urlscan.io logo urlscan.io
SecurityTrails logo

accounts-sso.shoalter.com Open in urlscan Pro
34.120.20.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cms.express.hktvmall.com/
Effective URL: https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-...
Submission: On July 03 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 34.120.20.215, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is accounts-sso.shoalter.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 17th 2024. Valid for: a year.
This is the only time accounts-sso.shoalter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 14.198.250.254 132252 (HKMPCL-HK...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 9 34.120.20.215 396982 (GOOGLE-CL...)
28 4
Apex Domain
Subdomains		 Transfer
10 gstatic.com
fonts.gstatic.com
585 KB
9 shoalter.com
accounts-sso.shoalter.com
417 KB
8 hktvmall.com
cms.express.hktvmall.com
978 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
297 KB
28 4
Domain Requested by
10 fonts.gstatic.com fonts.googleapis.com
9 accounts-sso.shoalter.com 1 redirects cms.express.hktvmall.com
accounts-sso.shoalter.com
8 cms.express.hktvmall.com cms.express.hktvmall.com
2 fonts.googleapis.com cms.express.hktvmall.com
accounts-sso.shoalter.com
28 4

This site contains links to these domains. Also see Links.

Domain
www.shoalter.com
Subject Issuer Validity Valid
*.express.hktvmall.com
R3		 2024-05-23 -
2024-08-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
accounts-sso.shoalter.com
Go Daddy Secure Certificate Authority - G2		 2024-03-17 -
2025-04-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Frame ID: 3D54246B2287CF3336270A2B698C852F
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

登入

Page URL History Show full URLs

  1. https://cms.express.hktvmall.com/ Page URL
  2. https://accounts-sso.shoalter.com/oauth2/authorize?response_type=code&client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&r... HTTP 302
    https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /semantic(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2277 kB
Transfer

7493 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cms.express.hktvmall.com/ Page URL
  2. https://accounts-sso.shoalter.com/oauth2/authorize?response_type=code&client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&lang= HTTP 302
    https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cms.express.hktvmall.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cms.express.hktvmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
d9da1e1496e19eb2f8579223a9023237e0b03ecc9be0b32b796e6826ca057fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1527
content-type
text/html
date
Wed, 03 Jul 2024 12:00:13 GMT
etag
"d03-61bd7eae41a40-gzip"
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-hop
10SSERGNISOCPPAOKT 10YXORPREROCOKT
x-xss-protection
1; mode=block
2.8937b0a4.chunk.css
cms.express.hktvmall.com/static/css/ 		564 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cms.express.hktvmall.com/static/css/2.8937b0a4.chunk.css
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
9100ee00478e4545302ee2066a6350b4bddf66390fab9a6905ded844948c13d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
etag
"8cf9c-61bd7eae41a40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-hop
10SSERGNISOCPPAOKT, 10YXORPREROCOKT
accept-ranges
bytes
x-xss-protection
1; mode=block
main.33d05237.chunk.css
cms.express.hktvmall.com/static/css/ 		321 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cms.express.hktvmall.com/static/css/main.33d05237.chunk.css
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
c2a32b7b92d60df66ce0e0c67305af7505756e18477e3208103b4c6bfd1dc4d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
etag
"50519-61bd7eae41a40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-hop
10SSERGNISOCPPAOKT, 10YXORPREROCOKT
accept-ranges
bytes
content-length
38364
x-xss-protection
1; mode=block
2.3fe3b224.chunk.js
cms.express.hktvmall.com/static/js/ 		2 MB
639 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.express.hktvmall.com/static/js/2.3fe3b224.chunk.js
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
a6a26fc7ee94cb041ad40330521d1587dddc216fccdcfe086168e418b9860950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
etag
"24fa61-61bd7eae41a40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-hop
10SSERGNISOCPPAOKT, 10YXORPREROCOKT
accept-ranges
bytes
x-xss-protection
1; mode=block
main.5f898475.chunk.js
cms.express.hktvmall.com/static/js/ 		1 MB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.express.hktvmall.com/static/js/main.5f898475.chunk.js
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
4645f983e3c4b26a53aef0989e1a08f3b29f3383c05889f23678d7e990b18dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
etag
"11899d-61bd7eae41a40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-hop
10SSERGNISOCPPAOKT, 10YXORPREROCOKT
accept-ranges
bytes
x-xss-protection
1; mode=block
notosanstc.css
fonts.googleapis.com/earlyaccess/ 		1 MB
296 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/notosanstc.css
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/static/css/main.33d05237.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e12d65eec453c2489057649638a3117efd5bf73fb2594d74e5516bbcc0ddb47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jul 2024 12:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 11:02:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jul 2024 12:00:14 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 04:42:32 GMT
x-content-type-options
nosniff
age
544671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66600
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:29:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 04:42:32 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:46:51 GMT
x-content-type-options
nosniff
age
76412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74048
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:39:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:46:51 GMT
-nF7OG829Oofr2wohFbTp9i1OCEK.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9i1OCEK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:59:58 GMT
x-content-type-options
nosniff
age
75625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24952
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:28:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:59:58 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:07:06 GMT
x-content-type-options
nosniff
age
75197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60376
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:29:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:07:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:50:37 GMT
x-content-type-options
nosniff
age
497386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35752
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:31:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 17:50:37 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 12:03:40 GMT
x-content-type-options
nosniff
age
518203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71744
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:39:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 12:03:40 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 02:01:13 GMT
x-content-type-options
nosniff
age
554350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74364
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:39:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 02:01:13 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:36:57 GMT
x-content-type-options
nosniff
age
498206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71816
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:29:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 17:36:57 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		76 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:18:06 GMT
x-content-type-options
nosniff
age
74537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77648
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:24:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:18:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.78.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.78.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://cms.express.hktvmall.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 01:18:49 GMT
x-content-type-options
nosniff
age
470494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40176
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:24:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Jun 2025 01:18:49 GMT
3.b16ff377.chunk.js
cms.express.hktvmall.com/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cms.express.hktvmall.com/static/js/3.b16ff377.chunk.js
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/zh/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
etag
"dbb-61bd7eae41a40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-hop
10SSERGNISOCPPAOKT, 10YXORPREROCOKT
accept-ranges
bytes
content-length
1392
x-xss-protection
1; mode=block
HKTVwetMarket.c2651dcb.svg
cms.express.hktvmall.com/static/media/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.express.hktvmall.com/static/media/HKTVwetMarket.c2651dcb.svg
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/zh/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/zh/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:22 GMT
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
x-content-type-options
nosniff
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
etag
"20fd-61bd7eae41a40"
x-frame-options
SAMEORIGIN
x-hop
10SSERGNISOCPPAOKT, 10YXORPREROCOKT
content-type
image/svg+xml
accept-ranges
bytes
content-length
8445
x-xss-protection
1; mode=block
No%20Image%20-%20ZH.50ec28ec.svg
cms.express.hktvmall.com/static/media/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.express.hktvmall.com/static/media/No%20Image%20-%20ZH.50ec28ec.svg
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/zh/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
14.198.250.254 Hong Kong, Hong Kong, ASN132252 (HKMPCL-HK 12F Trans Asia Centre, 18 Kin Hong Street, HK),
Reverse DNS
014198250254.hkmpcl.com
Software
hktv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cms.express.hktvmall.com/zh/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:22 GMT
strict-transport-security
max-age=31536000; IncludeSubDomains; preload;
x-content-type-options
nosniff
last-modified
Thu, 27 Jun 2024 04:53:53 GMT
server
hktv
etag
"f45-61bd7eae41a40"
x-frame-options
SAMEORIGIN
x-hop
10SSERGNISOCPPAOKT, 10YXORPREROCOKT
content-type
image/svg+xml
accept-ranges
bytes
content-length
3909
x-xss-protection
1; mode=block
Primary Request login.do
accounts-sso.shoalter.com/authenticationendpoint/
Redirect Chain
  • https://accounts-sso.shoalter.com/oauth2/authorize?response_type=code&client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&scope=openid&...
  • https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&common...
33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Requested by
Host: cms.express.hktvmall.com
URL: https://cms.express.hktvmall.com/static/js/main.5f898475.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
bf743ef97fa4b0e7d556dbd543d259e98e9acac21e3ad387ef49cd27406a9967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://cms.express.hktvmall.com/zh/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-language
zh
content-type
text/html;charset=UTF-8
date
Wed, 03 Jul 2024 12:00:23 GMT
server
HKTVMall Carbon Server
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 03 Jul 2024 12:00:23 GMT
location
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
server
HKTVMall Carbon Server
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
wso2-default.min.css
accounts-sso.shoalter.com/authenticationendpoint/libs/theme/ 		734 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/wso2-default.min.css
Requested by
Host: accounts-sso.shoalter.com
URL: https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
3b3d58e2ad598e46f39af48a85a9d1ab773679bced881889380e66c55a7282e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 06:23:16 GMT
server
HKTVMall Carbon Server
via
1.1 google
etag
W/"751914-1583475796000"
vary
accept-encoding
x-frame-options
DENY
content-type
text/css
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
jquery-3.4.1.js
accounts-sso.shoalter.com/authenticationendpoint/libs/jquery_3.4.1/ 		286 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-sso.shoalter.com/authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Requested by
Host: accounts-sso.shoalter.com
URL: https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
3f80e8e5e1945b57180397b363fb0a747e1e99cf492d59b4f8cd09bfb239f2b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 06:21:56 GMT
server
HKTVMall Carbon Server
via
1.1 google
etag
W/"292564-1583475716000"
vary
accept-encoding
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
logoshoalter.png
accounts-sso.shoalter.com/authenticationendpoint/libs/theme/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/assets/images/logoshoalter.png
Requested by
Host: accounts-sso.shoalter.com
URL: https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
edd4bb6ee443ded93552b7f5f6fe2d9be69e5fa0b60ba90c6c9a3b4d2e603f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:23 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Sun, 07 Jan 2024 21:47:42 GMT
server
HKTVMall Carbon Server
etag
W/"7627-1704664062000"
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7627
x-xss-protection
1; mode=block
semantic.min.js
accounts-sso.shoalter.com/authenticationendpoint/libs/theme/ 		269 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/semantic.min.js
Requested by
Host: accounts-sso.shoalter.com
URL: https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
b7c19ea67c8f9b0f6df9fa0c87798a36f728aea3476a648ab4a471c695048052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 06:23:16 GMT
server
HKTVMall Carbon Server
via
1.1 google
etag
W/"275730-1583475796000"
vary
accept-encoding
x-frame-options
DENY
content-type
application/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: accounts-sso.shoalter.com
URL: https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/wso2-default.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e245f87c91e4cc60c4f66311f2691f187b9f710259f5f75cd6beff7598d6ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://accounts-sso.shoalter.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jul 2024 12:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 11:51:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jul 2024 12:00:25 GMT
icons.woff2
accounts-sso.shoalter.com/authenticationendpoint/libs/theme/assets/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/assets/fonts/icons.woff2
Requested by
Host: accounts-sso.shoalter.com
URL: https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/wso2-default.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
a12fd41c86a59b4dff636fd500fe325f78e65e9fe867d4cc5961dda45af4034d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/wso2-default.min.css
Origin
https://accounts-sso.shoalter.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:24 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Fri, 06 Mar 2020 06:23:16 GMT
server
HKTVMall Carbon Server
etag
W/"40148-1583475796000"
x-frame-options
DENY
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40148
x-xss-protection
1; mode=block
logincontext
accounts-sso.shoalter.com/ 		20 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts-sso.shoalter.com/logincontext?sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&tenantDomain=carbon.super&_=1720008025464
Requested by
Host: accounts-sso.shoalter.com
URL: https://accounts-sso.shoalter.com/authenticationendpoint/libs/jquery_3.4.1/jquery-3.4.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
*/*
Referer
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:26 GMT
via
1.1 google
x-content-type-options
nosniff
server
HKTVMall Carbon Server
content-type
application/json;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
x-xss-protection
1; mode=block
shoalter-favicon.ico
accounts-sso.shoalter.com/authenticationendpoint/libs/theme/assets/images/ 		99 KB
100 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts-sso.shoalter.com/authenticationendpoint/libs/theme/assets/images/shoalter-favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.20.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.20.120.34.bc.googleusercontent.com
Software
HKTVMall Carbon Server /
Resource Hash
9d30e69a289eac150d16c3bf3a53a27c24fa13187877fb788275993bfdcc2a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://accounts-sso.shoalter.com/authenticationendpoint/login.do?client_id=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&code_challenge=4Var53awt-f-I-F97Sv1CBroSKMY9s65pNHY_HQc0yc&code_challenge_method=S256&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&lang=&passiveAuth=false&redirect_uri=https%3A%2F%2Fcms.express.hktvmall.com%2Foauth2%2FsetAuthCode&response_type=code&scope=openid&state=OGNltvFB8TaGs_rw---EBUTs97VPYDsD&tenantDomain=carbon.super&sessionDataKey=2e655ded-33a8-41a3-871a-99ef50f8a483&relyingParty=EPiuXjkYFkfg2h4U0z0tX0NHkaYa&type=oidc&sp=Express&isSaaSApp=false&authenticators=BasicAuthenticator%3ALOCAL
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 12:00:26 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Sun, 07 Jan 2024 21:47:42 GMT
server
HKTVMall Carbon Server
etag
W/"101805-1704664062000"
x-frame-options
DENY
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101805
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| onHandleInvalid function| setElementValidadity function| setAllInputRequiredElementValidadity function| goBack function| setLocaleParam function| setLocale function| checkSessionKey function| getParameterByName function| myFunction function| handleNoDomain function| changeUsername

1 Cookies

Domain/Path Name / Value
accounts-sso.shoalter.com/authenticationendpoint Name: JSESSIONID
Value: 94952F0128156901265B8DAE5E07410EE59E43211DE474DB55AF059CB4B65B7EC5D632EC4849A7D9B19C2277E8CDF2EA80EDDB4FCE793C69C8904AEE7207EF0C0D5AFAFBE62A7DF8B29D7D30F0AEE770B4625D11996576272953AEB3176559CA4FFC41FA0FDBB01820A4486123CCD24B017FCBFB78C92482C0001C12652A14E5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block