download2.ctrip.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2a02:26f0:3500:18::1724:a297, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is download2.ctrip.com. The Cisco Umbrella rank of the primary domain is 135326.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 14th 2024. Valid for: a year.

This is the only time download2.ctrip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a02:26f0:350... 2a02:26f0:3500:18::1724:a297	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:9000:236... 2600:9000:236e:d400:0:d9ae:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2

2 2a02:26f0:3500:18::1724:a297 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

download2.ctrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:236e:d400:0:d9ae:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pic.c-ctrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	c-ctrip.com pic.c-ctrip.com — Cisco Umbrella Rank: 117216	112 KB
2	ctrip.com download2.ctrip.com — Cisco Umbrella Rank: 135326	12 KB
6	2

	Domain	Requested by
4	pic.c-ctrip.com	download2.ctrip.com
2	download2.ctrip.com
6	2

This site contains links to these domains. Also see Links.

Domain
www.ctrip.com
pages.ctrip.com

Subject Issuer	Validity	Valid
*.ctrip.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-14` - `2025-03-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://download2.ctrip.com/
Frame ID: 170C377116CB6273E0B62F14C611DB5A
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

携程旅行网

Page URL History Show full URLs

http://download2.ctrip.com/ HTTP 307
https://download2.ctrip.com/ Page URL

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

124 kB
Transfer

121 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ctrip.com/
Title: Ctrip

Search URL Search Domain Scan URL

URL: http://pages.ctrip.com/public/copyright.htm
Title: Copyright©

Search URL Search Domain Scan URL

URL: http://pages.ctrip.com/public/ctripab/abctrip.htm
Title: ctrip.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://download2.ctrip.com/ HTTP 307
https://download2.ctrip.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request / Show response download2.ctrip.com/ Redirect Chain http://download2.ctrip.com/ https://download2.ctrip.com/	6 KB 6 KB	476ms 295ms	Document text/html	2a02:26f0:3500:18::1724:a297 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://download2.ctrip.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty/1.9.7.2 / Resource Hash `f494601d2b77159fb373ecb5294246f378d4a3a3780c192d5b2484cbec4a27e4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers c-via akamai cache-control max-age=0 content-length 5813 content-type text/html date Wed, 03 Apr 2024 09:03:43 GMT etag "571f0131-16b5" expires Wed, 03 Apr 2024 09:03:43 GMT server openresty/1.9.7.2 unique-request-id 261343d1 x-cdn-cache MISS x-cdn-pop DE Redirect headers Location https://download2.ctrip.com/ Non-Authoritative-Reason HttpsUpgrades
GET H2	200	404_bg.jpg pic.c-ctrip.com/common/	44 KB 45 KB	1408ms 1066ms	Image image/jpeg	2600:9000:236e:d400:0:d9ae:9ac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pic.c-ctrip.com/common/404_bg.jpg Requested by Host: download2.ctrip.com URL: https://download2.ctrip.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:d400:0:d9ae:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `051e3a951210d5f1d712f6c509931d53452158311d9d2f471581d882e861e9a0` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://download2.ctrip.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 09:03:44 GMT via 1.1 varnish (Varnish/6.5), 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront) x-ares-server r100013666-21027498-dwgbf@SHARB x-amz-cf-pop FRA60-P1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 45523 x-ares-source aliyun last-modified Wed, 15 Jan 2020 12:11:25 GMT etag W/"e5e6498d4dc41b8cd2dc4a94de92ac88" vary Origin,Accept-Encoding content-type image/jpeg access-control-allow-origin * access-control-expose-headers cache-control x-ares-request-id 66012F4C6A7F64313087117C access-control-allow-credentials true x-varnish 684806235 620830414 cache-control max-age=5184000 accept-ranges bytes timing-allow-origin * x-amz-cf-id UK7hnHReB3D_lOdvmcublyJqYu6cNz07o3D3LdPKxL48rLjFEqeH2Q== expires Fri, 24 May 2024 08:01:16 GMT
GET H2	200	un_pic.png pic.c-ctrip.com/common/	22 KB 23 KB	1386ms 1044ms	Image image/png	2600:9000:236e:d400:0:d9ae:9ac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pic.c-ctrip.com/common/un_pic.png Requested by Host: download2.ctrip.com URL: https://download2.ctrip.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:d400:0:d9ae:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `b2b10955fe260163486cc24a6f7c7f3110c88f646c25e13f7e8f09dcad301802` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://download2.ctrip.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 09:03:44 GMT via 1.1 varnish (Varnish/6.5), 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront) x-ares-server r100013666-91017039-lgql5@SHAXY x-amz-cf-pop FRA60-P1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 22543 x-ares-source aliyun last-modified Wed, 15 Jan 2020 12:11:27 GMT etag W/"15da5e69852604c6fc2c756f9d9d21df" vary Origin,Accept-Encoding content-type image/png access-control-allow-origin * access-control-expose-headers cache-control x-ares-request-id 660A7863C5B6CF393873BB06 access-control-allow-credentials true x-varnish 632410703 610922085 cache-control max-age=5184000 accept-ranges bytes timing-allow-origin * x-amz-cf-id 24HOFubkfPKp7MKL9Gc20UvfY-CP9RCycqf2q_NebF-f7yqyN3hCBQ== expires Fri, 31 May 2024 09:03:31 GMT
GET H2	200	beam.png pic.c-ctrip.com/common/	14 KB 14 KB	1355ms 1014ms	Image image/png	2600:9000:236e:d400:0:d9ae:9ac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pic.c-ctrip.com/common/beam.png Requested by Host: download2.ctrip.com URL: https://download2.ctrip.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:d400:0:d9ae:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `cb4d1bbf10981b60127ca5d84be3ed553190e93f429635a57d3265f133c6a720` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://download2.ctrip.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 09:03:44 GMT via 1.1 varnish (Varnish/6.5), 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront) x-ares-server r100013666-91017039-xzw4n@SHAXY x-amz-cf-pop FRA60-P1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 13956 x-ares-source aliyun last-modified Wed, 15 Jan 2020 12:11:25 GMT etag W/"970581dfe687b464257058aab99bd9e6" vary Origin,Accept-Encoding content-type image/png access-control-allow-origin * access-control-expose-headers cache-control x-ares-request-id 660D1B70C7D4F034333094C1 access-control-allow-credentials true x-varnish 632121354 cache-control max-age=5184000 accept-ranges bytes timing-allow-origin * x-amz-cf-id 420bi_oXuyF24CRYZmOuWM8pz_R_wOFKu60Ff3jWCIdLHNwQRi6uyQ== expires Sun, 02 Jun 2024 09:03:44 GMT
GET H2	200	bl.png pic.c-ctrip.com/common/	30 KB 30 KB	1442ms 1101ms	Image image/png	2600:9000:236e:d400:0:d9ae:9ac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pic.c-ctrip.com/common/bl.png Requested by Host: download2.ctrip.com URL: https://download2.ctrip.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:d400:0:d9ae:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `84f3027b042cd5376c49550bac28d6fd3b26a98abb7c2f564b6e56ff2784daed` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://download2.ctrip.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 09:03:44 GMT via 1.1 varnish (Varnish/6.5), 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront) x-ares-server r100013666-91017039-lgql5@SHAXY x-amz-cf-pop FRA60-P1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 30275 x-ares-source aliyun last-modified Wed, 15 Jan 2020 12:11:25 GMT etag W/"d623fcb1b232de45f5d24103ac249d46" vary Origin,Accept-Encoding content-type image/png access-control-allow-origin * access-control-expose-headers cache-control x-ares-request-id 660D1B7066DB8239336ED117 access-control-allow-credentials true x-varnish 552651589 cache-control max-age=5184000 accept-ranges bytes timing-allow-origin * x-amz-cf-id K_M2oPa0DRwbI2__-QeaYGvQMAhyk8Ygf7C2xFo2jWbmJapivD803w== expires Sun, 02 Jun 2024 09:03:44 GMT
GET H2	404	favicon.ico download2.ctrip.com/	6 KB 6 KB	432ms 431ms	Other text/html	2a02:26f0:3500:18::1724:a297 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://download2.ctrip.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a297 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software openresty/1.9.7.2 / Resource Hash `f494601d2b77159fb373ecb5294246f378d4a3a3780c192d5b2484cbec4a27e4` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://download2.ctrip.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 09:03:46 GMT unique-request-id 261372dd server openresty/1.9.7.2 x-cdn-cache MISS etag "571f0131-16b5" c-via akamai content-type text/html cache-control max-age=0 x-cdn-pop DE content-length 5813 expires Wed, 03 Apr 2024 09:03:46 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://download2.ctrip.com/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://download2.ctrip.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

download2.ctrip.com
pic.c-ctrip.com
2600:9000:236e:d400:0:d9ae:9ac0:93a1
2a02:26f0:3500:18::1724:a297
051e3a951210d5f1d712f6c509931d53452158311d9d2f471581d882e861e9a0
84f3027b042cd5376c49550bac28d6fd3b26a98abb7c2f564b6e56ff2784daed
b2b10955fe260163486cc24a6f7c7f3110c88f646c25e13f7e8f09dcad301802
cb4d1bbf10981b60127ca5d84be3ed553190e93f429635a57d3265f133c6a720
f494601d2b77159fb373ecb5294246f378d4a3a3780c192d5b2484cbec4a27e4

download2.ctrip.com Open in urlscan Pro 2a02:26f0:3500:18::1724:a297 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

124 kBTransfer

121 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

download2.ctrip.com Open in urlscan Pro
2a02:26f0:3500:18::1724:a297 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

124 kB
Transfer

121 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions