demeter.trip.com Open in urlscan Pro
103.99.72.25 Public Scan

URL:
http://demeter.trip.com/
Submission: On November 20 via api (November 20th 2020, 4:50:23 pm UTC) from CN

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 103.99.72.25, located in Hong Kong and belongs to TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK. The main domain is demeter.trip.com.

This is the only time demeter.trip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	103.99.72.25 103.99.72.25	133929 (TWOWINCOL...) (TWOWINCOLIMITED-AS-AP TWOWIN CO.)
3	240e:979:9503... 240e:979:9503:1:3::3fb	131325 (CHINATELE...) (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network)
1	49.79.239.75 49.79.239.75	131325 (CHINATELE...) (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network)
15	3

11 103.99.72.25 (Hong Kong)

ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK)

demeter.trip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 240e:979:9503:1:3::3fb (China)

ASN131325 (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network, CN)

open.itboy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.79.239.75 (China)

ASN131325 (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network, CN)

open.itboy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	trip.com demeter.trip.com	148 KB
4	itboy.net open.itboy.net	196 KB
15	2

	Domain	Requested by
11	demeter.trip.com	demeter.trip.com
4	open.itboy.net	demeter.trip.com
15	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://demeter.trip.com/
Frame ID: 3ECCA8C836DB0472C33517AE3D58A9A3
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

15
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

344 kB
Transfer

394 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request Cookie set / Show response demeter.trip.com/	58 KB 11 KB	815ms 484ms	Document text/html	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `f572f9921dd37eed3d0d2e7cd07fa6cb9b689eab29607dc322e16933a0696177` Request headers Host demeter.trip.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Server nginx/1.16.1 Date Fri, 20 Nov 2020 16:49:59 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Access-Control-Max-Age 86400 Cache-Control no-cache, no-store, must-revalidate Pragma no-cache X-Powered-By 3.2.1 Set-Cookie JSESSIONID=BFA8EC11846E789EB49904C1734F62CD; Path=/; HttpOnly Content-Encoding gzip Vary Accept-Encoding
GET H/1.1	200	reset.css demeter.trip.com/css/	1 KB 2 KB	500ms 487ms	Stylesheet text/css	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/css/reset.css Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `55fb3c22ba4fbf8407633e89e034551143dab92d34bb595342419755aa1ccd44` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type text/css;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 1051
GET H/1.1	200	supersized.css demeter.trip.com/css/	2 KB 2 KB	494ms 481ms	Stylesheet text/css	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/css/supersized.css Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `4255a470f2abfc326f533520534adc5605d16dba555620aadd3494e9fd48746f` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type text/css;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 1679
GET H/1.1	200	style.css demeter.trip.com/css/	5 KB 2 KB	489ms 476ms	Stylesheet text/css	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/css/style.css Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `c5c70855479402f6669ed96f497915dc5a3d8feb786708ee30e50d8275008d43` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 20 Nov 2020 16:49:59 GMT Content-Encoding gzip Vary Accept-Encoding X-Powered-By 3.2.1 Transfer-Encoding chunked Connection keep-alive Pragma no-cache Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type text/css;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token
GET H/1.1	200	jquery-2.1.3.min.js Show response demeter.trip.com/js/	82 KB 83 KB	250ms 248ms	Script application/javascript	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/js/jquery-2.1.3.min.js Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 84320
GET H/1.1	200	MD5.js Show response demeter.trip.com/js/	6 KB 7 KB	500ms 486ms	Script application/javascript	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/js/MD5.js Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `dcac5f01c76d22dd8df2b4bb29fbba8a1d12c04ef3e5d91b88de5932c957455e` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 6534
GET H/1.1	200	supersized.3.2.7.min.js Show response demeter.trip.com/js/	18 KB 19 KB	501ms 487ms	Script application/javascript	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/js/supersized.3.2.7.min.js Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `ae08499949fe69bacab408e2f744fcc172718f18cec78daed3966d17aae9ceda` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 18606
GET H/1.1	200	supersized-init.js Show response demeter.trip.com/js/	2 KB 2 KB	508ms 246ms	Script application/javascript	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/js/supersized-init.js Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `665f0fca8008598a390c1561dffc8c0705e87a8c0ae76fb062a78ac5a5b586b5` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 1630
GET H/1.1	200	layer.js Show response demeter.trip.com/js/layer/	15 KB 15 KB	514ms 248ms	Script application/javascript	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/js/layer/layer.js Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `1ae25163d40b1513914331bacf2d7d532aefda9737feb6ef92e232c3b763a1aa` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 14952
GET H/1.1	200	login.js Show response demeter.trip.com/js/	3 KB 3 KB	523ms 250ms	Script application/javascript	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/js/login.js Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `427e0382bd88e510696d34ad1be38b9af67fe628bc466b15ad127c367e817f79` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 20 Nov 2020 16:49:59 GMT Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 X-Powered-By 3.2.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type application/javascript;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token Content-Length 2772
GET H/1.1	200	layer.css demeter.trip.com/js/layer/skin/	11 KB 3 KB	249ms 248ms	Stylesheet text/css	103.99.72.25 TWOWINCOLIMITED-A...
General Check archive.org Show headers Download Go to Full URL http://demeter.trip.com/js/layer/skin/layer.css Requested by Host: demeter.trip.com URL: http://demeter.trip.com/js/layer/layer.js Protocol HTTP/1.1 Server 103.99.72.25 , Hong Kong, ASN133929 (TWOWINCOLIMITED-AS-AP TWOWIN CO., LIMITED, HK), Reverse DNS Software nginx/1.16.1 / 3.2.1 Resource Hash `982d746fd4a0ff7564fc83e2268f08556a1a2e66d29e254e60bc1fb8915fa335` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 20 Nov 2020 16:50:01 GMT Content-Encoding gzip Vary Accept-Encoding X-Powered-By 3.2.1 Transfer-Encoding chunked Connection keep-alive Pragma no-cache Last-Modified Wed, 21 Oct 2020 08:47:28 GMT Server nginx/1.16.1 Access-Control-Max-Age 86400 Access-Control-Allow-Methods OPTIONS, GET, POST, PUT, DELETE Content-Type text/css;charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, token
GET H/1.1	200 OK	login_3.jpg open.itboy.net/itboy/js/itboy/app/	52 KB 53 KB	1635ms 260ms	Image image/jpeg	240e:979:9503:1:3::3fb CHINATELECOM-JIAN...
General Check archive.org Show headers Download Go to Show image Full URL http://open.itboy.net/itboy/js/itboy/app/login_3.jpg Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 240e:979:9503:1:3::3fb , China, ASN131325 (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network, CN), Reverse DNS Software Tengine / Resource Hash `366d767f7c1df1038bbeb8308c85b38a9782166eb556fb5059c121160a099384` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Qiniu-Zone 0 X-Log X-Log Date Mon, 09 Nov 2020 10:25:56 GMT Via c7.l2cn2648(0,304-0,H), c11.l2cn2648(1,0), c11.l2cn2648(1,0), k2.cn1313(0,200-0,H), k3.cn1313(2,0) X-Svr IO Age 973447 X-Cache HIT TCP_HIT dirn:10:716575857 X-Sqd-GStime 1592531083 X-Sqd-Stime Mon, 16 Nov 2020 09:17:01 GMT Content-Transfer-Encoding binary Content-Disposition inline; filename="login_3.jpg"; filename=utf-8''login_3.jpg Connection* keep-alive X-Sqd-Ctime 2592000 Content-Length 52931 X-M-Reqid wjQAAG9X368D0EUW X-M-Log QNM:xs442;SRCPROXY:xs1755;SRC:12/304;SRCPROXY:12/304;QNM3:13/304 Last-Modified Wed, 16 Mar 2016 06:17:56 GMT Server Tengine Etag "FlvimyY3Ctn7BazdWXOGPUP6t4CB" Access-Control-Max-Age 2592000 Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * X-Qnm-Cache Miss EagleId 314fef1716058910031502613e X-Reqid ek4AAADB5q8D0EUW Expires Mon, 16 Nov 2020 03:48:28 GMT
GET H/1.1	200 OK	login_1.jpg open.itboy.net/itboy/js/itboy/app/	70 KB 71 KB	1636ms 261ms	Image image/jpeg	240e:979:9503:1:3::3fb CHINATELECOM-JIAN...
General Check archive.org Show headers Download Go to Show image Full URL http://open.itboy.net/itboy/js/itboy/app/login_1.jpg Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 240e:979:9503:1:3::3fb , China, ASN131325 (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network, CN), Reverse DNS Software Tengine / Resource Hash `7c4e36e80ff112fb905230f5aac15b48759996529be3acaf67e60508e18c873f` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Qiniu-Zone 0 X-Log X-Log Date Sun, 08 Nov 2020 06:42:39 GMT Via c40.l2cn2648(0,304-0,H), c35.l2cn2648(1,0), c35.l2cn2648(13,0), k2.cn1313(0,200-0,H), k2.cn1313(3,0) X-Svr IO Age 1073244 X-Cache HIT TCP_HIT dirn:11:741645163 X-Sqd-GStime 1592531083 X-Sqd-Stime Mon, 16 Nov 2020 08:59:51 GMT Content-Transfer-Encoding binary Content-Disposition inline; filename="login_1.jpg"; filename=utf-8''login_1.jpg Connection* keep-alive X-Sqd-Ctime 2592000 Content-Length 72128 X-M-Reqid 4UIAAOAbgMo_dUUW X-M-Log QNM:jjh1520;QNM3:25/304 Last-Modified Wed, 16 Mar 2016 06:17:55 GMT Server Tengine Etag "Fk_9qw7nW2bk9gC0IxAtQNXf243t" Access-Control-Max-Age 2592000 Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * X-Qnm-Cache Hit EagleId 314fef1616058910031525060e X-Reqid AJYAAAC-aCF0HjkW Expires Sat, 17 Oct 2020 03:50:54 GMT
GET H/1.1	200 OK	login_2.jpg open.itboy.net/itboy/js/itboy/app/	67 KB 68 KB	1640ms 262ms	Image image/jpeg	240e:979:9503:1:3::3fb CHINATELECOM-JIAN...
General Check archive.org Show headers Download Go to Show image Full URL http://open.itboy.net/itboy/js/itboy/app/login_2.jpg Requested by Host: demeter.trip.com URL: http://demeter.trip.com/ Protocol HTTP/1.1 Server 240e:979:9503:1:3::3fb , China, ASN131325 (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network, CN), Reverse DNS Software Tengine / Resource Hash `def90ff85fa7e3443727fc295f5e9471fda137c7fe96ccd14f3caa2a37f3d69e` Request headers Referer http://demeter.trip.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Qiniu-Zone 0 X-Log X-Log Date Mon, 09 Nov 2020 01:20:07 GMT Via c48.l2cn2648(0,304-0,H), c35.l2cn2648(0,0), c35.l2cn2648(1,0), k9.cn1313(0,200-0,H), k1.cn1313(3,0) X-Svr IO Age 1006196 X-Cache HIT TCP_HIT dirn:10:71407528 X-Sqd-GStime 1592531083 X-Sqd-Stime Mon, 16 Nov 2020 09:16:53 GMT Content-Transfer-Encoding binary Content-Disposition inline; filename="login_2.jpg"; filename=utf-8''login_2.jpg Connection* keep-alive X-Sqd-Ctime 2592000 Content-Length 68833 X-M-Reqid -w8AAOkQb6U6skUW X-M-Log QNM:jjh1502;QNM3:20/304 Last-Modified Wed, 16 Mar 2016 06:17:56 GMT Server Tengine Etag "Fsau8bPUNmpU83bh35s03LZv2GLQ" Access-Control-Max-Age 2592000 Content-Type image/jpeg Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * X-Qnm-Cache Hit EagleId 314fef1516058910031522371e X-Reqid VlwAAADlmR90HjkW Expires Tue, 18 Aug 2020 03:10:59 GMT
GET H/1.1	200 OK	progress.gif open.itboy.net/itboy/js/itboy/app/	3 KB 4 KB	1936ms 503ms	Image image/gif	49.79.239.75 CHINATELECOM-JIAN...
General Check archive.org Show headers Download Go to Show image Full URL http://open.itboy.net/itboy/js/itboy/app/progress.gif Requested by Host: demeter.trip.com URL: http://demeter.trip.com/css/supersized.css Protocol HTTP/1.1 Server 49.79.239.75 , China, ASN131325 (CHINATELECOM-JIANGSU-NANTONG-MAN CHINATELECOM JIANGSU province NANTONG MAN network, CN), Reverse DNS Software Tengine / Resource Hash `bcfc4de3a54e646b8fd90b6869593d1150cbddafb1bc4e50f79297d81ea4473b` Request headers Referer http://demeter.trip.com/css/supersized.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Qiniu-Zone 0 X-Log X-Log Date Wed, 04 Nov 2020 06:36:10 GMT Via c31.l2cn2648(0,304-0,H), c46.l2cn2648(1,0), c46.l2cn2648(1,0), k8.cn1313(0,200-0,H), k10.cn1313(2,0) X-Svr IO Age 1419233 X-Cache HIT TCP_HIT dirn:0:288481385 X-Sqd-GStime 1592531083 X-Sqd-Stime Mon, 16 Nov 2020 06:54:31 GMT Content-Transfer-Encoding binary Content-Disposition inline; filename="progress.gif"; filename=utf-8''progress.gif Connection* keep-alive X-Sqd-Ctime 2592000 Content-Length 2608 X-M-Reqid qAMAADUhJxmTOkQW X-M-Log QNM:jjh1512;QNM3:40/304 Last-Modified Wed, 16 Mar 2016 06:17:56 GMT Server Tengine Etag "FugBBOs-bO2NgLlV-YJjibNOLXhF" Access-Control-Max-Age 2592000 Content-Type image/gif Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Log, X-Reqid Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * X-Qnm-Cache Hit EagleId 314fef1e16058910034356877e X-Reqid gIwAAAARpsf2MzYW Expires Mon, 19 Oct 2020 13:57:32 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			demeter.trip.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: BFA8EC11846E789EB49904C1734F62CD

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

demeter.trip.com
open.itboy.net
103.99.72.25
240e:979:9503:1:3::3fb
49.79.239.75
1ae25163d40b1513914331bacf2d7d532aefda9737feb6ef92e232c3b763a1aa
366d767f7c1df1038bbeb8308c85b38a9782166eb556fb5059c121160a099384
4255a470f2abfc326f533520534adc5605d16dba555620aadd3494e9fd48746f
427e0382bd88e510696d34ad1be38b9af67fe628bc466b15ad127c367e817f79
55fb3c22ba4fbf8407633e89e034551143dab92d34bb595342419755aa1ccd44
665f0fca8008598a390c1561dffc8c0705e87a8c0ae76fb062a78ac5a5b586b5
7c4e36e80ff112fb905230f5aac15b48759996529be3acaf67e60508e18c873f
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
982d746fd4a0ff7564fc83e2268f08556a1a2e66d29e254e60bc1fb8915fa335
ae08499949fe69bacab408e2f744fcc172718f18cec78daed3966d17aae9ceda
bcfc4de3a54e646b8fd90b6869593d1150cbddafb1bc4e50f79297d81ea4473b
c5c70855479402f6669ed96f497915dc5a3d8feb786708ee30e50d8275008d43
dcac5f01c76d22dd8df2b4bb29fbba8a1d12c04ef3e5d91b88de5932c957455e
def90ff85fa7e3443727fc295f5e9471fda137c7fe96ccd14f3caa2a37f3d69e
f572f9921dd37eed3d0d2e7cd07fa6cb9b689eab29607dc322e16933a0696177

demeter.trip.com Open in urlscan Pro 103.99.72.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

0 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

344 kBTransfer

394 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

1 Cookies

Indicators

demeter.trip.com Open in urlscan Pro
103.99.72.25 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

344 kB
Transfer

394 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions