bookings.heritagehotels.co.nz

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 192.124.249.109, located in United States and belongs to SUCURI-SEC, US. The main domain is bookings.heritagehotels.co.nz.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 16th 2021. Valid for: a year.

This is the only time bookings.heritagehotels.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	192.124.249.109 192.124.249.109	30148 (SUCURI-SEC) (SUCURI-SEC)
1	52.5.34.21 52.5.34.21	14618 (AMAZON-AES) (AMAZON-AES)
6	2

6 192.124.249.109 (United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10109.sucuri.net

bookings.heritagehotels.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.34.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-34-21.compute-1.amazonaws.com

maxbe.staah.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	heritagehotels.co.nz 1 redirects bookings.heritagehotels.co.nz	99 KB
1	staah.net maxbe.staah.net	19 KB
6	2

	Domain	Requested by
6	bookings.heritagehotels.co.nz	1 redirects bookings.heritagehotels.co.nz
1	maxbe.staah.net	bookings.heritagehotels.co.nz
6	2

This site contains no links.

Subject Issuer	Validity	Valid
bookings.heritagehotels.co.nz DigiCert SHA2 Extended Validation Server CA	`2021-07-16` - `2022-08-16`	a year	crt.sh
*.staah.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-10` - `2022-06-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
Frame ID: B6DB62EA0A1F22BEF3AD3F0370D4290A
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

117 kB
Transfer

531 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://bookings.heritagehotels.co.nz/be/loadcart.php?propertyId=null HTTP 302
https://bookings.heritagehotels.co.nz/be/accessdenied.php

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cart Show response
bookings.heritagehotels.co.nz/be/ 1 KB
1 KB 1760ms
562ms Document
text/html 192.124.249.109
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.109 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10109.sucuri.net

Software

nginx /

Resource Hash

930c84199dfe810a9884195b874eb0ef564821f2b6467ba91b1b469dbbe26f57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: bookings.heritagehotels.co.nz
:scheme: https
:path: /be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 26 Oct 2021 19:09:09 GMT
content-type: text/html; charset=UTF-8
content-length: 556
x-sucuri-id: 15009
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
referrer-policy: same-origin
set-cookie: AWSALB=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; Expires=Tue, 02 Nov 2021 19:09:09 GMT; Path=/ AWSALBCORS=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; Expires=Tue, 02 Nov 2021 19:09:09 GMT; Path=/; SameSite=None; Secure PHPSESSID=ofmh83e4u0qsj3m5l59r7d57c0; path=/; secure;HttpOnly;Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
expires: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
x-sucuri-cache: BYPASS

GET
H2 200 jquery-2.1.4.js Show response
bookings.heritagehotels.co.nz/be/js/ 300 KB
76 KB 119ms
118ms Script
application/javascript 192.124.249.109
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.heritagehotels.co.nz/be/js/jquery-2.1.4.js

Requested by

Host: bookings.heritagehotels.co.nz
URL: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.109 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10109.sucuri.net

Software

nginx /

Resource Hash

627d19357387717eef800476f11fc75f43de0430f4294da741fca586d55e7bde

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /be/js/jquery-2.1.4.js
pragma: no-cache
cookie: AWSALB=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; AWSALBCORS=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; PHPSESSID=ofmh83e4u0qsj3m5l59r7d57c0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bookings.heritagehotels.co.nz
referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 19:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 11 Mar 2021 04:41:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "4af25-5bd3b6491e614-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
set-cookie: AWSALB=Ugv8yUn3deOPwbsb2mXxO2R1aVvMUb/XJer/QCnlSeNNuIzRYYcL/RoGk9H3OKSGaIgQ3i12Qjm07n6xdpJWVX/5O3PB7LqpOmF7tJtQeUw4AYO1CckIF9Q6dpPW; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/ AWSALBCORS=Ugv8yUn3deOPwbsb2mXxO2R1aVvMUb/XJer/QCnlSeNNuIzRYYcL/RoGk9H3OKSGaIgQ3i12Qjm07n6xdpJWVX/5O3PB7LqpOmF7tJtQeUw4AYO1CckIF9Q6dpPW; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cart.js Show response
bookings.heritagehotels.co.nz/be/js/ 70 KB
12 KB 401ms
400ms Script
application/javascript 192.124.249.109
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.heritagehotels.co.nz/be/js/cart.js

Requested by

Host: bookings.heritagehotels.co.nz
URL: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.109 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10109.sucuri.net

Software

nginx /

Resource Hash

a2d8bec650fe23f49753a69ed416a116f3831a6b1abe75cf8be60ac35731e7a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /be/js/cart.js
pragma: no-cache
cookie: AWSALB=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; AWSALBCORS=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; PHPSESSID=ofmh83e4u0qsj3m5l59r7d57c0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bookings.heritagehotels.co.nz
referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 19:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 11081
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 07 Sep 2021 11:12:29 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1174f-5cb65d76d838e-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
set-cookie: AWSALB=IWYZlUBr8kT+EYhngtcxT7yDcENMO6b5A36AnzA5inZNiOQHzCDqD5k3kImML21RjALUbTfiXbKo+MLBWXhuS06Dum49cRqWhEjzE1S/FIRsg75JFGhzRIQDRQj6; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/ AWSALBCORS=IWYZlUBr8kT+EYhngtcxT7yDcENMO6b5A36AnzA5inZNiOQHzCDqD5k3kImML21RjALUbTfiXbKo+MLBWXhuS06Dum49cRqWhEjzE1S/FIRsg75JFGhzRIQDRQj6; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.css
maxbe.staah.net/themes/blue/css/ 132 KB
19 KB 335ms
109ms Stylesheet
text/css 52.5.34.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://maxbe.staah.net/themes/blue/css/bootstrap.css?

Requested by

Host: bookings.heritagehotels.co.nz
URL: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.34.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-34-21.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9760f46b68bc182c01dceb4ce595c116470749c1a5246e3c8d14f77842947af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 19:09:10 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 04:25:25 GMT
server: Apache
x-frame-options: sameorigin
etag: "2109f-5bd3b2c306a51-gzip"
vary: Accept-Encoding
content-type: text/css
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 18451

GET
H2 200 bootstrap.min.js Show response
bookings.heritagehotels.co.nz/be/js/ 27 KB
8 KB 387ms
387ms Script
application/javascript 192.124.249.109
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.heritagehotels.co.nz/be/js/bootstrap.min.js

Requested by

Host: bookings.heritagehotels.co.nz
URL: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.109 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10109.sucuri.net

Software

nginx /

Resource Hash

54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /be/js/bootstrap.min.js
pragma: no-cache
cookie: AWSALB=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; AWSALBCORS=0Ov5Un0Nt3C0hceoEi6XJWE0Xa0KbLeLKn+/B8mpAj89tvM+nIETyy57zP6r1cMS8XIiOp+bE78knyw4DpYb/CIj7M8KPNbQ1SOPvILmNx3ChUpljZKGQ3YwBiBf; PHPSESSID=ofmh83e4u0qsj3m5l59r7d57c0
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bookings.heritagehotels.co.nz
referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 19:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 7252
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Thu, 11 Mar 2021 04:41:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "6c4e-5bd3b6491d675-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
set-cookie: AWSALB=ZNGXCde7bHU5YfB4kbOWHqPz5SzW2YYLUrVh2pKdDr6gpgEzzzhdU6F0Wie/zUxMnEDT2osonJh/RcMSLtoHVS+S9EFuPf/140v7GU+7zJelPEKjz8fKUEMUsWKG; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/ AWSALBCORS=ZNGXCde7bHU5YfB4kbOWHqPz5SzW2YYLUrVh2pKdDr6gpgEzzzhdU6F0Wie/zUxMnEDT2osonJh/RcMSLtoHVS+S9EFuPf/140v7GU+7zJelPEKjz8fKUEMUsWKG; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/; SameSite=None; Secure
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

accessdenied.php Show response
bookings.heritagehotels.co.nz/be/
Redirect Chain

https://bookings.heritagehotels.co.nz/be/loadcart.php?propertyId=null
https://bookings.heritagehotels.co.nz/be/accessdenied.php

444 B
980 B

105ms
105ms

XHR
text/html

192.124.249.109
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://bookings.heritagehotels.co.nz/be/accessdenied.php

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.109 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10109.sucuri.net

Software

nginx /

Resource Hash

b158932202df816ad982682886bea3c6a0a90d1e4de8be334a33839311a803f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: PHPSESSID=ofmh83e4u0qsj3m5l59r7d57c0; AWSALB=2NYPzXuCCKvfooQr8tGfhXgLbQnd6QWJR2Qs+O2inzPxEi2mdQ6GT/XNsWOR/YCThq+kOGOljrjzMU3tSZhdz7Oba+DlRUqut0059kNG7B3kPD8whwM+8OhxiHMs; AWSALBCORS=2NYPzXuCCKvfooQr8tGfhXgLbQnd6QWJR2Qs+O2inzPxEi2mdQ6GT/XNsWOR/YCThq+kOGOljrjzMU3tSZhdz7Oba+DlRUqut0059kNG7B3kPD8whwM+8OhxiHMs
:path: /be/accessdenied.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: bookings.heritagehotels.co.nz
referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://bookings.heritagehotels.co.nz/be/cart?propertyId=OTk&groupId=Nzk&checkIn=27-10-2021&checkOut=28-10-2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 19:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: BYPASS
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 266
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
set-cookie: AWSALB=7pt/8PtBLNQm66I09QaIHIDKMUB5b5sSQ++9bjis/BQ+236M6IROjhw75Y3q1ykZhnsgHEg4kGhdPmUMp5egFc3/dneMTElNgYPEUgodn6ZeKhbjZJ4LHXnXftFx; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/ AWSALBCORS=7pt/8PtBLNQm66I09QaIHIDKMUB5b5sSQ++9bjis/BQ+236M6IROjhw75Y3q1ykZhnsgHEg4kGhdPmUMp5egFc3/dneMTElNgYPEUgodn6ZeKhbjZJ4LHXnXftFx; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/; SameSite=None; Secure
expires: 0

Redirect headers

date: Tue, 26 Oct 2021 19:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 20
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: accessdenied.php
cache-control: no-cache, no-store, must-revalidate
x-sucuri-id: 15009
content-security-policy: upgrade-insecure-requests;
set-cookie: AWSALB=2NYPzXuCCKvfooQr8tGfhXgLbQnd6QWJR2Qs+O2inzPxEi2mdQ6GT/XNsWOR/YCThq+kOGOljrjzMU3tSZhdz7Oba+DlRUqut0059kNG7B3kPD8whwM+8OhxiHMs; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/ AWSALBCORS=2NYPzXuCCKvfooQr8tGfhXgLbQnd6QWJR2Qs+O2inzPxEi2mdQ6GT/XNsWOR/YCThq+kOGOljrjzMU3tSZhdz7Oba+DlRUqut0059kNG7B3kPD8whwM+8OhxiHMs; Expires=Tue, 02 Nov 2021 19:09:10 GMT; Path=/; SameSite=None; Secure
expires: 0

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bookings.heritagehotels.co.nz/	1969-12-31 23:59:59	Name: PHPSESSID Value: ofmh83e4u0qsj3m5l59r7d57c0
maxbe.staah.net/	1970-01-19 22:24:40	Name: AWSALBCORS Value: 9OPxM3C6tcLXlXG3TspM4xfs2ZBbXHKe6+liAkU8Ti3AL8e/zu9Iqk1s8I59yZ/SGrGApu4I/Cv2T5vwdOB6KDO8Cj5GvseMAQaMp1D26UNJU6+HrmWLF98r+wML
bookings.heritagehotels.co.nz/	1970-01-19 22:24:40	Name: AWSALB Value: 7pt/8PtBLNQm66I09QaIHIDKMUB5b5sSQ++9bjis/BQ+236M6IROjhw75Y3q1ykZhnsgHEg4kGhdPmUMp5egFc3/dneMTElNgYPEUgodn6ZeKhbjZJ4LHXnXftFx
bookings.heritagehotels.co.nz/	1970-01-19 22:24:40	Name: AWSALBCORS Value: 7pt/8PtBLNQm66I09QaIHIDKMUB5b5sSQ++9bjis/BQ+236M6IROjhw75Y3q1ykZhnsgHEg4kGhdPmUMp5egFc3/dneMTElNgYPEUgodn6ZeKhbjZJ4LHXnXftFx

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bookings.heritagehotels.co.nz
maxbe.staah.net
192.124.249.109
52.5.34.21
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
627d19357387717eef800476f11fc75f43de0430f4294da741fca586d55e7bde
930c84199dfe810a9884195b874eb0ef564821f2b6467ba91b1b469dbbe26f57
a2d8bec650fe23f49753a69ed416a116f3831a6b1abe75cf8be60ac35731e7a9
b158932202df816ad982682886bea3c6a0a90d1e4de8be334a33839311a803f6
b9760f46b68bc182c01dceb4ce595c116470749c1a5246e3c8d14f77842947af

bookings.heritagehotels.co.nz Open in urlscan Pro 192.124.249.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

117 kBTransfer

531 kBSize

4 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

bookings.heritagehotels.co.nz Open in urlscan Pro
192.124.249.109 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

117 kB
Transfer

531 kB
Size

4
Cookies

6 HTTP transactions
0 data transactions