sit-hkia-booking-ui.allwaysvip.com
Open in
urlscan Pro
18.66.112.35
Public Scan
Submission: On August 04 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 4th 2024. Valid for: a year.
This is the only time sit-hkia-booking-ui.allwaysvip.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 18.66.112.35 18.66.112.35 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 34.107.173.171 34.107.173.171 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 18.245.86.129 18.245.86.129 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:266... 2600:9000:266e:3a00:0:f8d:b880:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 216.58.206.70 216.58.206.70 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::18 | 60068 (CDN77 _) (CDN77 _) | |
12 | 6 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-35.fra56.r.cloudfront.net
sit-hkia-booking-ui.allwaysvip.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.173.107.34.bc.googleusercontent.com
consentag.eu |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-129.fra60.r.cloudfront.net
customs.affilired.com |
ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f6.1e100.net
11446464.fls.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
allwaysvip.com
sit-hkia-booking-ui.allwaysvip.com |
16 KB |
2 |
doubleclick.net
1 redirects
11446464.fls.doubleclick.net |
599 B |
2 |
consentag.eu
consentag.eu — Cisco Umbrella Rank: 39982 |
3 KB |
1 |
ctnsnet.com
cdn.ctnsnet.com — Cisco Umbrella Rank: 40154 |
10 KB |
1 |
denomatic.com
cdn.denomatic.com — Cisco Umbrella Rank: 140845 |
1 KB |
1 |
affilired.com
customs.affilired.com — Cisco Umbrella Rank: 120776 |
12 KB |
12 | 6 |
Domain | Requested by | |
---|---|---|
6 | sit-hkia-booking-ui.allwaysvip.com |
sit-hkia-booking-ui.allwaysvip.com
|
2 | 11446464.fls.doubleclick.net |
1 redirects
cdn.denomatic.com
|
2 | consentag.eu |
sit-hkia-booking-ui.allwaysvip.com
consentag.eu |
1 | cdn.ctnsnet.com |
consentag.eu
|
1 | cdn.denomatic.com |
customs.affilired.com
|
1 | customs.affilired.com |
sit-hkia-booking-ui.allwaysvip.com
|
12 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.allwaysvip.com Go Daddy Secure Certificate Authority - G2 |
2024-01-04 - 2025-02-04 |
a year | crt.sh |
consentag.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-04-17 - 2025-05-18 |
a year | crt.sh |
www.affilired.com GeoTrust EV RSA CA 2018 |
2023-08-29 - 2024-09-28 |
a year | crt.sh |
*.denomatic.com Sectigo RSA Domain Validation Secure Server CA |
2023-11-06 - 2024-12-06 |
a year | crt.sh |
*.doubleclick.net WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
www.cdn77.com R10 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://sit-hkia-booking-ui.allwaysvip.com/
Frame ID: 3460532DB50D132F47F793C651D82F65
Requests: 10 HTTP requests in this frame
Frame:
https://11446464.fls.doubleclick.net/activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632
Frame ID: 243C295C1BEFED11CBE01AC412470B94
Requests: 1 HTTP requests in this frame
Frame:
https://consentag.eu/public/3.0.1/popup_silent.html
Frame ID: FEFD51D0B5DAC35E99DF2E70C014C03D
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://11446464.fls.doubleclick.net/activityi;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632 HTTP 302
- https://11446464.fls.doubleclick.net/activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sit-hkia-booking-ui.allwaysvip.com/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.43eba6adc0a7efc123e1.css
sit-hkia-booking-ui.allwaysvip.com/ |
2 KB 3 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consenTag.js
consentag.eu/public/3.0.1/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.42dbd6e910ed764c4e97.js
sit-hkia-booking-ui.allwaysvip.com/ |
2 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.bfcc3f24dc6773177e4e.js
sit-hkia-booking-ui.allwaysvip.com/ |
2 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.1cfb3f53a8ebf9e39dbe.js
sit-hkia-booking-ui.allwaysvip.com/ |
2 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
customs.affilired.com/track/ |
55 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
340-403617cef02d.js
cdn.denomatic.com/drs/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activityi;dc_pre=CLXVnaay2ocDFbJhHgId7i0Anw;ltd=0;npa=0;src=11446464;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17443126272226.632
11446464.fls.doubleclick.net/ Frame 243C Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popup_silent.html
consentag.eu/public/3.0.1/ Frame FEFD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
sit-hkia-booking-ui.allwaysvip.com/ |
2 KB 3 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0187f5fbfbd6d2e7b4ed4a21b33bf33b.js
cdn.ctnsnet.com/ase/fetch/scraper/72979919/ |
35 KB 10 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| consenTag boolean| aff_masterTag object| AffUtils boolean| aff_denomatic object| AffMLC object| AffDedup string| DNdbmID string| DNsegment string| DNcounter number| DNidp object| DNproduct object| UasActiveTag function| __extends function| StorageUtils function| ExpirableStorageItem5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUn2nvu0EXN7XFbmqC9uPUydik4kOiej4uEIpvS2TPcvh7iOFJQep2Fj2OUS |
|
.consentag.eu/ | Name: bid Value: uk-1722742064-c68e982646074bf28555a9e7e4fc6e05 |
|
sit-hkia-booking-ui.allwaysvip.com/ | Name: __tmbid Value: uk-1722742064-c68e982646074bf28555a9e7e4fc6e05 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
11446464.fls.doubleclick.net
cdn.ctnsnet.com
cdn.denomatic.com
consentag.eu
customs.affilired.com
sit-hkia-booking-ui.allwaysvip.com
18.245.86.129
18.66.112.35
216.58.206.70
2600:9000:266e:3a00:0:f8d:b880:93a1
2a02:6ea0:c700::18
34.107.173.171
4e2d5adc1f6dc57e4823dd160e9b9652af9317bd01086396aad7abc792b885f6
7c9731fb64d379fe9b9a6dc277787943f60ed853913c4c2b46600a5a041c82c7
a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223
c2297654cbe09085956698f2fa5bb963664615ff33cd2d67ad8de42271c70f91
c4425d66c2c0b21315f1bdc92859f77468ff073f9ce7ffce48034f865fb4b0d0