSA Organization Validation Secure Server CA	`2021-09-17` - `2022-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.hainanairlines.com/
Frame ID: 1CA110FF499EC818AB187AEACE231ECB
Requests: 5 HTTP requests in this frame

Frame: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET
Frame ID: AE6C7B5B2043A57FEFE025E179B18409
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hainanairlines.com/ HTTP 301
http://www.hainanairlines.com/ Page URL

Page Statistics

16
Requests

19 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

226 kB
Transfer

867 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hainanairlines.com/ HTTP 301
http://www.hainanairlines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://www.hainanairlines.com/yfull-What-I-hane-Will-now-good-befor-mine-I-loc?d=www.hainanairlines.com HTTP 307
https://www.hainanairlines.com/yfull-What-I-hane-Will-now-good-befor-mine-I-loc?d=www.hainanairlines.com

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hainanairlines.com/
Redirect Chain

http://hainanairlines.com/
http://www.hainanairlines.com/

1011 B
1 KB

1311ms
19ms

Document
text/html

107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hainanairlines.com/
Protocol: HTTP/1.1
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: /
Resource Hash: bba4444be01ce515143f5aa1875d14580948351b7c7db15e3f53998da1eadb58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html
Cache-Control: no-cache
Connection: close
Content-Length: 1011
X-Iinfo: 13-77064481-0 NNNN RT(1637655601338 0) q(0 -1 -1 0) r(0 -1) B12(14,0,0) U5

Redirect headers

Location: http://www.hainanairlines.com/
Content-Length: 0
Connection: close

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.hainanairlines.com/ 133 KB
19 KB 20ms
16ms Script
application/javascript 107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hainanairlines.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/
Protocol: HTTP/1.1
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: /
Resource Hash: bb2729150c994d645eb4fd2a2b9c5cbb48297f8a54e34042c903f91880b1c595

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 19306
Content-Type: application/javascript

GET
H/1.1 200
OK yfull-What-I-hane-Will-now-good-befor-mine-I-loc Show response
www.hainanairlines.com/ 127 KB
41 KB 48ms
45ms Script
text/javascript 107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hainanairlines.com/yfull-What-I-hane-Will-now-good-befor-mine-I-loc
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/
Protocol: HTTP/1.1
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: connector /
Resource Hash: 75a8f3627be0138ca20441782de6ffdbb09cacbe6c7bb4cb187ad47f19eb1f75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:20:01 GMT
content-encoding: gzip
server: connector
content-type: text/javascript
access-control-allow-origin: *
X-Iinfo: 11-49356928-49356929 NNNN CT(4 7 0) RT(1637655601379 6) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=60
server-timing: bon, total;dur=9.396571
keep-alive: timeout=5
content-length: 41816
X-CDN: Imperva

GET
H/1.1 200
OK _Incapsula_Resource
www.hainanairlines.com/ 1 B
123 B 8ms
7ms Image
text/plain 107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.hainanairlines.com/_Incapsula_Resource?SWKMTFSR=1&e=0.06770745483869689
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/
Protocol: HTTP/1.1
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.hainanairlines.com/ Frame AE6C 13 KB
7 KB 7ms
7ms Document
text/html 107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/
Protocol: HTTP/1.1
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: /
Resource Hash: 01fdf8c0e1561996da69dc48ceab6ffb410e4ba9329dc35cef2cd27c24b7d5f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/

Response headers

Cache-Control: no-cache, no-store
Content-Type: text/html
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 7160

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ Frame AE6C 118 KB
21 KB 61ms
39ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 21208688
cdn-cachedat: 2021-03-11 11:57:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9c865ab149d3db1d503eb94bbda09a17
cf-ray: 6b28f9daae106961-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame AE6C 86 KB
31 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 21 Nov 2021 17:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Nov 2022 17:41:36 GMT

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.hainanairlines.com/ Frame AE6C 9 KB
3 KB 7ms
7ms Script
application/javascript 107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hainanairlines.com/_Incapsula_Resource?NWFURVBO=js/gt.js
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET
Protocol: HTTP/1.1
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: /
Resource Hash: add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 08:20:01 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ETag: "8a4c0d715e79b5ec"
Content-Length: 2437
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame AE6C 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32c9fdf9b065e23a1dbcf7c0086edab30ae3aa8152319a273a905fefbe240ce2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.hainanairlines.com/ Frame AE6C 126 B
256 B 319ms
318ms XHR
application/json 107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.hainanairlines.com/_Incapsula_Resource?SWCNGEEC=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET
Protocol: HTTP/1.1
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: /
Resource Hash: 7050e8afdd732657e3ce5e5d8ebd762f339c73f5952046af162f02b9ada848c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 126
Content-Type: application/json

GET
H2 404 hu-menu-strip.png
www.hainanairlines.com/HUPortal/hu-ui_HUPortal_noshowChildRule.5_220321/portal/img/ Frame AE6C 0
0 78ms
61ms Image
text/html 107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hainanairlines.com/HUPortal/hu-ui_HUPortal_noshowChildRule.5_220321/portal/img/hu-menu-strip.png
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/_Incapsula_Resource?SWUDNSAI=9&xinfo=13-77064481-0%20NNNN%20RT%281637655601338%200%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B12%2814%2c0%2c0%29%20U5&incident_id=878000200124829977-286441780028507405&edet=12&cinfo=0e0000009e4e&rpinfo=0&cts=8NWIB12GT9XUZw9CJbJjh7hnpm85voX8tS33ec4TXadADRyrRwSQsFp%2bdcygTfpf&mth=GET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.69 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.69.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H2

200

yfull-What-I-hane-Will-now-good-befor-mine-I-loc Show response
www.hainanairlines.com/
Redirect Chain

http://www.hainanairlines.com/yfull-What-I-hane-Will-now-good-befor-mine-I-loc?d=www.hainanairlines.com
https://www.hainanairlines.com/yfull-What-I-hane-Will-now-good-befor-mine-I-loc?d=www.hainanairlines.com

698 B
1 KB

54ms
37ms

Fetch
application/json

107.154.76.69
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hainanairlines.com/yfull-What-I-hane-Will-now-good-befor-mine-I-loc?d=www.hainanairlines.com

Protocol

Server

107.154.76.69 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.69.ip.incapdns.net

Software

connector /

Resource Hash

018c5b3c89e76f7e6d337e3d5248b43da311e1a28632a19db7264a9e347d0604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:20:02 GMT
content-encoding: gzip
server: connector
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: *
x-iinfo: 6-26803310-26803311 NNYN CT(6 7 0) RT(1637655601675 0) q(0 0 0 0) r(0 1) U5
cache-control: no-cache, no-store
server-timing: bon, total;dur=10.229505999999999
x-cdn: Imperva

Redirect headers

Location: https://www.hainanairlines.com/yfull-What-I-hane-Will-now-good-befor-mine-I-loc?d=www.hainanairlines.com
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.hainanairlines.com

GET
H/1.1 200
OK gettype.php Show response
api.geetest.com/ Frame AE6C 515 B
917 B 334ms
317ms Script
text/javascript 2a05:d018:183:5c00:9390:b15c:ef8d:738c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.geetest.com/gettype.php?gt=f2ae6cadcf7886856696502e1d55e00c&callback=geetest_1637655603065
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/_Incapsula_Resource?NWFURVBO=js/gt.js
Protocol: HTTP/1.1
Server: 2a05:d018:183:5c00:9390:b15c:ef8d:738c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 51e731f3658d63f866a74f0f3332bde8336c60950a8cc2892eb88aae4b40cc78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 08:20:03 GMT
Server: openresty
Etag: "ccd7352f32096a8474ce3f638c3f0e58fc6a036a"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 515
Expires: 0

GET
H/1.1 200
OK fullpage.9.0.8.js Show response
static.geetest.com/static/js/ Frame AE6C 331 KB
90 KB 46ms
23ms Script
application/javascript 2606:4700::6812:ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://static.geetest.com/static/js/fullpage.9.0.8.js
Requested by: Host: www.hainanairlines.com
URL: http://www.hainanairlines.com/_Incapsula_Resource?NWFURVBO=js/gt.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:ccb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02bd18ce43049ec7196cf54c38df891ef389d446d4539d45444a47f7013abe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 08:20:03 GMT
Content-Encoding: gzip
x-oss-request-id: 618503B807183B3130CCC550
Content-MD5: D5UjqZKxcz19E9ejLXIwbg==
Age: 250812
Transfer-Encoding: chunked
CF-Cache-Status: HIT
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Thu, 28 Oct 2021 08:23:47 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=86400
x-oss-storage-class: Standard
CF-RAY: 6b28f9df4dda5b32-FRA
x-oss-hash-crc64ecma: 12780087343771746623
x-oss-server-time: 5
Expires: Wed, 24 Nov 2021 08:20:03 GMT

GET
H/1.1 200
OK get.php Show response
api.geetest.com/ Frame AE6C 950 B
1 KB 305ms
304ms Script
text/javascript 2a05:d018:183:5c00:9390:b15c:ef8d:738c
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://api.geetest.com/get.php?gt=f2ae6cadcf7886856696502e1d55e00c&challenge=27384f6cda0a358464aa34f092c1eea7&lang=de&pt=0&client_type=web&w=VGzXzHBqEwUhhkebi1L3QFyvezTdCTv)aYhHq7dIXyA3D0aMNvTWhnr8l4xeCZ7bBjCFH2UPBf7tB8W(8emGI)AU2PBWgTzko0sFOvpdf4m)WS)iRMfTbVDs)M0VjvkdYXCXN)6EqrsqiHiXXbwE(CI17S)QvDCQp57sYSBMT1v6J9Mw56bb2jBaRGpJmgU)d8FqHajcO33nfI39KafP)K9dWmf0a(3Bb3wtUYTwdnoJCFkP7HLrsrzBlMRtSbaok7v8uHYDLsIGhD5x0aoCr6MlTZDktPXgpNPnQ6)eJq2SBEEj)b)bXrd4EgYiZka8Sd2xdG8cG59R7SU3EvLi2VAXifOV9dJFIoep4liqeNhZvkrPJowskURYB94L9tikXRA9fpaZVOHH8yC7PEIzBaq2mY2LiO(EDCwYAqjf5lf0lBXJaDa81v)WGVry)lyEAx(WnJnY(nOTwFd9LLxpDnJP6bqfyFC2lA1ZOZ4ONwwg57Uf523j2)KHuUGJsRUfGTiKjy)03stAwPuL9v(1AJvPWzqRJ6JlHzBS1bU)Frsv(tNmS3BkuCmbXrmMgNI(10jkLtRuT2qdUH4RVVxdUbc7ThYBMbasl1qqemRcgYNZyKqjvZf8ug1ubBDrI73iDmAD7mEcIdPTmGPIAFaWQdZQoCUmzvcOrkhqmDm7)IoXwcwHe4iHdBW3to2v2(lRfujCohrU)IQK0Zz4uVaAxwDCwtj(i4a(Bk6tRjv4yUl)xgDEUb50aqg960pQUoh548yO6nYupyPBQb8CeGG3ZZRgogCKLM0)xmY7gjTjianrt1gEVOo3rV8ETalDDAtXsVKuGAlDgVR40DCzhgQwWc)oOFBCDdLxvBHOo6eQkKUqK4UhBbG3F7ftqRHEer0mXqf6zTppjsPNsRgpZzAESQrHMOtuEGcopIGZgrqHIXlS(Rh89PTMsqhOWBgsI2XYNMINwqb9Z5SqXHz3)Rpl3eAu1JcmkZGiVeKaB7(MMPZV9UYqRO8swXeqijleitUCnJjGbnfBRPLOUqKICqD)M4BbEsh7aYjvtvuqfSamx(UU5cZ7lWCrGmJ9G5S9MPzuZTyb8ndAkLeFERqJjFiOF5M6w4EugVl7tj)saFW1aUCWc3LcdK27YUUrPJ5aT9)f9)j7bzG6jc6BpfHXMw5Lu3sGetZ7Flm81IM4cbeBWHk5AE52gokdwHnnDcVA6mYDz2YzI5BdVtaGWczJ7UnxuIK4jbdybr1)3WE36i4zXZIR1y5j7Pag(AoQRd80ro8(NMMuTSo0A9nsEGjJK)yxiAHP8cKmsdiUi2i5bCsRvbd4THaVInK1zsb0p7RpdQ45IKzbR4a)8jnuK3HNBRHwv8BS1vkbMCBmXUsV(UdiMfjfdiCYFLkof6OWRv0wqJ12ClLbGKOdXjX8t18BUBjir(h2ET)dEbGOPH2UsCMDbUYG)D9919oeG6xV96tOv)JeRH2ge7f4vWGs47li5Cn95xs7(1zOxse2lLXicOE4EukR5W3SXnBdASWfmxlvXY9bcUriTljxxXoKAqjhtF33RvjBpII8ULSG2lFjbNuGmwUvINQGgCoOGK(B1j9UzCIpBdlt03U1PA9gBhbVjAlqfhjoEQlPgjeXgg(rk5L2IMrvf6HOkAeo9mfGdAGgVhYjouNs31ZoxM38UlBPGAinyE2faLjwg5Tl4xgTDadlOWJkUmO)tGdnzitwiCbwnwZB)qPFrpp)VC5Cwj3gD1jI2w..202b23295ec54254b8ea2118662d928a8620c525bb574ac37f9f06609ba11d042ab121a80eb96d96af7346f3953ab06b5d4979c46f984412ff571c56ede609e2e5757bbb8b424e5d30103e9e3ecb1daa1f4b4dfbfcce7b4b47c5638ebc2c0754993a618ee87b481f8e0d7914821f2249b4a5841b7d7c255c584257333cab2cec&callback=geetest_1637655608116
Requested by: Host: static.geetest.com
URL: http://static.geetest.com/static/js/fullpage.9.0.8.js
Protocol: HTTP/1.1
Server: 2a05:d018:183:5c00:9390:b15c:ef8d:738c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 3ccfddf845cc406f45af844ef66c74a295eda9cd8c0d118993cf20c912964957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 08:20:03 GMT
Server: openresty
Etag: "a2d34437746a4c30b63d10ed3a2286b681e75baa"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 950
Expires: 0

GET
H/1.1 200
OK style.1.5.8.css
static.geetest.com/static/wind/ Frame AE6C 40 KB
5 KB 20ms
20ms Stylesheet
text/css 2606:4700::6812:ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://static.geetest.com/static/wind/style.1.5.8.css
Requested by: Host: static.geetest.com
URL: http://static.geetest.com/static/js/fullpage.9.0.8.js
Protocol: HTTP/1.1
Server: 2606:4700::6812:ccb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.hainanairlines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 08:20:03 GMT
Content-Encoding: gzip
x-oss-request-id: 617B5E7F1692FC363023B852
Content-MD5: P7aqz9WuLTiU8vALDV8yNg==
Age: 87316
Transfer-Encoding: chunked
CF-Cache-Status: HIT
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Tue, 24 Mar 2020 07:19:08 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=86400
x-oss-storage-class: Standard
CF-RAY: 6b28f9e2cb975b32-FRA
x-oss-hash-crc64ecma: 8727683345402674844
x-oss-server-time: 17
Expires: Wed, 24 Nov 2021 08:20:03 GMT

GET
H/1.1 200
OK sprite.1.5.8.png
static.geetest.com/static/wind/ Frame AE6C 3 KB
4 KB 18ms
18ms Image
image/png 2606:4700::6812:ccb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.geetest.com/static/wind/sprite.1.5.8.png
Requested by: Host: static.geetest.com
URL: http://static.geetest.com/static/wind/style.1.5.8.css
Protocol: HTTP/1.1
Server: 2606:4700::6812:ccb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://static.geetest.com/static/wind/style.1.5.8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 08:20:03 GMT
x-oss-request-id: 6163B7CCAF162632359EC06F
Content-MD5: uDxOrr+kOl0ccdj6TMxlOQ==
Age: 87703
CF-Cache-Status: HIT
Connection: keep-alive
Content-Length: 3429
x-oss-object-type: Normal
Last-Modified: Tue, 24 Mar 2020 07:45:06 GMT
Server: cloudflare
ETag: "B83C4EAEBFA43A5D1C71D8FA4CCC6539"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=86400
x-oss-storage-class: Standard
Accept-Ranges: bytes
CF-RAY: 6b28f9e2ebeb5b32-FRA
x-oss-hash-crc64ecma: 18443336215562156834
x-oss-server-time: 1
Expires: Wed, 24 Nov 2021 08:20:03 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hainanairlines.com/	1969-12-31 23:59:59	Name: nlbi_2250578_2147483646 Value: J2g0abwwRyXmOgX+IBvnAQAAAABTO5dM+XzzmFlwBMz+0pBc
.hainanairlines.com/	1970-01-20 07:38:34	Name: visid_incap_2250578 Value: w01w8PRfRDCzAxSBTy9YMDGknGEAAAAAQUIPAAAAAADlzVwfJaPF78oAqxWpjfj5
.hainanairlines.com/	1969-12-31 23:59:59	Name: nlbi_2250578 Value: mrkwbyPrWWTs83i4IBvnAQAAAAB1gJXLm/Ng2XikttCB9lnS
.hainanairlines.com/	1969-12-31 23:59:59	Name: incap_ses_878_2250578 Value: +jbeAOYyDyZDkSm5h0gvDDGknGEAAAAAQeoXfm688kkneXeYFw2qtQ==
.www.hainanairlines.com/	1970-01-19 23:37:27	Name: reese84 Value: 3:0URe/C/hWA1sEEMRJ04SlQ==:OFMtWRdWCW/W9oYxTce/7uZdZUl4yItVSOe2aTaHvVX+PPRDAYV7QVBDYAG7i/ljEALa1EGFZ1C4qTZpQH1NaASZKG6Rxgpa45LR69t+l4iaXk2gsgyJQl9ypwNALzmsGAvqJtKJ5KbHU4TEJeb1ltMS0VoQGb8Nd4dvBo/6MGUSKI3iEG6LnPUs1c6k+whsgAbtihGfIMo6zCGgz3Bg+dV0t6j4JsQAInjsqc4JFLQ4pIUJCdB0PnEWiUGe2SWW2S2Zkp2PIX7m6BumaNWISFr4sRJRRhk2L5Y8XUCefkY0w2F45eA/h5jdJgfYuHUCZ1EfXz59uW8QijJsxFNYz43muQfGo3cRhgwM4NhKHxBimizfx4ylw7NgmuyIU/RE4X1tb5FxoU1lryv9Giy9jtaECwHdTeJoVESfc6O8CfqD155FgY7UQW9jiCkoy32o9V2qExWI0cy+TrG0jctAOhcv5BaInBOjeGllRztNf0hg9eV9pw6PSC/8VoJcpP7wXtydbRov8dK3nxkidKs/vZ6tb/eokxCE+NjWpmnR9bM=:yr4ibSyXbJtHB/WxSJpczVPO8k2QVo4PK9aCYAakiRc=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.hainanairlines.com/HUPortal/hu-ui_HUPortal_noshowChildRule.5_220321/portal/img/hu-menu-strip.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.geetest.com
hainanairlines.com
maxcdn.bootstrapcdn.com
static.geetest.com
www.hainanairlines.com
107.154.76.69
2606:4700::6812:acf
2606:4700::6812:ccb
2a00:1450:4001:809::200a
2a05:d018:183:5c00:9390:b15c:ef8d:738c
018c5b3c89e76f7e6d337e3d5248b43da311e1a28632a19db7264a9e347d0604
01fdf8c0e1561996da69dc48ceab6ffb410e4ba9329dc35cef2cd27c24b7d5f7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0e743066373cce49251230c376f985e34018fabb8f30d8c643a3933c0143dd93
32c9fdf9b065e23a1dbcf7c0086edab30ae3aa8152319a273a905fefbe240ce2
3ccfddf845cc406f45af844ef66c74a295eda9cd8c0d118993cf20c912964957
51e731f3658d63f866a74f0f3332bde8336c60950a8cc2892eb88aae4b40cc78
7050e8afdd732657e3ce5e5d8ebd762f339c73f5952046af162f02b9ada848c8
75a8f3627be0138ca20441782de6ffdbb09cacbe6c7bb4cb187ad47f19eb1f75
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
add1840190041b98d2c3facdfc43ac873a2e7c759fe62034e5d984172acee5bb
bb2729150c994d645eb4fd2a2b9c5cbb48297f8a54e34042c903f91880b1c595
bba4444be01ce515143f5aa1875d14580948351b7c7db15e3f53998da1eadb58
d02bd18ce43049ec7196cf54c38df891ef389d446d4539d45444a47f7013abe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

www.hainanairlines.com Open in urlscan Pro 107.154.76.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

16 Requests

19 %HTTPS

80 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

226 kBTransfer

867 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

www.hainanairlines.com Open in urlscan Pro
107.154.76.69 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

19 %
HTTPS

80 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

226 kB
Transfer

867 kB
Size

5
Cookies

16 HTTP transactions
1 data transactions