www.checkmytrip.com Open in urlscan Pro
192.225.208.95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://checkmytrip.app.link/
Effective URL:
https://www.checkmytrip.com/
Submission: On December 13 via manual (December 13th 2018, 5:07:03 am UTC)

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 192.225.208.95, located in Arlington, United States and belongs to WHISKEYNET - Distil, Inc, US. The main domain is www.checkmytrip.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on March 13th 2018. Valid for: a year.

This is the only time www.checkmytrip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:204... 2600:9000:2047:1800:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2600:9000:204... 2600:9000:2047:5e00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 9	192.225.208.95 192.225.208.95	62660 (WHISKEYNET) (WHISKEYNET - Distil)
4	195.27.31.225 195.27.31.225	1273 (CW Vodafo...) (CW Vodafone Group PLC)
2	18.217.25.191 18.217.25.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
13	3

1 2600:9000:2047:1800:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

checkmytrip.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:5e00:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

checkmytrip.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.225.208.95 (Arlington, United States) 2 redirects

ASN62660 (WHISKEYNET - Distil, Inc, US)

www.checkmytrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.27.31.225 (Frankfurt Am Main, Germany)

ASN1273 (CW Vodafone Group PLC, GB)

static.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.217.25.191 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-217-25-191.us-east-2.compute.amazonaws.com

api-na.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	checkmytrip.com 2 redirects www.checkmytrip.com	46 KB
6	geetest.com static.geetest.com api-na.geetest.com	104 KB
2	app.link 2 redirects checkmytrip.app.link	1 KB
13	3

	Domain	Requested by
9	www.checkmytrip.com	2 redirects www.checkmytrip.com
4	static.geetest.com	www.checkmytrip.com static.geetest.com
2	api-na.geetest.com	static.geetest.com
2	checkmytrip.app.link	2 redirects
13	4

This site contains links to these domains. Also see Links.

Domain
www.geetest.com

Subject Issuer	Validity	Valid
www.checkmytrip.com COMODO RSA Organization Validation Secure Server CA	`2018-03-13` - `2019-03-22`	a year	crt.sh
*.geetest.com AlphaSSL CA - SHA256 - G2	`2014-11-17` - `2019-11-17`	5 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.checkmytrip.com/
Frame ID: 8B2C34735B799FC7165CC718F72606C7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://checkmytrip.app.link/ HTTP 307
https://checkmytrip.app.link/ HTTP 307
https://www.checkmytrip.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

150 kB
Transfer

450 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.geetest.com/first_page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://checkmytrip.app.link/ HTTP 307
https://checkmytrip.app.link/ HTTP 307
https://www.checkmytrip.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.checkmytrip.com/modules/cmtng/img/emailBanner/NCMTNCMT_header.jpg HTTP 302
https://www.checkmytrip.com/modules/cmtng/img/emailBanner/NCMTNCMT_header.jpg

Request Chain 4

http://www.checkmytrip.com/modules/cmtng/img/amadeus_logo_footer.png HTTP 302
https://www.checkmytrip.com/modules/cmtng/img/amadeus_logo_footer.png

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	405 Not Allowed	Primary Request / Show response www.checkmytrip.com/ Redirect Chain http://checkmytrip.app.link/ https://checkmytrip.app.link/ https://www.checkmytrip.com/	9 KB 3 KB	939ms 589ms	Document text/html	192.225.208.95 Distil
General Check archive.org Show headers Download Go to Full URL https://www.checkmytrip.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.225.208.95 Arlington, United States, ASN62660 (WHISKEYNET - Distil, Inc, US), Reverse DNS Software nginx / Resource Hash `25a6f62f8da35334e6a6d08f3fc3c9124c98384278fbacd37a04cb2f0be2fcfd` Request headers Host www.checkmytrip.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx Date Thu, 13 Dec 2018 05:06:45 GMT Content-Type text/html Connection keep-alive X-RPM 1 1 X-RPS 1 1 X-RSL 0 0 X-DB 2097153 0 X-DW 0 32 Accept-Ranges bytes X-Cnection close Vary Accept-Encoding Expires Thu, 01 Jan 1970 00:00:01 GMT Cache-Control private, no-cache, no-store, must-revalidate Edge-Control no-store, bypass-cache Surrogate-Control no-store, bypass-cache Content-Encoding gzip Content-Length 2692 Redirect headers Content-Length 0 Connection keep-alive Server openresty/1.13.6.2 Date Thu, 13 Dec 2018 05:06:44 GMT X-Powered-By Express Set-Cookie _s=4ZtkI7poovXaD%2FDqldvyUZnVioBYwYkspWTz3KUJXk2qF2qldfBUFPRgNBLrccnL; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Fri, 13 Dec 2019 05:06:44 GMT Last-Modified Thu, 13 Dec 2018 05:06:44 GMT Location https://www.checkmytrip.com X-Cache Miss from cloudfront Via 1.1 4ba0e9deb9465045a3261b8712935964.cloudfront.net (CloudFront) X-Amz-Cf-Id B77QwhsO57YEW043idawndnYs1o-4rQiH3YEHWhtrrULMVm7tpufRQ==
GET H/1.1	200 OK	cmtvbqaqwczbv.js Show response www.checkmytrip.com/	38 KB 11 KB	106ms 105ms	Script application/x-javascript	192.225.208.95 Distil
General Check archive.org Show headers Download Go to Full URL https://www.checkmytrip.com/cmtvbqaqwczbv.js Requested by Host: www.checkmytrip.com URL: https://www.checkmytrip.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.225.208.95 Arlington, United States, ASN62660 (WHISKEYNET - Distil, Inc, US), Reverse DNS Software nginx / Resource Hash `321493572fb2e18e563548bd95c187015e16fb10d168a408a641902d3188af3f` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.checkmytrip.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.checkmytrip.com/ Connection keep-alive Cache-Control no-cache Referer https://www.checkmytrip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 13 Dec 2018 05:06:46 GMT Content-Encoding gzip Server nginx Surrogate-Control no-store, bypass-cache Transfer-Encoding chunked Connection keep-alive Content-Type application/x-javascript X-RPM 2 Edge-Control no-store, bypass-cache Cache-Control private, max-age=240, s-maxage=0, must-revalidate X-RSL 0.112 X-RPS 2 X-DW 134217728 X-DB 0
GET H/1.1	200 OK	NCMTNCMT_header.jpg www.checkmytrip.com/modules/cmtng/img/emailBanner/ Redirect Chain http://www.checkmytrip.com/modules/cmtng/img/emailBanner/NCMTNCMT_header.jpg https://www.checkmytrip.com/modules/cmtng/img/emailBanner/NCMTNCMT_header.jpg	24 KB 24 KB	769ms 768ms	Image image/jpeg	192.225.208.95 Distil
General Check archive.org Show headers Download Go to Show image Full URL https://www.checkmytrip.com/modules/cmtng/img/emailBanner/NCMTNCMT_header.jpg Requested by Host: www.checkmytrip.com URL: https://www.checkmytrip.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.225.208.95 Arlington, United States, ASN62660 (WHISKEYNET - Distil, Inc, US), Reverse DNS Software nginx / Resource Hash `f739086a1f0b2f7e6f6e78dbf3701cdfa9382e69de3b820491cbee9350a247a9` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Cnection close Date Thu, 13 Dec 2018 05:06:47 GMT Last-Modified Fri, 03 Aug 2018 15:20:08 GMT Server nginx Content-Type image/jpeg X-RPM 2 X-RPS 2 Cache-Control max-age=604800, public X-RSL 0.715 Connection keep-alive Accept-Ranges bytes Content-Length 24144 X-DW 134217728 X-DB 0 Expires Thu, 13 Dec 2018 06:06:47 GMT Redirect headers Date Thu, 13 Dec 2018 05:06:46 GMT Server nginx Content-Type image/jpeg Location https://www.checkmytrip.com/modules/cmtng/img/emailBanner/NCMTNCMT_header.jpg X-RPS 1 X-RPM 1 X-RSL 0 Connection keep-alive Content-Length 0 X-DW 134217728 X-DB 0
GET H/1.1	200 OK	distil_r_captcha.util.js Show response www.checkmytrip.com/	2 KB 1 KB	199ms 95ms	Script application/x-javascript	192.225.208.95 Distil
General Check archive.org Show headers Download Go to Full URL https://www.checkmytrip.com/distil_r_captcha.util.js Requested by Host: www.checkmytrip.com URL: https://www.checkmytrip.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.225.208.95 Arlington, United States, ASN62660 (WHISKEYNET - Distil, Inc, US), Reverse DNS Software nginx / Resource Hash `9d88d9f89d6e1f4773c9fcefdf74b4a325825df2ad668f8a9c9a30b0edddce26` Request headers Pragma no-cache Accept-Encoding gzip, deflate, br Host www.checkmytrip.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.checkmytrip.com/ Connection keep-alive Cache-Control no-cache Referer https://www.checkmytrip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 13 Dec 2018 05:06:46 GMT Content-Encoding gzip Server nginx Surrogate-Control no-store, bypass-cache Transfer-Encoding chunked Connection keep-alive Content-Type application/x-javascript X-RPM 2 Edge-Control no-store, bypass-cache Cache-Control private, no-cache, no-store, must-revalidate X-RSL 0.218 X-RPS 2 X-DW 134217728 X-DB 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	gt.js Show response static.geetest.com/static/tools/	8 KB 3 KB	689ms 7ms	Script application/javascript	195.27.31.225 CW Vodafone Group...
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/tools/gt.js Requested by Host: www.checkmytrip.com URL: https://www.checkmytrip.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB), Reverse DNS Software Tengine / Resource Hash `4370c9fef18b691d4eb13b4bc1b0f0a947886ca50cc6b2d5e4c56fa9635c5d6f` Request headers Referer https://www.checkmytrip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 12 Dec 2018 06:31:23 GMT content-encoding gzip x-oss-request-id 5C10AB3A4001558A5B0937FE content-md5 t9JhUy+KVG2LR7ccq+ffoQ== age 81323 x-cache HIT TCP_MEM_HIT dirn:1:796442741 status 200 x-swift-cachetime 86400 x-swift-savetime Thu, 13 Dec 2018 02:24:06 GMT content-length 2355 x-oss-object-type Normal access-control-allow-origin * last-modified Thu, 22 Nov 2018 02:44:17 GMT server Tengine etag "B7D261532F8A546D8B47B71CABE7DFA1" vary Accept-Encoding ali-swift-global-savetime 1544667846 content-type application/javascript via cache4.l2hk71[0,200-0,H], cache33.l2hk71[0,0], cache10.de1[0,200-0,H], cache6.de1[1,0] x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 4627367827157087419 eagleid c31b1fce15446776066501869e x-oss-server-time 1 expires Mon, 19 Nov 2018 09:54:36 GMT
GET H/1.1	200 OK	amadeus_logo_footer.png www.checkmytrip.com/modules/cmtng/img/ Redirect Chain http://www.checkmytrip.com/modules/cmtng/img/amadeus_logo_footer.png https://www.checkmytrip.com/modules/cmtng/img/amadeus_logo_footer.png	4 KB 4 KB	564ms 563ms	Image image/png	192.225.208.95 Distil
General Check archive.org Show headers Download Go to Show image Full URL https://www.checkmytrip.com/modules/cmtng/img/amadeus_logo_footer.png Requested by Host: www.checkmytrip.com URL: https://www.checkmytrip.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.225.208.95 Arlington, United States, ASN62660 (WHISKEYNET - Distil, Inc, US), Reverse DNS Software nginx / Resource Hash `c42189f5905d35132db363d95686635ba42c0f2185372aa46872ceeec8981296` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Cnection close Date Thu, 13 Dec 2018 05:06:47 GMT Last-Modified Fri, 03 Aug 2018 15:18:26 GMT Server nginx Content-Type image/png X-RPM 2 X-RPS 2 Cache-Control max-age=604800, public X-RSL 0.712 Connection keep-alive Accept-Ranges bytes Content-Length 4098 X-DW 134217728 X-DB 0 Expires Thu, 13 Dec 2018 06:06:47 GMT Redirect headers Date Thu, 13 Dec 2018 05:06:43 GMT Server nginx Content-Type image/png Location https://www.checkmytrip.com/modules/cmtng/img/amadeus_logo_footer.png X-RPS 1 X-RPM 1 X-RSL 0 Connection keep-alive Content-Length 0 X-DW 134217728 X-DB 0
POST H/1.1	200 OK	Cookie set cmtvbqaqwczbv.js Show response www.checkmytrip.com/	0 1 KB	324ms 93ms	XHR application/x-javascript	192.225.208.95 Distil
General Check archive.org Show headers Download Go to Full URL https://www.checkmytrip.com/cmtvbqaqwczbv.js?PID=68A52E39-15DC-3C91-94BE-AB38E66301F5 Requested by Host: www.checkmytrip.com URL: https://www.checkmytrip.com/cmtvbqaqwczbv.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.225.208.95 Arlington, United States, ASN62660 (WHISKEYNET - Distil, Inc, US), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Pragma no-cache Origin https://www.checkmytrip.com Accept-Encoding gzip, deflate, br Host www.checkmytrip.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept / Cache-Control no-cache Referer https://www.checkmytrip.com/ Connection keep-alive Content-Length 2244 X-Distil-Ajax fcywxvxq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.checkmytrip.com/ Origin https://www.checkmytrip.com X-Distil-Ajax fcywxvxq Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 13 Dec 2018 05:06:47 GMT Content-Encoding gzip X-AH fcywxvxq Surrogate-Control no-store, bypass-cache Transfer-Encoding chunked X-RPM 2 X-RPS 2 X-UID 625574F9-627D-3B1B-AB7C-784B92E3DF94 Connection keep-alive X-JU /cmtvbqaqwczbv.js X-DW 134217728 Edge-Control no-store, bypass-cache Server nginx X-RSL 1.276 Content-Type application/x-javascript Cache-Control private, no-cache, no-store, must-revalidate Set-Cookie D_IID=0026444B-4E26-32F5-B630-B4EA47D087E1;Max-Age=2628000;HttpOnly;Path=/ D_UID=29CF0CCC-AE97-3F68-8E56-D6D48F1B60BB;Max-Age=2628000;HttpOnly;Path=/ D_ZID=E91040E3-DA67-31A8-8C75-EA4D93D52506;Max-Age=2628000;HttpOnly;Path=/ D_ZUID=625574F9-627D-3B1B-AB7C-784B92E3DF94;Max-Age=2628000;HttpOnly;Path=/ D_HID=DCB63E2D-0805-37CE-8D51-20010BA2585F;Max-Age=2628000;HttpOnly;Path=/ D_SID=148.251.45.254:a2+bN0iLnYCSQ4yrV8LGKcEZwvtdCYs7Mobow6poHaA;Max-Age=31536000;HttpOnly;Path=/ X-DB 0 Expires Thu, 01 Jan 1970 00:00:01 GMT
POST H/1.1	200 OK	distil_r_captcha_challenge Show response www.checkmytrip.com/	37 B 477 B	200ms 199ms	XHR text/plain	192.225.208.95 Distil
General Check archive.org Show headers Download Go to Full URL https://www.checkmytrip.com/distil_r_captcha_challenge Requested by Host: www.checkmytrip.com URL: https://www.checkmytrip.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.225.208.95 Arlington, United States, ASN62660 (WHISKEYNET - Distil, Inc, US), Reverse DNS Software nginx / Resource Hash `3f9a904636ff4b2f3ebdbc952bb7ea978149dbc437dd0fa24a3d0e2b8c1965fc` Request headers Pragma no-cache Origin https://www.checkmytrip.com Accept-Encoding gzip, deflate, br Host www.checkmytrip.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Cache-Control no-cache Referer https://www.checkmytrip.com/ Cookie D_IID=0026444B-4E26-32F5-B630-B4EA47D087E1; D_UID=29CF0CCC-AE97-3F68-8E56-D6D48F1B60BB; D_ZID=E91040E3-DA67-31A8-8C75-EA4D93D52506; D_ZUID=625574F9-627D-3B1B-AB7C-784B92E3DF94; D_HID=DCB63E2D-0805-37CE-8D51-20010BA2585F; D_SID=148.251.45.254:a2+bN0iLnYCSQ4yrV8LGKcEZwvtdCYs7Mobow6poHaA Connection keep-alive Content-Length 0 X-Distil-Ajax fcywxvxq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.checkmytrip.com/ Origin https://www.checkmytrip.com X-Distil-Ajax fcywxvxq Response headers Date Thu, 13 Dec 2018 05:06:44 GMT Content-Encoding gzip Server nginx Surrogate-Control no-store, bypass-cache Transfer-Encoding chunked Connection keep-alive Content-Type text/plain X-RPM 1 Edge-Control no-store, bypass-cache Cache-Control private, no-cache, no-store, must-revalidate X-RSL 0 X-RPS 1 X-DW 0 X-DB 2097153 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	gettype.php Show response api-na.geetest.com/	515 B 917 B	624ms 106ms	Script text/javascript	18.217.25.191 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-na.geetest.com/gettype.php?gt=f2ae6cadcf7886856696502e1d55e00c&callback=geetest_1544677611663 Requested by Host: static.geetest.com URL: https://static.geetest.com/static/tools/gt.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.217.25.191 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-217-25-191.us-east-2.compute.amazonaws.com Software openresty / Resource Hash `222fb968821678cd8f3fcc58c59873b7e4bf636c4050f469502456b923b63e26` Request headers Referer https://www.checkmytrip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Thu, 13 Dec 2018 05:06:48 GMT Server openresty Etag "3a8333e89f9a23018cd3c2f8cd26f1c7ce78f634" Content-Type text/javascript;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 515 Expires 0
GET H2	200	fullpage.8.6.4.js Show response static.geetest.com/static/js/	322 KB 91 KB	7ms 7ms	Script application/javascript	195.27.31.225 CW Vodafone Group...
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/js/fullpage.8.6.4.js Requested by Host: static.geetest.com URL: https://static.geetest.com/static/tools/gt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB), Reverse DNS Software Tengine / Resource Hash `9ee5d14c4e0f643b99a315106e8d2c255006e58b272fb3ded977dca3baf22a7d` Request headers Referer https://www.checkmytrip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 12 Dec 2018 11:08:33 GMT content-encoding gzip x-oss-request-id 5C10EC31F58C22D8342BFA7E content-md5 tkb340V5kvVwGJL9ZOKwvA== age 64695 x-cache HIT TCP_MEM_HIT dirn:0:359592762 status 200 x-swift-cachetime 86400 x-swift-savetime Thu, 13 Dec 2018 02:24:48 GMT content-length 92404 x-oss-object-type Normal access-control-allow-origin * last-modified Tue, 27 Nov 2018 03:31:04 GMT server Tengine etag "B646F7E3457992F5701892FD64E2B0BC" vary Accept-Encoding ali-swift-global-savetime 1544667888 content-type application/javascript via cache27.l2hk71[0,200-0,H], cache20.l2hk71[0,0], cache4.de1[0,200-0,H], cache6.de1[0,0] x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 10006595367925475787 eagleid c31b1fce15446776082643258e x-oss-server-time 32
GET H/1.1	200 OK	get.php Show response api-na.geetest.com/	863 B 1 KB	110ms 109ms	Script text/javascript	18.217.25.191 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api-na.geetest.com/get.php?gt=f2ae6cadcf7886856696502e1d55e00c&challenge=437c310501df248e9a7cb0381638eda4&lang=en&pt=0&w=gSl2Nm8(IYxQc2tf5N4Dz1ZjXzT)xvatFn7cT5xNyhoBcpi3c0OVFuvXMH3aKVLGEBFBO(4KRRkAgFbC)zPIY9MTOxfEWvArNWTPwP2cxFMbJMlUi7mVRhSsIP4skeayWCtMrMFPhJTgIwEKKX6PdAd03JdJ44zO8QuqlZqXyFfbMt1ni)qeW4uC2(D1JZeNisb3Kpg2H(7N93X0zgVgPZfFDQ2szYO7gHYMQTcSXn)BC483gfy3ZjAastcrtEujz7ziNzPHCkYCiRw73Y8NKs5(DW1HHenOVmRtcz2RpmvA5vWH0tWi)E9CqMvquWyPG2vPstFbKAVwZhwCIaDV(QCjXoo06dg4IvVjQy91qimdnaFUnEeSK695R9Dipr6H31D1s2)MqsF9nA3dmKW28DzDSUJjQWbPZ)QfTRju6pNxjhqn1xbLLfDiMtsNfWf4wJ)AA9sY1(psfOby2A0dHsro1XCFi4(v7XeUg)KuwZnmubsAyVq9LdbHB2B0KopQD5NWUCOtux(hdqSz9MZtGfJ9fxATSUVha0O3dLzIJyFJ670S)ZXEyR(cba43JvxeKE9OFruMqaudLjY(SYtQtHlBDAYp6lNNA5CWnRr8HQn2uGiZlKTGwXZu)5hfsAGkDoKQQw4wIpofd8zDVxFRF38sO0OJeQDV0B9cQfzWR8VODsHBT9nvJJ1AawVQh8mtDKiAkGyIg26e(tk03DuzfRipKG)sj)I2CBVqbq36dt6VP)sDoBU69BXv7Ejivi8WaXiAuMNefVRAbOO5fsuHXVE(bvN5Z4qHc5hYC)he6fKeImlrDu0nIRnH4g5AhoAaQg)XSRnMRZdmsyVcqHWiLcR(K1kJp1Oytv59wmYqe9OC8o7rXiKJ7udntgP7pJui0)dalrWsXvgixH0Hk2VXRqbE1HJbYWFT84Pa1f7jSo7rXigZUvSZ6A4ztO8GVf1ASrHrDdI16RktaN8nkdmI4XY5h8j3MYhEt2B(VC))feyZbclx(nVPMV2BXXKejVMGDHWALX9NzwyF6Z7eFciCK4IPF8AvIgonpDuQq9xXaYDghPp6TgWL4XMo2FKuBtVYArfOpf28tIDCRKNChB6zNCO75GyexHcv)GOe3kRpuzkKPu(3xLNHZB0X45scdHPD0ywxqphoGs)18Lut)(lygn3Fb6L2nles7)rYpX4KLYcJvsX0UYMRRJmEVGcHaVAdLULgWywlqSaatCVIEGN(SMh2HRWvxgskzZ71Z0yZE4SLGdL6V9vYSTxE3oiS6cai2hULw8HqfDhQvsoiDXZ6ks1ekXFtkRywztzvY3CaTLc9T2Lk(qGnB91M6Oi(xFFg3n6P9k6apFi8(k7Olc26giTotY8eTXesazbBULTdRy(ok5Lzddxn)zfsyE17s4yUXFIyrhrGJGX9BHDr3bbFLqjcolItHovgsoyfW5u17uiwztaNqqDDOSwS1B3SUjMMs9L(5Wg4JWZSu1WA6l(lEKUprfoxBi4dsAPHoVu9lI2QKwrsgFsZhJhwI)BfnyGpi(mPR5LHYfVaa4AelyfDrEGCIX1W4b89tiT4Dlf)fInPH9Z0HrGDuzzz7LPwv3OWWVWQDHsYjenavO6tk(YhPBxEPmzlrjQ(wJVZ1Q5GBy)PFXRfl3TJM44Jm0Be3DV3bN8pSORx4hnew4(B(y4MRg..529903ec5b60bce890b4c9d1e961c1404dface0f5020d6f2100ec525cf87fc85b73b863df5450b159fa7ec3dff605b028c66c6c32ee8c4bcaf90ffefe6b18fb13f57789ae21d906a81d8c891d3e6aa0bb76fbd19bfad946ccf03660e9fe14d1a95ea71211745c4abfdc9152762bc4fa044f7c12bf8b0629a83d93495219cb9d9&callback=geetest_1544677608786 Requested by Host: static.geetest.com URL: https://static.geetest.com/static/js/fullpage.8.6.4.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.217.25.191 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-217-25-191.us-east-2.compute.amazonaws.com Software openresty / Resource Hash `3df5998dc0b6a5dc2269a310cf1c6348c778f17532c2edd4dc1feaabfd2215b2` Request headers Referer https://www.checkmytrip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Thu, 13 Dec 2018 05:06:48 GMT Server openresty Etag "a2d6227bd2350fb5db4920b2db128a11e9a94018" Content-Type text/javascript;charset=UTF-8 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 863 Expires 0
GET H2	200	style_https.1.5.3.css static.geetest.com/static/wind/	39 KB 5 KB	8ms 8ms	Stylesheet text/css	195.27.31.225 CW Vodafone Group...
General Check archive.org Show headers Download Go to Full URL https://static.geetest.com/static/wind/style_https.1.5.3.css Requested by Host: static.geetest.com URL: https://static.geetest.com/static/js/fullpage.8.6.4.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB), Reverse DNS Software Tengine / Resource Hash `d0387850c58dce33edecdd0b98bd0e972b384bbf0e5c954b4d9b94ab36938776` Request headers Referer https://www.checkmytrip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 12 Dec 2018 06:30:32 GMT content-encoding gzip x-oss-request-id 5C10AB084D5A2BAD5804CEB1 content-md5 D2blR9xmtZ1Jk/4tZ3EIQQ== age 81376 x-cache HIT TCP_MEM_HIT dirn:0:354606626 status 200 x-swift-cachetime 86400 x-swift-savetime Wed, 12 Dec 2018 14:39:45 GMT content-length 4549 x-oss-object-type Normal access-control-allow-origin * last-modified Thu, 22 Nov 2018 02:44:42 GMT server Tengine etag "0F66E547DC66B59D4993FE2D67710841" vary Accept-Encoding ali-swift-global-savetime 1544625585 content-type text/css via cache35.l2hk71[0,200-0,H], cache35.l2hk71[0,0], cache5.de1[0,200-0,H], cache6.de1[3,0] cache-control max-age=86400 x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 13316148826969210968 eagleid c31b1fce15446776085773563e x-oss-server-time 16
GET H2	200	sprite.1.5.3.png static.geetest.com/static/wind/	4 KB 4 KB	7ms 6ms	Image image/png	195.27.31.225 CW Vodafone Group...
General Check archive.org Show headers Download Go to Show image Full URL https://static.geetest.com/static/wind/sprite.1.5.3.png Requested by Host: static.geetest.com URL: https://static.geetest.com/static/js/fullpage.8.6.4.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 195.27.31.225 Frankfurt Am Main, Germany, ASN1273 (CW Vodafone Group PLC, GB), Reverse DNS Software Tengine / Resource Hash `3b37042a871ea039f1663dad05f93a9b95714637da812770d6b6c869c958b475` Request headers Referer https://static.geetest.com/static/wind/style_https.1.5.3.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 12 Dec 2018 06:30:34 GMT via cache40.l2hk71[0,200-0,H], cache34.l2hk71[0,0], cache10.de1[0,200-0,H], cache6.de1[1,0] x-oss-request-id 5C10AB0A170C49B900F682B3 content-md5 DieYbN2N71IwBWOrr4HJCg== age 81374 x-cache HIT TCP_MEM_HIT dirn:0:137286671 status 200 x-swift-cachetime 86400 x-swift-savetime Wed, 12 Dec 2018 14:40:19 GMT content-length 3670 x-oss-object-type Normal last-modified Thu, 22 Nov 2018 02:44:25 GMT server Tengine etag "0E27986CDD8DEF52300563ABAF81C90A" ali-swift-global-savetime 1544625619 content-type image/png access-control-allow-origin * x-oss-storage-class Standard accept-ranges bytes timing-allow-origin * x-oss-hash-crc64ecma 13047560786172680821 eagleid c31b1fce15446776085943581e x-oss-server-time 1

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.checkmytrip.com/	1970-01-18 21:48:25	Name: D_HID Value: DCB63E2D-0805-37CE-8D51-20010BA2585F
www.checkmytrip.com/	1970-01-18 21:48:25	Name: D_ZUID Value: 625574F9-627D-3B1B-AB7C-784B92E3DF94
www.checkmytrip.com/	1970-01-18 21:48:25	Name: D_UID Value: 29CF0CCC-AE97-3F68-8E56-D6D48F1B60BB
www.checkmytrip.com/	1970-01-18 21:48:25	Name: D_ZID Value: E91040E3-DA67-31A8-8C75-EA4D93D52506
www.checkmytrip.com/	1970-01-19 05:50:13	Name: D_SID Value: 148.251.45.254:a2+bN0iLnYCSQ4yrV8LGKcEZwvtdCYs7Mobow6poHaA
www.checkmytrip.com/	1970-01-18 21:48:25	Name: D_IID Value: 0026444B-4E26-32F5-B630-B4EA47D087E1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-na.geetest.com
checkmytrip.app.link
static.geetest.com
www.checkmytrip.com
18.217.25.191
192.225.208.95
195.27.31.225
2600:9000:2047:1800:19:9934:6a80:93a1
2600:9000:2047:5e00:19:9934:6a80:93a1
222fb968821678cd8f3fcc58c59873b7e4bf636c4050f469502456b923b63e26
25a6f62f8da35334e6a6d08f3fc3c9124c98384278fbacd37a04cb2f0be2fcfd
321493572fb2e18e563548bd95c187015e16fb10d168a408a641902d3188af3f
3b37042a871ea039f1663dad05f93a9b95714637da812770d6b6c869c958b475
3df5998dc0b6a5dc2269a310cf1c6348c778f17532c2edd4dc1feaabfd2215b2
3f9a904636ff4b2f3ebdbc952bb7ea978149dbc437dd0fa24a3d0e2b8c1965fc
4370c9fef18b691d4eb13b4bc1b0f0a947886ca50cc6b2d5e4c56fa9635c5d6f
9d88d9f89d6e1f4773c9fcefdf74b4a325825df2ad668f8a9c9a30b0edddce26
9ee5d14c4e0f643b99a315106e8d2c255006e58b272fb3ded977dca3baf22a7d
c42189f5905d35132db363d95686635ba42c0f2185372aa46872ceeec8981296
d0387850c58dce33edecdd0b98bd0e972b384bbf0e5c954b4d9b94ab36938776
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f739086a1f0b2f7e6f6e78dbf3701cdfa9382e69de3b820491cbee9350a247a9

www.checkmytrip.com Open in urlscan Pro 192.225.208.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

40 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

150 kBTransfer

450 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

6 Cookies

Indicators

www.checkmytrip.com Open in urlscan Pro
192.225.208.95 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

150 kB
Transfer

450 kB
Size

6
Cookies

13 HTTP transactions
0 data transactions