sit-hkia-booking-ui.allwaysvip.com Open in urlscan Pro
18.66.112.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sit-hkia-booking-ui.allwaysvip.com/
Submission: On August 04 via api (August 4th 2024, 3:27:48 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 18.66.112.35, located in United States and belongs to AMAZON-02, US. The main domain is sit-hkia-booking-ui.allwaysvip.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 4th 2024. Valid for: a year.

This is the only time sit-hkia-booking-ui.allwaysvip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	18.66.112.35 18.66.112.35	16509 (AMAZON-02) (AMAZON-02)
2	34.107.173.171 34.107.173.171	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.245.86.129 18.245.86.129	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:266... 2600:9000:266e:3a00:0:f8d:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.70 216.58.206.70	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 _) (CDN77 _)
12	6

6 18.66.112.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-35.fra56.r.cloudfront.net

sit-hkia-booking-ui.allwaysvip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.173.171 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.173.107.34.bc.googleusercontent.com

consentag.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-129.fra60.r.cloudfront.net

customs.affilired.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:3a00:0:f8d:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.denomatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f6.1e100.net

11446464.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	allwaysvip.com sit-hkia-booking-ui.allwaysvip.com	16 KB
2	doubleclick.net 1 redirects 11446464.fls.doubleclick.net	599 B
2	consentag.eu consentag.eu — Cisco Umbrella Rank: 39982	3 KB
1	ctnsnet.com cdn.ctnsnet.com — Cisco Umbrella Rank: 40154	10 KB
1	denomatic.com cdn.denomatic.com — Cisco Umbrella Rank: 140845	1 KB
1	affilired.com customs.affilired.com — Cisco Umbrella Rank: 120776	12 KB
12	6

	Domain	Requested by
6	sit-hkia-booking-ui.allwaysvip.com	sit-hkia-booking-ui.allwaysvip.com
2	11446464.fls.doubleclick.net	1 redirects cdn.denomatic.com
2	consentag.eu	sit-hkia-booking-ui.allwaysvip.com consentag.eu
1	cdn.ctnsnet.com	consentag.eu
1	cdn.denomatic.com	customs.affilired.com
1	customs.affilired.com	sit-hkia-booking-ui.allwaysvip.com
12	6

This site contains no links.

Subject Issuer	Validity	Valid
*.allwaysvip.com Go Daddy Secure Certificate Authority - G2	`2024-01-04` - `2025-02-04`	a year	crt.sh
consentag.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-17` - `2025-05-18`	a year	crt.sh
www.affilired.com GeoTrust EV RSA CA 2018	`2023-08-29` - `2024-09-28`	a year	crt.sh
*.denomatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-06` - `2024-12-06`	a year	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.cdn77.com R10	`2024-06-25` - `2024-09-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://sit-hkia-booking-ui.allwaysvip.com/
Frame ID: 3460532DB50D132F47F793C651D82F65
Requests: 10 HTTP requests in this frame

Frame: https://11446464.fls.doubleclick.net/activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632
Frame ID: 243C295C1BEFED11CBE01AC412470B94
Requests: 1 HTTP requests in this frame

Frame: https://consentag.eu/public/3.0.1/popup_silent.html
Frame ID: FEFD51D0B5DAC35E99DF2E70C014C03D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ALLWAYS | Airport Meet & Assist Service

Page Statistics

12
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

43 kB
Transfer

114 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://11446464.fls.doubleclick.net/activityi;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632 HTTP 302
https://11446464.fls.doubleclick.net/activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sit-hkia-booking-ui.allwaysvip.com/ 2 KB
3 KB 1128ms
795ms Document
text/html 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sit-hkia-booking-ui.allwaysvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 2419
content-type: text/html
date: Sun, 04 Aug 2024 03:27:44 GMT
etag: "42750f5d5067c9c170a9a274db79ab8e"
last-modified: Thu, 01 Aug 2024 05:25:02 GMT
server: AmazonS3
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-amz-cf-id: GJqTi-gAzm-nP2_5irTamnkSWFZ_Y4c7ZrQdFG9NEf3fFxWiUkoycA==
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: AKhFQBj1In40KZXSw1aUSBdPkzBr4c2m
x-cache: Error from cloudfront

GET
H2 200 styles.43eba6adc0a7efc123e1.css
sit-hkia-booking-ui.allwaysvip.com/ 2 KB
3 KB 8ms
7ms Stylesheet
text/html 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sit-hkia-booking-ui.allwaysvip.com/styles.43eba6adc0a7efc123e1.css
Requested by: Host: sit-hkia-booking-ui.allwaysvip.com
URL: https://sit-hkia-booking-ui.allwaysvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: AKhFQBj1In40KZXSw1aUSBdPkzBr4c2m
date: Sun, 04 Aug 2024 03:27:44 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 05:25:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "42750f5d5067c9c170a9a274db79ab8e"
x-cache: Error from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 2419
x-amz-cf-id: lSjpli4OPCYaX1feu6tg8uEnLp29rhf_sLNt8Qoh_ZgBSNAEUyx_Vg==

GET
H2 200 consenTag.js Show response
consentag.eu/public/3.0.1/ 6 KB
3 KB 31ms
8ms Script
text/javascript 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consentag.eu/public/3.0.1/consenTag.js

Requested by

Host: sit-hkia-booking-ui.allwaysvip.com
URL: https://sit-hkia-booking-ui.allwaysvip.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

171.173.107.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:42:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
age: 863136
x-guploader-uploadid: AHxI1nPcUPd7tQKuejvEZItnUljrGUKjh9Sq2T6UWBp5WfF1a1_UHTYzXkHQeOdumIHo3L6Pr04
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2606
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
etag: "bbf29cf3e8db1d93e091a797634232a9"
x-goog-hash: crc32c=Uvujaw==, md5=u/Kc8+jbHZPgkaeXY0IyqQ==
x-goog-generation: 1640523991137254
content-language: en
content-type: text/javascript
cache-control: no-transform
x-goog-stored-content-length: 2606
accept-ranges: bytes
expires: Fri, 25 Jul 2025 03:42:07 GMT

GET
H2 200 runtime.42dbd6e910ed764c4e97.js Show response
sit-hkia-booking-ui.allwaysvip.com/ 2 KB
3 KB 8ms
7ms Script
text/html 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sit-hkia-booking-ui.allwaysvip.com/runtime.42dbd6e910ed764c4e97.js
Requested by: Host: sit-hkia-booking-ui.allwaysvip.com
URL: https://sit-hkia-booking-ui.allwaysvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: AKhFQBj1In40KZXSw1aUSBdPkzBr4c2m
date: Sun, 04 Aug 2024 03:27:44 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 05:25:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "42750f5d5067c9c170a9a274db79ab8e"
x-cache: Error from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 2419
x-amz-cf-id: UXVCQvexXIA2Xh-t8YYHN0X4EMF6UrfT9m3kp8Y2m5K3eedTx4I9yw==

GET
H2 200 polyfills.bfcc3f24dc6773177e4e.js Show response
sit-hkia-booking-ui.allwaysvip.com/ 2 KB
3 KB 11ms
10ms Script
text/html 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sit-hkia-booking-ui.allwaysvip.com/polyfills.bfcc3f24dc6773177e4e.js
Requested by: Host: sit-hkia-booking-ui.allwaysvip.com
URL: https://sit-hkia-booking-ui.allwaysvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: AKhFQBj1In40KZXSw1aUSBdPkzBr4c2m
date: Sun, 04 Aug 2024 03:27:44 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 05:25:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "42750f5d5067c9c170a9a274db79ab8e"
x-cache: Error from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 2419
x-amz-cf-id: UCwmdTq9uFRJ0mlXONtf3pkq3rReG495AjejQXnOHLfObmxLj6ZCLg==

GET
H2 200 main.1cfb3f53a8ebf9e39dbe.js Show response
sit-hkia-booking-ui.allwaysvip.com/ 2 KB
3 KB 10ms
9ms Script
text/html 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sit-hkia-booking-ui.allwaysvip.com/main.1cfb3f53a8ebf9e39dbe.js
Requested by: Host: sit-hkia-booking-ui.allwaysvip.com
URL: https://sit-hkia-booking-ui.allwaysvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: AKhFQBj1In40KZXSw1aUSBdPkzBr4c2m
date: Sun, 04 Aug 2024 03:27:44 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 05:25:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
etag: "42750f5d5067c9c170a9a274db79ab8e"
x-cache: Error from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 2419
x-amz-cf-id: O_GlkkL83rGeiWiPd0Le8i6xawfxbm-5bnD08LuzrMZKlK8AEUZiLQ==

GET
H2 200 / Show response
customs.affilired.com/track/ 55 KB
12 KB 361ms
281ms Script
text/javascript 18.245.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customs.affilired.com/track/?merchant=4805
Requested by: Host: sit-hkia-booking-ui.allwaysvip.com
URL: https://sit-hkia-booking-ui.allwaysvip.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-129.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7c9731fb64d379fe9b9a6dc277787943f60ed853913c4c2b46600a5a041c82c7

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

jb-x-cache: HIT
date: Sun, 04 Aug 2024 03:27:44 GMT
content-encoding: gzip
via: 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -W1ROdmvxl14GfVO7ABNE_br0uM1cB28UnCxiz7Wvo-bXs7FV3_bcg==
expires: Sun, 11 Aug 2024 03:23:43 GMT

GET
H2 200 340-403617cef02d.js Show response
cdn.denomatic.com/drs/ 4 KB
1 KB 109ms
38ms Script
application/javascript 2600:9000:266e:3a00:0:f8d:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.denomatic.com/drs/340-403617cef02d.js?rnd=2021113B
Requested by: Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=4805
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:3a00:0:f8d:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c4425d66c2c0b21315f1bdc92859f77468ff073f9ce7ffce48034f865fb4b0d0

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 03:27:44 GMT
content-encoding: gzip
via: 1.1 1feab8d6a8e5cc920c359b62fd33d3de.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 11:04:55 GMT
server: nginx
x-amz-cf-pop: FRA56-P8
etag: "f4c-611ba104fc51f-gzip"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=600, s-maxage=86400
accept-ranges: bytes
content-length: 1018
x-amz-cf-id: onWDur0K98gsm-NaeFTiwQnJ5L5EE3KYe_F_aW7mGqFbtQuiUfgU9Q==
jb-x-cache: HIT

GET
H2

200

activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632
11446464.fls.doubleclick.net/ Frame 243C
Redirect Chain

https://11446464.fls.doubleclick.net/activityi;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632?
https://11446464.fls.doubleclick.net/activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treat...

0
0

47ms
47ms

Document
text/html

216.58.206.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11446464.fls.doubleclick.net/activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632?

Requested by

Host: cdn.denomatic.com
URL: https://cdn.denomatic.com/drs/340-403617cef02d.js?rnd=2021113B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 03:27:44 GMT
expires: Sun, 04 Aug 2024 03:27:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Aug 2024 03:27:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11446464.fls.doubleclick.net/activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 popup_silent.html
consentag.eu/public/3.0.1/ Frame FEFD 0
0 20ms
7ms Document
text/html 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://consentag.eu/public/3.0.1/popup_silent.html

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

171.173.107.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 863085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-language: en
content-length: 3889
content-type: text/html
date: Thu, 25 Jul 2024 03:42:59 GMT
etag: "961f6921c00edbfac20c24cc4deda043"
expires: Fri, 25 Jul 2025 03:42:59 GMT
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
strict-transport-security: max-age=31536000; includeSubDomains
x-goog-generation: 1640523991162202
x-goog-hash: crc32c=fNucYA== md5=lh9pIcAO2/rCDCTMTe2gQw==
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3889
x-guploader-uploadid: AHxI1nN4hdfQ3rK24wxeLV6KvCDXUg46WDd3VzG_V8ZrgPXs-fgKNx_1_AewzBDmXSiHdV34VYqID3FXGw

GET
H2 200 favicon.ico
sit-hkia-booking-ui.allwaysvip.com/ 2 KB
3 KB 8ms
8ms Other
text/html 18.66.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sit-hkia-booking-ui.allwaysvip.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: AKhFQBj1In40KZXSw1aUSBdPkzBr4c2m
date: Sun, 04 Aug 2024 03:27:44 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2024 05:25:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 1
x-amz-server-side-encryption: AES256
etag: "42750f5d5067c9c170a9a274db79ab8e"
x-cache: Error from cloudfront
content-type: text/html
accept-ranges: bytes
content-length: 2419
x-amz-cf-id: cXPVWa3TfmIN-ttZIGNn5pf2On8oDa2AVOk9ijQVTeGob_olcPgsJw==

GET
H2 200 0187f5fbfbd6d2e7b4ed4a21b33bf33b.js Show response
cdn.ctnsnet.com/ase/fetch/scraper/72979919/ 35 KB
10 KB 66ms
11ms Script
application/json 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctnsnet.com/ase/fetch/scraper/72979919/0187f5fbfbd6d2e7b4ed4a21b33bf33b.js?caid=4845796eaa7f4196a0987a5114b8c6c2&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4e2d5adc1f6dc57e4823dd160e9b9652af9317bd01086396aad7abc792b885f6

Request headers

Referer: https://sit-hkia-booking-ui.allwaysvip.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-nzt: EggBisclJAFBDAElE8IuAffBFgEA
x-accel-expires: @1722929903
date: Sun, 04 Aug 2024 03:27:44 GMT
via: 1.1 google
x-77-age: 71361
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: frankfurtDE
x-77-nzt-ray: f88df72ecf1cde5130f5ae66222e1c20
vary: accept-encoding
x-77-cache: HIT
content-type: application/json
x-cache: MISS
x-accel-date: 1722670703

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 02:51:34	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 23:15:34	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 07:53:58	Name: IDE Value: AHWqTUn2nvu0EXN7XFbmqC9uPUydik4kOiej4uEIpvS2TPcvh7iOFJQep2Fj2OUS
.consentag.eu/	1970-01-21 02:08:22	Name: bid Value: uk-1722742064-c68e982646074bf28555a9e7e4fc6e05
sit-hkia-booking-ui.allwaysvip.com/	1970-01-21 07:17:58	Name: __tmbid Value: uk-1722742064-c68e982646074bf28555a9e7e4fc6e05

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11446464.fls.doubleclick.net
cdn.ctnsnet.com
cdn.denomatic.com
consentag.eu
customs.affilired.com
sit-hkia-booking-ui.allwaysvip.com
18.245.86.129
18.66.112.35
216.58.206.70
2600:9000:266e:3a00:0:f8d:b880:93a1
2a02:6ea0:c700::18
34.107.173.171
4e2d5adc1f6dc57e4823dd160e9b9652af9317bd01086396aad7abc792b885f6
7c9731fb64d379fe9b9a6dc277787943f60ed853913c4c2b46600a5a041c82c7
a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223
c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91
c4425d66c2c0b21315f1bdc92859f77468ff073f9ce7ffce48034f865fb4b0d0

sit-hkia-booking-ui.allwaysvip.com Open in urlscan Pro 18.66.112.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

43 kBTransfer

114 kBSize

5 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

5 Cookies

Indicators

sit-hkia-booking-ui.allwaysvip.com Open in urlscan Pro
18.66.112.35 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

43 kB
Transfer

114 kB
Size

5
Cookies

12 HTTP transactions
0 data transactions