urlscan.io logo urlscan.io
SecurityTrails logo

t66.asia Open in urlscan Pro
45.76.183.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://t66.asia/
Submission Tags: phishingrod
Submission: On April 18 via api from DE — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 45.76.183.16, located in Singapore and belongs to AS-CHOOPA, US. The main domain is t66.asia.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 16th 2022. Valid for: a year.
This is the only time t66.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.76.183.16 20473 (AS-CHOOPA)
12 104.69.158.168 16625 (AKAMAI-AS)
2 13.33.33.39 16509 (AMAZON-02)
1 13.35.8.122 16509 (AMAZON-02)
1 3.123.186.207 16509 (AMAZON-02)
3 18.141.241.6 16509 (AMAZON-02)
21 7
1    45.76.183.16 (Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: tahug.com
t66.asia
12    104.69.158.168 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-158-168.deploy.static.akamaitechnologies.com
www.trip.com
ak-s.tripcdn.com
m.trip.com
webresource.tripcdn.com
2    13.33.33.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-39.sin2.r.cloudfront.net
webresource.english.c-ctrip.com
1    13.35.8.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-122.sin5.r.cloudfront.net
dimg04.c-ctrip.com
1    3.123.186.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-186-207.eu-central-1.compute.amazonaws.com
chloro.trip.com
3    18.141.241.6 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-241-6.ap-southeast-1.compute.amazonaws.com
ubt-sin.tripcdn.com
Apex Domain
Subdomains		 Transfer
11 tripcdn.com
ak-s.tripcdn.com — Cisco Umbrella Rank: 47894
webresource.tripcdn.com — Cisco Umbrella Rank: 57301
ubt-sin.tripcdn.com — Cisco Umbrella Rank: 40235
191 KB
5 trip.com
www.trip.com — Cisco Umbrella Rank: 40095
m.trip.com — Cisco Umbrella Rank: 54871
chloro.trip.com — Cisco Umbrella Rank: 77229
4 KB
3 c-ctrip.com
webresource.english.c-ctrip.com — Cisco Umbrella Rank: 145814
dimg04.c-ctrip.com — Cisco Umbrella Rank: 62064
205 KB
1 t66.asia
t66.asia
820 B
21 4
Domain Requested by
7 ak-s.tripcdn.com www.trip.com
ak-s.tripcdn.com
3 ubt-sin.tripcdn.com webresource.english.c-ctrip.com
2 m.trip.com webresource.english.c-ctrip.com
2 webresource.english.c-ctrip.com www.trip.com
webresource.english.c-ctrip.com
2 www.trip.com t66.asia
ak-s.tripcdn.com
1 chloro.trip.com webresource.tripcdn.com
1 webresource.tripcdn.com webresource.english.c-ctrip.com
1 dimg04.c-ctrip.com
1 t66.asia
21 9

This site contains links to these domains. Also see Links.

Domain
www.afternic.com
www.thaistay.com
Subject Issuer Validity Valid
*.t66.asia
Starfield Secure Certificate Authority - G2		 2022-04-16 -
2023-05-18		 a year crt.sh
Trip.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-20 -
2023-12-20		 a year crt.sh
*.ctrip.com
GlobalSign RSA OV SSL CA 2018		 2022-06-22 -
2023-07-24		 a year crt.sh
*.trip.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://t66.asia/
Frame ID: 40E6BCA48567AAA6C17D4C09905F5ECF
Requests: 1 HTTP requests in this frame

Frame: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Frame ID: 6DF62BC7D994D914F5C5D85675AD9214
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

t66.asia

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

9
Subdomains

7
IPs

3
Countries

400 kB
Transfer

957 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
t66.asia/ 		1 KB
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t66.asia/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.76.183.16 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
tahug.com
Software
Apache /
Resource Hash
ff6d6dc5d7f4fe7a30ad0e6b88ae741b8d183908ad2c51780916cb56a9af46a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-length
633
content-type
text/html; charset=UTF-8
date
Tue, 18 Apr 2023 19:55:45 GMT
expires
Tue, 18 Apr 2023 19:55:45 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
S13838
www.trip.com/partners/ad/ Frame 6DF6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Requested by
Host: t66.asia
URL: https://t66.asia/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 / Express
Resource Hash
2e1fcd987618f849fb02487e5c576453424595f2dfc9a9ecfa87642c2cf282c3

Request headers

Referer
https://t66.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-length
1042
content-type
text/html; charset=utf-8
date
Tue, 18 Apr 2023 19:55:46 GMT
etag
W/"9cd-+OP2AG0aXs3/0hPiW0ITXfcr2Bw"
server
nginx/1.20.1
vary
Accept-Encoding
x-envoy-upstream-service-time
7
x-ibu-trip-region
SIN-AWS-IBU
x-powered-by
Express
x-trip-region
sg
ad_vendor.e3974adf5fc3aab4390cd1e75d62e811.css
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame 6DF6 		70 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ibu/partner-online/ad_vendor.e3974adf5fc3aab4390cd1e75d62e811.css
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46a5624b87673e1c40b93ad6facb2214fb7ff7d7a61381edbceed0badf51ba47

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
content-encoding
gzip
x-ares-server
r100013666-21027498-vhzl6@SHARB
content-length
9745
x-device
U R iPhone
x-ares-source
aliyun
last-modified
Tue, 16 Aug 2022 06:08:53 GMT
etag
W/"e3974adf5fc3aab4390cd1e75d62e811"
vary
Origin,Accept-Encoding
content-type
text/css
x-varnish
16677357 973572824
access-control-expose-headers
cache-control
x-ares-request-id
639B163C44F3F136336B6685
access-control-allow-credentials
true
cache-control
max-age=634589
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 04:12:15 GMT
ad.097e13f5eac16e1b2233b194c374552f.css
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame 6DF6 		511 B
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ibu/partner-online/ad.097e13f5eac16e1b2233b194c374552f.css
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea131f1a6a0c09115d88164099411421a65c7b9add06b2bab4c31426844c4d8e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
x-ares-server
r100013666-21027498-gnshz@SHARB
content-length
511
x-device
U R iPhone
x-ares-source
aliyun
last-modified
Thu, 09 Dec 2021 08:33:28 GMT
etag
W/"097e13f5eac16e1b2233b194c374552f"
vary
Origin,Accept-Encoding
content-type
text/css
x-varnish
15294285 2902151
access-control-expose-headers
cache-control
x-ares-request-id
63B2F4EF2481223837FC7E2E
access-control-allow-credentials
true
cache-control
max-age=4209943
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Jun 2023 13:21:29 GMT
_bfa.min.js
webresource.english.c-ctrip.com/code/ubt/ Frame 6DF6 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.english.c-ctrip.com/code/ubt/_bfa.min.js
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-39.sin2.r.cloudfront.net
Software
/
Resource Hash
21f2f4fa60334feeafa4f75bbb027d1ef818485b42ab8cf7aaabedee70c9ec96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 07:15:18 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.5), 1.1 d5845d4e49f77b7f0c9511096875b3b4.cloudfront.net (CloudFront)
x-ares-server
r100013666-91017039-nd6xk@SHAXY
x-amz-cf-pop
SIN2-P1
age
477628
x-cache
Hit from cloudfront
x-ares-source
aliyun
last-modified
Thu, 13 Apr 2023 07:15:06 GMT
etag
W/"d18d56664bc09a80f81063ba76c2f277"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
x-ares-request-id
6437AC06C5B6CF39353906A7
access-control-allow-credentials
true
x-varnish
625010000
cache-control
max-age=5184000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
qIQtm--PoBmKQm82j6Gl3m_DL4463HyevF2QMNh8rhgtXMxIJVnJ2g==
expires
Mon, 12 Jun 2023 07:15:18 GMT
cc
ak-s.tripcdn.com/ares/api/ Frame 6DF6 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/ares/api/cc?f=locale%2Fv2%2F6002%2Fen-XX.js%2C%2Flocale%2Fv2%2F100024422%2Fen-XX-10001.js&etagc=fad449e642ecba50a50e81481c3dd5e2
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
829008ac562da506c401ac714f63c36fa33a8ff44d46e3291fa8268801050925

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
content-encoding
gzip
x-ares-server
r100013666-21027498-h5jt5@SHARB
x-device
U R Android
content-length
5448
last-modified
Tue, 11 Apr 2023 08:20:46 GMT
etag
W/"a475e7dbd31b58b83dffed5c380df43f"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5137516
access-control-allow-credentials
true
x-varnish
898432396
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Jun 2023 07:01:02 GMT
ad_vendor.29f5eb675d460116569fd192d412b3e7.js
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame 6DF6 		356 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ibu/partner-online/ad_vendor.29f5eb675d460116569fd192d412b3e7.js
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f9854e282bf970d1f1841d2227a4909f1aba8c913b1c51c65aa165fbc8dda5b2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
content-encoding
gzip
x-ares-server
r100013666-21027498-nbjrc@SHARB
content-length
96306
x-ares-source
aliyun
last-modified
Mon, 27 Mar 2023 08:08:45 GMT
etag
W/"29f5eb675d460116569fd192d412b3e7"
vary
Origin,Accept-Encoding
content-type
application/javascript
x-varnish
672919829
access-control-expose-headers
cache-control
x-ares-request-id
64215235B47AC0303294A8F6
access-control-allow-credentials
true
cache-control
max-age=3241570
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 08:21:56 GMT
ad_react_all.3893bd41d8e0c6431f3fae1b29b74d89.js
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame 6DF6 		134 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ibu/partner-online/ad_react_all.3893bd41d8e0c6431f3fae1b29b74d89.js
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b63228fa5f87d801da03ce2ebec21948238298bee6db7fd2c00dc1fe09b5031e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
content-encoding
gzip
x-ares-server
r100013666-21027498-7jdff@SHARB
content-length
42528
x-ares-source
aliyun
last-modified
Mon, 06 Mar 2023 06:58:49 GMT
etag
W/"3893bd41d8e0c6431f3fae1b29b74d89"
vary
Origin,Accept-Encoding
content-type
application/javascript
x-varnish
484016379
access-control-expose-headers
cache-control
x-ares-request-id
640597F3FB51FB3638FC45CF
access-control-allow-credentials
true
cache-control
max-age=1424487
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 May 2023 07:37:13 GMT
ad.343c1fd86f244e62026caff8e935e036.js
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame 6DF6 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ibu/partner-online/ad.343c1fd86f244e62026caff8e935e036.js
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afd14fa5b191c88d334e71bb2dd7a5faf9f25c15a3eb99d764bdfff11828de85

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
content-encoding
gzip
x-ares-server
r100013666-21027498-8gw85@SHARB
content-length
8623
x-ares-source
aliyun
last-modified
Mon, 27 Mar 2023 08:08:45 GMT
etag
W/"343c1fd86f244e62026caff8e935e036"
vary
Origin,Accept-Encoding
content-type
application/javascript
x-varnish
657919879
access-control-expose-headers
cache-control
x-ares-request-id
64215235D414B23330D9328D
access-control-allow-credentials
true
cache-control
max-age=3241530
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 08:21:16 GMT
getAppConfig.json
m.trip.com/restapi/soa2/18088/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.trip.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.trip.com
access-control-expose-headers
x-service-call x-gate-region
content-length
0
content-type
text/html
date
Tue, 18 Apr 2023 19:55:46 GMT
x-gate
ctrip-gate
x-gate-region
SHAXY
x-gate-root-id
100025527-0a70c342-467179-736785
x-originating-url
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
getAppConfig.json
m.trip.com/restapi/soa2/18088/ Frame 6DF6 		666 B
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
Requested by
Host: webresource.english.c-ctrip.com
URL: https://webresource.english.c-ctrip.com/code/ubt/_bfa.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13c5f56e11f3da7e5b3de364a71e56a724aafa10240df1a07ebb53d4f5c1559e

Request headers

Referer
https://www.trip.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
content-encoding
gzip
x-service-call
0.004
clogging_trace_id
1376054001725256694
content-length
424
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.trip.com
x-gate-root-id
100025527-0a70c343-467179-736756
access-control-expose-headers
RootMessageId, x-service-call, x-gate-region
access-control-allow-credentials
true
x-gate-region
SHAXY
x-originating-url
https://m.trip.com/restapi/soa2/18088/getAppConfig.json
servermessageid
100025527-0a70c343-467179-736757
rootmessageid
100025527-0a70c343-467179-736756
x-gate
ctrip-gate
da0f9307-054f-41d6-80e2-e8d83812aaba
https://www.trip.com/ Frame 6DF6 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.trip.com/da0f9307-054f-41d6-80e2-e8d83812aaba
Requested by
Host: www.trip.com
URL: https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
616f0380533194359c62cd8535b6951692c79bb921b7c3d89df994c54b01592c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
1912
Content-Type
queryToolDetail
www.trip.com/restapi/soa2/26577/json/ Frame 6DF6 		1013 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.trip.com/restapi/soa2/26577/json/queryToolDetail
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ibu/partner-online/ad_vendor.29f5eb675d460116569fd192d412b3e7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
580f064ed3d061ef9b143e9157bca09e95bdc021b3fd83d025fed499d5961d0e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
content-encoding
gzip
x-capa-server
capa-service
x-envoy-upstream-service-time
9
x-service-call
0.02
x-ibu-trip-region
SIN-AWS-IBU
content-length
621
x-trip-region
sg
server
nginx/1.20.1
vary
accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.trip.com
x-gate-root-id
100025527-0a8166f4-467179-1353578
access-control-expose-headers
RootMessageId, x-service-call, x-gate-region
access-control-allow-credentials
true
x-gate-region
SIN-AWS
x-originating-url
https://www.trip.com/restapi/soa2/26577/json/queryToolDetail
x-gate
ctrip-gate
wj081g000001hfwb65274.jpg
dimg04.c-ctrip.com/images/ Frame 6DF6 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dimg04.c-ctrip.com/images/wj081g000001hfwb65274.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-122.sin5.r.cloudfront.net
Software
/
Resource Hash
04e214c79d58de0ac1ba90fc4754c13771460436efb76b34a48f362bd6b68b86

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.trip.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 21:57:12 GMT
via
1.1 6e4552eff3e310bad9fd1a8c14b867d8.cloudfront.net (CloudFront)
last-modified
Tue, 12 May 2015 01:00:00 GMT
x-amz-cf-pop
SIN5-C1
age
1979914
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=7776000
timing-allow-origin
*
content-length
171926
x-amz-cf-id
uCAwz-Xgv_3ww5mHL79Ic0ULH3xgTjvS4inGyvg55j0iFxJTrqVUGg==
expires
Sat, 24 Jun 2023 21:57:12 GMT
partener.5b2a473cfb39a3f4c4644de7191c708d.woff
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame 6DF6 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ak-s.tripcdn.com/modules/ibu/partner-online/partener.5b2a473cfb39a3f4c4644de7191c708d.woff
Requested by
Host: ak-s.tripcdn.com
URL: https://ak-s.tripcdn.com/modules/ibu/partner-online/ad_vendor.e3974adf5fc3aab4390cd1e75d62e811.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fba73571c858f2a740ae0f034a83b23c1423521e89b8d4b0461120b7119e9c2b

Request headers

Referer
https://ak-s.tripcdn.com/modules/ibu/partner-online/ad_vendor.e3974adf5fc3aab4390cd1e75d62e811.css
Origin
https://www.trip.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:46 GMT
x-ares-server
r100013666-21027498-x4nvv@SHARB
content-length
1576
x-device
U R Android
x-ares-source
aliyun
last-modified
Thu, 09 Dec 2021 08:33:28 GMT
etag
W/"5b2a473cfb39a3f4c4644de7191c708d"
vary
Origin,Accept-Encoding
content-type
font/woff
access-control-allow-origin
https://www.trip.com
access-control-expose-headers
cache-control
x-ares-request-id
63B3BFDCD4F65235336A39DB
access-control-allow-credentials
true
x-varnish
2705280
cache-control
max-age=4548658
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Jun 2023 11:26:44 GMT
rms.js
webresource.english.c-ctrip.com/resaresenglish/risk/ubtrms/latest/default/ Frame 6DF6 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.english.c-ctrip.com/resaresenglish/risk/ubtrms/latest/default/rms.js?v=20230418
Requested by
Host: webresource.english.c-ctrip.com
URL: https://webresource.english.c-ctrip.com/code/ubt/_bfa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-39.sin2.r.cloudfront.net
Software
/
Resource Hash
80ebe821cafab38948605035f3eb6b6dc0f437554940c50cb78ff6bbbef63aeb

Request headers

Referer
https://www.trip.com/
Origin
https://www.trip.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 16:00:13 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.5), 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
x-ares-server
r100013666-91017039-n2f47@SHAXY
x-amz-cf-pop
SIN2-P1
age
100533
x-cache
Hit from cloudfront
content-length
3288
x-device
U R Android
x-ares-source
aliyun
last-modified
Thu, 05 Jan 2023 11:04:55 GMT
etag
W/"6b0b2711d50944dd7cd5a05bc88a0b77"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
x-ares-request-id
64389B980C384A39324C79EA
access-control-allow-credentials
true
x-varnish
694641764 632701358
cache-control
max-age=5184000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JshcyXpueIrSyjy4W3hWbzQTXgcOg24AxesP_ZzCUw-Aok9Bt5EKQg==
expires
Tue, 13 Jun 2023 00:17:28 GMT
d.min.d7a9ee87.js
webresource.tripcdn.com/resaresenglish/risk/ubtrms/ Frame 6DF6 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webresource.tripcdn.com/resaresenglish/risk/ubtrms/d.min.d7a9ee87.js
Requested by
Host: webresource.english.c-ctrip.com
URL: https://webresource.english.c-ctrip.com/resaresenglish/risk/ubtrms/latest/default/rms.js?v=20230418
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.158.168 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-158-168.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4f5857e0684cf48abb79230cd50d35443a30da7d03021c5236e0ead6116e98b

Request headers

Referer
https://www.trip.com/
Origin
https://www.trip.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:55:47 GMT
content-encoding
gzip
x-ares-server
r100013666-21027498-4n98l@SHARB
content-length
25889
x-ares-source
aliyun
last-modified
Tue, 21 Dec 2021 07:41:01 GMT
etag
W/"d7a9ee8758de5c8cdb30b9f07f2dabd9"
vary
Origin,Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
cache-control
x-ares-request-id
63B6B0363536F73134B96287
access-control-allow-credentials
true
x-varnish
18434105
cache-control
max-age=3066399
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 07:42:26 GMT
d
chloro.trip.com/v2/ Frame 6DF6 		109 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://chloro.trip.com/v2/d
Requested by
Host: webresource.tripcdn.com
URL: https://webresource.tripcdn.com/resaresenglish/risk/ubtrms/d.min.d7a9ee87.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
3.123.186.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-186-207.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
c7dc49b615929340f5eec0c08b16664a8c5f789c9ce5b240a1461c5b34b98474

Request headers

Referer
https://www.trip.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.trip.com
date
Tue, 18 Apr 2023 19:55:48 GMT
access-control-allow-credentials
true
server
nginx/1.20.1
access-control-allow-headers
x-ctrip-canary-req,x-ctx-CanaryReq,x-ctx-CanarySrc,x-ctx-CanaryIdc,x-cat-trace-mode
content-length
109
collect
ubt-sin.tripcdn.com/bee/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ubt-sin.tripcdn.com/bee/collect
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.141.241.6 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-241-6.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.trip.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,content-type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.trip.com
date
Tue, 18 Apr 2023 19:55:48 GMT
p3p
CP=CUR ADM OUR NOR STA NID
server
nginx/1.20.1
collect
ubt-sin.tripcdn.com/bee/ Frame 6DF6 		66 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ubt-sin.tripcdn.com/bee/collect
Requested by
Host: webresource.english.c-ctrip.com
URL: https://webresource.english.c-ctrip.com/code/ubt/_bfa.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.141.241.6 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-241-6.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
c19d3fbcff05706143948380d3e5fb37e317245dca11c4c1703643f38e2d8d46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.trip.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 19:55:48 GMT
x-content-type-options
nosniff
server
nginx/1.20.1
x-forwarded-for
209.58.162.217
content-type
application/json
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
https://www.trip.com
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-length
66
expires
Thu, 01 Jan 1970 00:00:00 GMT
bf.gif
ubt-sin.tripcdn.com/ Frame 6DF6 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ubt-sin.tripcdn.com/bf.gif?ac=g&d=%7B%22c%22%3A%5B10650045694%2C%221681847746461.1btbov%22%2C1%2C1%2C%22%22%2C%22%22%2C%22%22%2C%222.8.41%2Ftrip%22%2C%221wljp21-q7k7pu-1n51dt8%22%2C%22%22%2Cnull%2C%22%22%2C%22%22%2C%22%22%2C%22online%22%2C%22SIN-AWS-IBU%22%2C3%2Cnull%2C%22https%3A%2F%2Fwww.trip.com%2Fpartners%2Fad%2FS13838%3FAllianceid%3D3329986%26SID%3D15772183%26ouid%3D%22%5D%2C%22d%22%3A%7B%22uinfo%22%3A%5B18%2C0%2C0%2C%22https%3A%2F%2Fwww.trip.com%2Fpartners%2Fad%2FS13838%3FAllianceid%3D3329986%26SID%3D15772183%26ouid%3D%22%2C1600%2C1200%2C%22cl%3D0%2Cckl%3D0%22%2C%22en-us%22%2C%22%22%2C%22%22%2C%22https%3A%2F%2Ft66.asia%2F%22%2C%22%22%2C1%2C0%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2Cnull%2C%22%22%2C%22%22%2C%22online%22%2C1%2C1%2C%22%7B%5C%22fef_name%5C%22%3A%5C%22%5C%22%2C%5C%22fef_ver%5C%22%3A%5C%22%5C%22%2C%5C%22tz%5C%22%3A0%2C%5C%22dt%5C%22%3Atrue%2C%5C%22rg%5C%22%3A%5C%22%5C%22%2C%5C%22lang%5C%22%3A%5C%22en-XX%5C%22%7D%22%2C%22%22%2C%22%22%2C%22%22%2C%7B%7D%2C%22%22%2Cnull%2C%7B%22eid%22%3A%22%22%7D%2Cnull%2Cnull%2Cnull%5D%7D%7D&mt=1681847749769&jv=2.8.41/trip
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.141.241.6 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-241-6.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 19:55:49 GMT
x-content-type-options
nosniff
server
nginx/1.20.1
content-type
image/gif
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak-s.tripcdn.com
chloro.trip.com
dimg04.c-ctrip.com
m.trip.com
t66.asia
ubt-sin.tripcdn.com
webresource.english.c-ctrip.com
webresource.tripcdn.com
www.trip.com
104.69.158.168
13.33.33.39
13.35.8.122
18.141.241.6
3.123.186.207
45.76.183.16
04e214c79d58de0ac1ba90fc4754c13771460436efb76b34a48f362bd6b68b86
13c5f56e11f3da7e5b3de364a71e56a724aafa10240df1a07ebb53d4f5c1559e
21f2f4fa60334feeafa4f75bbb027d1ef818485b42ab8cf7aaabedee70c9ec96
2e1fcd987618f849fb02487e5c576453424595f2dfc9a9ecfa87642c2cf282c3
46a5624b87673e1c40b93ad6facb2214fb7ff7d7a61381edbceed0badf51ba47
580f064ed3d061ef9b143e9157bca09e95bdc021b3fd83d025fed499d5961d0e
616f0380533194359c62cd8535b6951692c79bb921b7c3d89df994c54b01592c
80ebe821cafab38948605035f3eb6b6dc0f437554940c50cb78ff6bbbef63aeb
829008ac562da506c401ac714f63c36fa33a8ff44d46e3291fa8268801050925
a4f5857e0684cf48abb79230cd50d35443a30da7d03021c5236e0ead6116e98b
afd14fa5b191c88d334e71bb2dd7a5faf9f25c15a3eb99d764bdfff11828de85
b63228fa5f87d801da03ce2ebec21948238298bee6db7fd2c00dc1fe09b5031e
c19d3fbcff05706143948380d3e5fb37e317245dca11c4c1703643f38e2d8d46
c7dc49b615929340f5eec0c08b16664a8c5f789c9ce5b240a1461c5b34b98474
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
ea131f1a6a0c09115d88164099411421a65c7b9add06b2bab4c31426844c4d8e
f9854e282bf970d1f1841d2227a4909f1aba8c913b1c51c65aa165fbc8dda5b2
fba73571c858f2a740ae0f034a83b23c1423521e89b8d4b0461120b7119e9c2b
ff6d6dc5d7f4fe7a30ad0e6b88ae741b8d183908ad2c51780916cb56a9af46a7