Submitted URL: http://nsair.flights.ctrip.com/
Effective URL: https://nsair.flights.ctrip.com/
Submission: On December 15 via api from CN

Summary

This website contacted 19 IPs in 5 countries across 10 domains to perform 69 HTTP transactions. The main IP is 140.206.211.12, located in Shanghai, China and belongs to CNCGROUP-SH China Unicom Shanghai network, CN. The main domain is nsair.flights.ctrip.com.
TLS certificate: Issued by DigiCert CN RSA CA G1 on June 8th 2020. Valid for: 2 years.
This is the only time nsair.flights.ctrip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 140.206.211.12 17621 (CNCGROUP-...)
39 23.5.100.126 16625 (AKAMAI-AS)
4 211.95.54.1 17621 (CNCGROUP-...)
7 23.203.74.55 16625 (AKAMAI-AS)
2 140.206.211.36 17621 (CNCGROUP-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 180.101.49.201 134756 (CHINANET-...)
1 172.217.23.162 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 112.65.69.51 17621 (CNCGROUP-...)
2 180.163.247.134 4812 (CHINANET-...)
1 221.228.208.3 138950 (CHINATELE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 221.228.208.97 138950 (CHINATELE...)
1 111.202.114.81 4808 (CHINA169-...)
69 19
Domain Requested by
27 webresource.c-ctrip.com nsair.flights.ctrip.com
webresource.c-ctrip.com
9 pic.c-ctrip.com webresource.c-ctrip.com
nsair.flights.ctrip.com
6 s.c-ctrip.com nsair.flights.ctrip.com
4 m.ctrip.com webresource.c-ctrip.com
3 images4.c-ctrip.com webresource.c-ctrip.com
3 nsair.flights.ctrip.com 1 redirects webresource.c-ctrip.com
2 ckmap.mediav.com
2 www.google.de
2 www.google.com 1 redirects
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 www.google-analytics.com webresource.c-ctrip.com
www.google-analytics.com
1 eclick.baidu.com
1 cms.gtags.net webresource.c-ctrip.com
1 crm.ws.ctrip.com webresource.c-ctrip.com
1 dat.gtags.net
1 secure.mediav.com
1 www.googleadservices.com webresource.c-ctrip.com
1 cpro.baidu.com webresource.c-ctrip.com
1 stats.g.doubleclick.net www.google-analytics.com
1 accounts.ctrip.com webresource.c-ctrip.com
1 cdid.c-ctrip.com webresource.c-ctrip.com
69 21

This site contains links to these domains. Also see Links.

Domain
www.ctrip.com
us.trip.com
uk.trip.com
hk.trip.com
kr.trip.com
jp.trip.com
sg.trip.com
au.trip.com
de.trip.com
fr.trip.com
es.trip.com
it.trip.com
ru.trip.com
th.trip.com
id.trip.com
my.trip.com
vn.trip.com
nl.trip.com
pl.trip.com
gr.trip.com
tr.trip.com
br.trip.com
passport.ctrip.com
my.ctrip.com
sinfo.ctrip.com
messagelist.ctrip.com
smarket.ctrip.com
secure.ctrip.com
kefu.ctrip.com
bus.ctrip.com
livechat.ctrip.com
app.ctrip.com
hotels.ctrip.com
inn.ctrip.com
vacations.ctrip.com
cruise.ctrip.com
piao.ctrip.com
mice.ctrip.com
www.hhtravel.com
fun.iwanoutdoor.com
flights.ctrip.com
taocan.ctrip.com
trains.ctrip.com
rails.ctrip.com
pages.c-ctrip.com
car.ctrip.com
my.
huodong.ctrip.com
you.ctrip.com
g.ctrip.com
tax.ctrip.com
card.ctrip.com
forex.ctrip.com
lipin.ctrip.com
ct.ctrip.com
dst.ctrip.com
jr.ctrip.com
mall.ctrip.com
cards.ctrip.com
3uair.flights.ctrip.com
8lair.flights.ctrip.com
bkair.flights.ctrip.com
caair.flights.ctrip.com
cnair.flights.ctrip.com
czair.flights.ctrip.com
euair.flights.ctrip.com
fmair.flights.ctrip.com
g5air.flights.ctrip.com
gsair.flights.ctrip.com
hoair.flights.ctrip.com
huair.flights.ctrip.com
jdair.flights.ctrip.com
jrair.flights.ctrip.com
knair.flights.ctrip.com
kyair.flights.ctrip.com
mfair.flights.ctrip.com
muair.flights.ctrip.com
pnair.flights.ctrip.com
scair.flights.ctrip.com
tvair.flights.ctrip.com
zhair.flights.ctrip.com
9cair.flights.ctrip.com
pages.ctrip.com
careers.ctrip.com
u.ctrip.com
ebooking.ctrip.com
contents.ctrip.com
m.ctrip.com
www.ctripins.com
ws.downloadfile.fx.ctripcorp.com
beian.miit.gov.cn
www.beian.gov.cn
www.cecpsp.org.cn
scjgj.sh.gov.cn
credit.szfw.org
www.zx110.org
www.shjbzx.cn
ss.knet.cn
www.creditchina.gov.cn
www.12377.cn
services.ctrip.com
fw.scjgj.sh.gov.cn
Subject Issuer Validity Valid
*.ctrip.com
DigiCert CN RSA CA G1
2020-06-08 -
2022-07-30
2 years crt.sh
trip.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-17 -
2021-11-21
a year crt.sh
ctrip.com
DigiCert SHA2 Secure Server CA
2019-11-26 -
2021-02-24
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2020-10-20 -
2021-07-26
9 months crt.sh
www.googleadservices.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.mediav.com
WoTrus OV SSL CA
2020-02-13 -
2022-05-13
2 years crt.sh
*.gtags.net
WoTrus OV SSL CA
2019-04-12 -
2021-04-11
2 years crt.sh
*.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh

This page contains 2 frames:

Primary Page: https://nsair.flights.ctrip.com/
Frame ID: 9431A91E102D0044CB1020F2F64D6B6A
Requests: 68 HTTP requests in this frame

Frame: https://cms.gtags.net/w?a=9
Frame ID: EC23C32AD8E3DB3CAA69B7F75DB98259
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://nsair.flights.ctrip.com/ HTTP 307
    https://nsair.flights.ctrip.com/ Page URL

Page Statistics

69
Requests

100 %
HTTPS

37 %
IPv6

10
Domains

21
Subdomains

19
IPs

5
Countries

417 kB
Transfer

1179 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nsair.flights.ctrip.com/ HTTP 307
    https://nsair.flights.ctrip.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0&is_vtc=1&random=4147992096 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0&is_vtc=1&random=4147992096&ipr=y

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nsair.flights.ctrip.com/
Redirect Chain
  • http://nsair.flights.ctrip.com/
  • https://nsair.flights.ctrip.com/
8 KB
2 KB
Document
General
Full URL
https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.206.211.12 Shanghai, China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash
a5bede0b8797de4cc03fdf0115c39a964a1fb8f3f23664f81c475565ee6d4fcb

Request headers

:method
GET
:authority
nsair.flights.ctrip.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-type
text/html;charset=UTF-8
content-language
en-US
content-encoding
gzip
vary
accept-encoding

Redirect headers

Date
Tue, 15 Dec 2020 19:44:16 GMT
Content-Type
text/html
Content-Length
171
Connection
keep-alive
Location
https://nsair.flights.ctrip.com/
cui110425.css
webresource.c-ctrip.com/ResFlightOnline/P2/styles/
15 KB
4 KB
Stylesheet
General
Full URL
https://webresource.c-ctrip.com/ResFlightOnline/P2/styles/cui110425.css?v=202006051739
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
1bc87926d89604f093bb7a25d086db5375d4cadb6eb71f27991e5532ccc57cab

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00300092@SHAOY
content-type
text/css
x-device
U R Android
accept-ranges
bytes
last-modified
Wed, 27 May 2020 09:16:30 GMT
server
nginx/1.16.1
etag
W/"9c750074abe135d0da28fd1d990d0d1c"
vary
Accept-Encoding
x-varnish
760186251
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=2275419
access-control-allow-credentials
true
content-length
3622
timing-allow-origin
*
expires
Mon, 11 Jan 2021 03:47:56 GMT
seo.css
webresource.c-ctrip.com/ResFlightOnline/P2/styles/
24 KB
6 KB
Stylesheet
General
Full URL
https://webresource.c-ctrip.com/ResFlightOnline/P2/styles/seo.css?v=202006051739
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
05bb2617897803de22290b21f2bf76db78eb796f529277cdc8089589c7e88fd0

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
1210
date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00300099@SHAOY
x-edgeconnect-midmile-rtt
0
content-type
text/css
content-length
5703
last-modified
Wed, 27 May 2020 09:16:30 GMT
server
nginx/1.16.1
etag
W/"ff4d5b600dd677f487568d4e29f838b0"
vary
Accept-Encoding
x-varnish
721840122 512521845
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=2275364
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Jan 2021 03:47:01 GMT
IntegratedJS.js
webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/
14 KB
5 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/IntegratedJS.js
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
baed278e7d6ea5e792900818870ef72b769f9c30685b57a8a54c83b3e6bfb64d

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00271524@SHARB
content-type
application/javascript
content-length
4706
last-modified
Tue, 15 Dec 2020 07:23:22 GMT
etag
W/"b2f772985e0cb7b2a7ac7bb943ff191a"
vary
Accept-Encoding
x-varnish
44482961
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5141132
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Feb 2021 07:49:49 GMT
shim.js
webresource.c-ctrip.com/ResFlightOnline/P2/assets/
76 KB
23 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResFlightOnline/P2/assets/shim.js?v=202006051739
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
028215b11fe65b34e10e98ebc34b9b12ea0323efff4e188796e15744a796411e

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00271523@SHARB
content-type
application/javascript
content-length
23375
last-modified
Wed, 27 May 2020 09:16:30 GMT
etag
W/"2729b81d5b4fa5ef102519abf3e51e0f"
vary
Accept-Encoding
x-varnish
403279157
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=4502201
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Feb 2021 22:20:58 GMT
lib.js
webresource.c-ctrip.com/ResFlightOnline/P2/assets/
84 KB
29 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResFlightOnline/P2/assets/lib.js?v=202006051739
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
1821533639315e665768d822666ae2cc05550fcd6da9a385323c48b0e632cabc

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00300098@SHAOY
content-type
application/javascript
content-length
29490
last-modified
Wed, 27 May 2020 09:16:30 GMT
server
nginx/1.16.1
etag
W/"7eff08e02b6f45c932a5af1bf79a159f"
vary
Accept-Encoding
x-varnish
529366131 504305529
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=2278154
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Jan 2021 04:33:31 GMT
airlinesearchheader.js
webresource.c-ctrip.com/ResFlightOnline/P2/assets/
357 KB
107 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResFlightOnline/P2/assets/airlinesearchheader.js?v=202006051739
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
5751b2faa8d5968638efcd8ec55ac3cb3d0ce194b1edf6a53a187ad02ae024de

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00271525@SHARB
content-type
application/javascript
content-length
108500
last-modified
Wed, 27 May 2020 09:16:30 GMT
server
nginx/1.16.1
etag
W/"3a50508a8db4eecebe771c0a2075d2b2"
vary
Accept-Encoding
x-varnish
231068081 136449109
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=2478775
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jan 2021 12:17:12 GMT
browserDetector.js
webresource.c-ctrip.com/ResFlightOnline/P2/assets/
3 KB
2 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResFlightOnline/P2/assets/browserDetector.js?v=202006051739
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
75d95304e09a801bdd01525297b6b97b27e175067a35fca29b84c0680f06facb

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00300099@SHAOY
content-type
application/javascript
content-length
1413
last-modified
Wed, 27 May 2020 09:16:30 GMT
server
nginx/1.16.1
etag
W/"b8e1ff932abc30bb59ee805dce9c0ba6"
vary
Accept-Encoding
x-varnish
527532491 508565844
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=2278086
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Jan 2021 04:32:23 GMT
commonConfig.json
m.ctrip.com/restapi/soa2/15618/ Frame
0
0
Other
General
Full URL
https://m.ctrip.com/restapi/soa2/15618/commonConfig.json
Protocol
H2
Server
211.95.54.1 , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://nsair.flights.ctrip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Dec 2020 19:44:18 GMT
content-type
text/html
content-length
0
access-control-expose-headers
x-gate-region slb-http-protocol-version
x-gate-root-id
100025527-0a3c4868-446683-1817556
access-control-allow-origin
https://nsair.flights.ctrip.com
access-control-allow-credentials
true
access-control-allow-methods
POST
x-gate-region
SHARB
access-control-allow-headers
content-type
x-gate
ctrip-gate
x-originating-url
https://m.ctrip.com/restapi/soa2/15618/commonConfig.json
slb-http-protocol-version
HTTP/2.0
commonConfig.json
m.ctrip.com/restapi/soa2/15618/
334 B
888 B
XHR
General
Full URL
https://m.ctrip.com/restapi/soa2/15618/commonConfig.json
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/IntegratedJS.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
211.95.54.1 , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash
2e9834bedc3834104d970110416c5bec307d5d0090ddb27f95b92e55b7055147

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
access-control-expose-headers
RootMessageId, x-gate-region, x-service-call, slb-http-protocol-version
x-service-call
0.002
clogging_trace_id
2327901003764271215
x-gate-region
SHARB
vary
accept-encoding
x-originating-url
https://m.ctrip.com/restapi/soa2/15618/commonConfig.json
access-control-allow-origin
https://nsair.flights.ctrip.com
x-gate-root-id
100025527-0a3da2df-446683-1818175
access-control-allow-credentials
true
servermessageid
100025527-0a3da2df-446683-1818174
rootmessageid
100025527-0a3da2df-446683-1818175
slb-http-protocol-version
HTTP/2.0
x-gate
ctrip-gate
_bfa.min.js
webresource.c-ctrip.com/code/ubt/
72 KB
29 KB
Script
General
Full URL
https://webresource.c-ctrip.com/code/ubt/_bfa.min.js?v=202011_15
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResFlightOnline/P2/assets/airlinesearchheader.js?v=202006051739
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
432f61f5cea9ca24f616088619cb5c1149810841c58efd96883c8a264795aa64

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00271526@SHARB
content-type
application/javascript
content-length
29058
last-modified
Fri, 27 Nov 2020 05:52:04 GMT
etag
W/"125ae7e16e194f228c5b19843107b35d"
vary
Accept-Encoding
x-varnish
437233346 437143204
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5084157
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Feb 2021 16:00:14 GMT
get
nsair.flights.ctrip.com/schedule/poi/
17 KB
6 KB
Fetch
General
Full URL
https://nsair.flights.ctrip.com/schedule/poi/get
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResFlightOnline/P2/assets/airlinesearchheader.js?v=202006051739
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.206.211.12 Shanghai, China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash
a133d89c995a2154a3b78ad381aa5d69ed10c0dc69be5623c659bcaf0bc9b709

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/json;charset=UTF-8
un_bg_gradients.png
pic.c-ctrip.com/fltdomestic111027/
749 B
1 KB
Image
General
Full URL
https://pic.c-ctrip.com/fltdomestic111027/un_bg_gradients.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResFlightOnline/P2/styles/seo.css?v=202006051739
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
e51391a4f02a0667b7e064a13dd844648941fd4ba09927b83339aa2a05ca2884

Request headers

Referer
https://webresource.c-ctrip.com/ResFlightOnline/P2/styles/seo.css?v=202006051739
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
x-ares-server
CTN00300098@SHAOY
content-type
image/png
x-device
U R iPhone
content-length
749
last-modified
Wed, 01 Apr 2020 08:22:28 GMT
server
nginx/1.16.1
etag
W/"51577ffce76b9e59eb8446941d8d2675"
x-varnish
706564489 522551094
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1362311
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2020 14:09:28 GMT
un_sprites.png
pic.c-ctrip.com/fltdomestic111027/
6 KB
7 KB
Image
General
Full URL
https://pic.c-ctrip.com/fltdomestic111027/un_sprites.png?120925.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResFlightOnline/P2/styles/seo.css?v=202006051739
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
a45f74f7e8289c1ff117046e763efbf628196869c0654d710b5509db607cad66

Request headers

Referer
https://webresource.c-ctrip.com/ResFlightOnline/P2/styles/seo.css?v=202006051739
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
x-ares-server
CTN00300098@SHAOY
content-type
image/png
x-device
U R iPhone
content-length
6353
last-modified
Wed, 01 Apr 2020 08:22:28 GMT
server
nginx/1.16.1
etag
W/"8ebb8901ff313d0207c117f647d77de5"
x-varnish
700397793 506989025
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1362263
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2020 14:08:40 GMT
rms.js
webresource.c-ctrip.com/resaresonline/risk/ubtrms/latest/default/
8 KB
4 KB
Script
General
Full URL
https://webresource.c-ctrip.com/resaresonline/risk/ubtrms/latest/default/rms.js?v=20201215
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/code/ubt/_bfa.min.js?v=202011_15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
798d55b4a879b66cde6e7bae47bbdcd001f3609b065070dad8766940b7630e25

Request headers

Origin
https://nsair.flights.ctrip.com
Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00271523@SHARB
content-type
application/javascript
x-device
U R Android
accept-ranges
bytes
last-modified
Thu, 10 Dec 2020 05:51:00 GMT
etag
W/"996cb769d2ab91942df20276dc832d3e"
vary
Accept-Encoding
x-varnish
390950571 390437512
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5084214
access-control-allow-credentials
true
content-length
3312
timing-allow-origin
*
expires
Fri, 12 Feb 2021 16:01:11 GMT
marinRedirect.js
webresource.c-ctrip.com/ResUnionOnline/R1/common/
0
297 B
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R1/common/marinRedirect.js?v=20201215
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/code/ubt/_bfa.min.js?v=202011_15
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin
https://nsair.flights.ctrip.com
Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:17 GMT
x-ares-server
CTN00271525@SHARB
last-modified
Thu, 02 Jul 2020 06:12:45 GMT
etag
W/"d41d8cd98f00b204e9800998ecf8427e"
x-varnish
597956797
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=4994228
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript
content-length
0
expires
Thu, 11 Feb 2021 15:01:25 GMT
bf.gif
s.c-ctrip.com/
43 B
455 B
Image
General
Full URL
https://s.c-ctrip.com/bf.gif?ac=a&d=r1tbMSwibWF0cml4Il0sWzEwMTA2NywiMTYwODA2MTQ1NzY5MC4yYXF4NDAiLDEsAyqDIiwiAwADAIUyLjguOAMFlTFiNjZ3dmYtOW1mZjQ1LWxod3U0MwMaAxoDGgMaAxoDGoZvbmxpbmUDIARDj3sibmFtZSI6IjEzMzA3NwMvi3RhZ3MiOnsidHlwBBGIbmF2aWdhdGUDQoxpbml0aWF0b3JUeXAEJQcNg2lvbgNRj25leHRIb3BQcm90b2NvbAM3gmgyA2IHOZdodHRwczovL25zYWlyLmZsaWdodHMuYwOBIYZwLmNvbS8Df4VlbnRyeQM2BFsHQwMziCJ9LCJ2YWx1A2SPeyJkb21JbnRlcmFjdGl2A3OJMjM5NC4yOTUsBBOCQ28DEYpudExvYWRlZEV2Ay6HU3RhcnQiOgUXgTMDgToDJwQQAzYICAM2hUVuZCI6BR2BMwOBQIVmZXRjaAcMiDEzNDQuNDksBDqJYWluTG9va3VwBx0DDoU1LjU2LARICQUFHAMTAwIDgXSBYwSBB4JjdAclAxYDBQOBd4FjBIEKgmN0BSKPMTkxMC4wOSwic2VjdXJlA0eCbmUDVoJvbgc7hDEzNjkDVIksInJlcXVlc3QHSAUbgTIDggKIcmVzcG9uc2UHUYcyMjAxLjU0BBUGBwVSAwSQMi40LCJ0cmFuc2ZlclNpegOBd4oyNDgyLCJlbmNvA3uEQm9keQMOA4IFgzIzNQOCS4RkZWNvA4EGBAcDFQOCDIQ4NDc3A4EwgXQDggQKgkqGNzIzfV1d&mt=1608061457731&jv=2.8.8
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.74.55 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-74-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:18 GMT
x-content-type-options
nosniff
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Thu, 1 Jan 1970 00:00:00 GMT
d.min.d7a9ee87.js
webresource.c-ctrip.com/resaresonline/risk/ubtrms/
77 KB
26 KB
Script
General
Full URL
https://webresource.c-ctrip.com/resaresonline/risk/ubtrms/d.min.d7a9ee87.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/resaresonline/risk/ubtrms/latest/default/rms.js?v=20201215
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
a4f5857e0684cf48abb79230cd50d35443a30da7d03021c5236e0ead6116e98b

Request headers

Origin
https://nsair.flights.ctrip.com
Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:17 GMT
content-encoding
gzip
x-ares-server
CTN00271525@SHARB
content-type
application/javascript
content-length
25889
last-modified
Mon, 26 Oct 2020 10:09:38 GMT
server
nginx/1.16.1
etag
W/"d7a9ee8758de5c8cdb30b9f07f2dabd9"
vary
Accept-Encoding
x-varnish
324180713 322590759
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=853946
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Dec 2020 16:56:43 GMT
PageHeader_V4.css
webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/
74 KB
12 KB
Stylesheet
General
Full URL
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/IntegratedJS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd63aac0acf787eee089bed7a0cb629a82d9e474ed00b0333ba2c901e7191a92

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
x-ares-server
CTN00271527@SHARB
content-type
text/css
content-length
12093
last-modified
Tue, 15 Dec 2020 07:23:22 GMT
etag
W/"9416a194e79f1aed717cad7aed512d3f"
vary
Accept-Encoding
x-varnish
559414920 568519143
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5141127
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Feb 2021 07:49:46 GMT
PageHeaderContent.js
webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/
39 KB
9 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/PageHeaderContent.js?date=1541048870
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/IntegratedJS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
242fd4f1b87c43e0a199f5e258abbe12c3fa32a50a9fce12c37b7e4b534c508f

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
x-ares-server
CTN00639486@SHARB
content-type
application/javascript
content-length
8370
last-modified
Tue, 15 Dec 2020 07:23:22 GMT
etag
W/"0368124c6a99190e6c4fce0a293562e2"
vary
Accept-Encoding
x-varnish
439813831
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5141119
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Feb 2021 07:49:38 GMT
d
cdid.c-ctrip.com/chloro-device/v2/
109 B
326 B
XHR
General
Full URL
https://cdid.c-ctrip.com/chloro-device/v2/d
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/resaresonline/risk/ubtrms/d.min.d7a9ee87.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.206.211.36 Shanghai, China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash
a003b412ff1d1889a207ba62e8eccf075dba7776f52bcefc9f35faf257daa57c

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://nsair.flights.ctrip.com
date
Tue, 15 Dec 2020 19:44:20 GMT
access-control-allow-credentials
true
content-length
109
content-type
text/html;charset=utf-8
ico_deafult.png
pic.c-ctrip.com/platform/online/home/
1 KB
1 KB
Image
General
Full URL
https://pic.c-ctrip.com/platform/online/home/ico_deafult.png
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
b6d318a1256a217f5e964bf464dfc60d47e2f13d847904fa51a798bb2fe4b0a4

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:19 GMT
x-ares-server
CTN00271524@SHARB
last-modified
Mon, 21 Sep 2020 03:31:35 GMT
server
nginx/1.16.1
etag
W/"67327384a78a5fafb71b5e94e7d3d845"
x-varnish
33842357 989640901
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=4069268
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/png
content-length
1152
expires
Sun, 31 Jan 2021 22:05:27 GMT
er_ctrip_app.jpg
pic.c-ctrip.com/platform/online/home/
6 KB
7 KB
Image
General
Full URL
https://pic.c-ctrip.com/platform/online/home/er_ctrip_app.jpg
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
df27165eb5295308d436379adaabbdc39c13288b7a0ffaa0064e9dd8b6494bf5

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:19 GMT
x-ares-server
CTN00300099@SHAOY
last-modified
Mon, 21 Sep 2020 03:31:35 GMT
server
nginx/1.16.1
etag
W/"d496654a3dbc0ff068f2b9aa5277a24a"
x-varnish
590134728 484581241
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=4453089
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/jpeg
content-length
6396
expires
Fri, 05 Feb 2021 08:42:28 GMT
er_ctrip_wechat_new.jpg
pic.c-ctrip.com/platform/online/home/
6 KB
6 KB
Image
General
Full URL
https://pic.c-ctrip.com/platform/online/home/er_ctrip_wechat_new.jpg
Requested by
Host: nsair.flights.ctrip.com
URL: https://nsair.flights.ctrip.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
a22419f106d3b1b5d702536e5dd70f5d60a43e620aa2716ff739ed01959e3b2d

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:19 GMT
x-ares-server
CTN00271527@SHARB
last-modified
Mon, 21 Sep 2020 03:31:35 GMT
server
nginx/1.16.1
etag
W/"37bd165e8f8cd4bcc741a62611fae787"
x-varnish
760063444 580311394
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1295176
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/jpeg
content-length
6280
expires
Wed, 30 Dec 2020 19:30:35 GMT
ActivityController_V3.min.js
webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/
15 KB
5 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/ActivityController_V3.min.js?date=1541048870
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/IntegratedJS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5988a70cab6d2523a28811e0d6d761a497c85211f3c82bb17fdccf73c97994ed

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
x-ares-server
CTN00639486@SHARB
content-type
application/javascript
content-length
5118
last-modified
Tue, 15 Dec 2020 07:23:22 GMT
etag
W/"c265551bce73a1fd988947fe5de2b0d9"
vary
Accept-Encoding
x-varnish
732571801
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5141144
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Feb 2021 07:50:03 GMT
spirit20190918.png
pic.c-ctrip.com/platform/online/home/
4 KB
4 KB
Image
General
Full URL
https://pic.c-ctrip.com/platform/online/home/spirit20190918.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
9142bd78cdd28dd8cfa6f77c4dea61d607d76e45a40856a552417a68aeff7118

Request headers

Referer
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:19 GMT
x-ares-server
CTN00300092@SHAOY
last-modified
Mon, 21 Sep 2020 03:31:35 GMT
server
nginx/1.16.1
etag
W/"43cd67b71ec96ce713c66db2315e23cf"
x-varnish
687440781 473622146
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1151833
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/png
content-length
3933
expires
Tue, 29 Dec 2020 03:41:32 GMT
c_logo2020.png
pic.c-ctrip.com/platform/online/login/
2 KB
3 KB
Image
General
Full URL
https://pic.c-ctrip.com/platform/online/login/c_logo2020.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
348bd193a063a3e9b7a92be01a6c6e29a87537d3391bc3dc2e84217b3a33e215

Request headers

Referer
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:19 GMT
x-ares-server
CTN00271525@SHARB
last-modified
Wed, 01 Apr 2020 08:23:59 GMT
server
nginx/1.16.1
etag
W/"e55760943c6bfd0cf38ec5379c4f6211"
x-varnish
270479169 138089367
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1152060
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/png
content-length
2360
expires
Tue, 29 Dec 2020 03:45:19 GMT
un_icon_index_type20170111.png
pic.c-ctrip.com/platform/online/home/
3 KB
4 KB
Image
General
Full URL
https://pic.c-ctrip.com/platform/online/home/un_icon_index_type20170111.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
eff1291e1b3c8b2e61ede74de88585e5c65d43301f6975d49a45c87e640803d6

Request headers

Referer
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:19 GMT
x-ares-server
CTN00300092@SHAOY
last-modified
Mon, 21 Sep 2020 03:31:36 GMT
server
nginx/1.16.1
etag
W/"3b18940a6a4640f16e4ea430a4808279"
x-varnish
697832630 494957333
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1152079
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/png
content-length
3310
expires
Tue, 29 Dec 2020 03:45:38 GMT
phone_list20190617.png
pic.c-ctrip.com/platform/online/home/
12 KB
12 KB
Image
General
Full URL
https://pic.c-ctrip.com/platform/online/home/phone_list20190617.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
b775eb2ef538969f1d5378a6ca44b371e8b9b6d467cc58449eddb57be902ee1f

Request headers

Referer
https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/css/PageHeader_V4.css?date=1541048870
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:19 GMT
x-ares-server
CTN00271527@SHARB
last-modified
Mon, 21 Sep 2020 03:31:35 GMT
server
nginx/1.16.1
etag
W/"49e7e6d63706f5b4196e4718d562eaea"
x-varnish
183124175 55249223
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1140848
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/png
content-length
12416
expires
Tue, 29 Dec 2020 00:38:27 GMT
pcfloat.min.js
webresource.c-ctrip.com/ResUnionOnline/R3/float/
2 KB
1 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/pcfloat.min.js?v=20160329
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/ActivityController_V3.min.js?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
74cba3349e4dc8481aaa99ee312decf37085c77ca0eb9d1ab63cf91feb648497

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
x-ares-server
CTN00300098@SHAOY
content-type
application/javascript
content-length
863
last-modified
Tue, 04 Aug 2020 06:34:26 GMT
server
nginx/1.16.1
etag
W/"d6414eece3219772dde7e1822872bdf2"
vary
Accept-Encoding
x-varnish
813477265 545056302
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=3024845
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jan 2021 19:58:24 GMT
ssoGetUserInfo
accounts.ctrip.com/ssoproxy/
144 B
212 B
Script
General
Full URL
https://accounts.ctrip.com/ssoproxy/ssoGetUserInfo?jsonp=BuildHTML&r=0.6119182080979588&encoding=0
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/ActivityController_V3.min.js?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
140.206.211.36 Shanghai, China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash
511d63b55a16a8ef1a97bb1e96ea8ab8a1bd7406abaec64dcd5cb1cf12ad04ed

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:20 GMT
content-length
144
content-type
text/html;charset=gb2312
qCode.min.js
webresource.c-ctrip.com/ResUnionOnline/R3/float/
20 KB
7 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/qCode.min.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/pcfloat.min.js?v=20160329
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
020337e332c783d2619380ed87f4012474627fed536adb028f9d8127dd7ac0d7

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
x-ares-server
CTN00300091@SHAOY
content-type
application/javascript
content-length
7186
last-modified
Tue, 04 Aug 2020 06:34:27 GMT
server
nginx/1.16.1
etag
W/"d2cee9ee34605f2bfb909348a24a62b7"
vary
Accept-Encoding
x-varnish
838746403 533496631
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=3244376
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jan 2021 08:57:15 GMT
yUtil.min.js
webresource.c-ctrip.com/ResUnionOnline/R3/float/
5 KB
2 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/yUtil.min.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/pcfloat.min.js?v=20160329
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
1d8ec23abd3412b72e8c963b10bfb2a79e0ce25d3c17886526b85458521aee63

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
x-ares-server
CTN00300098@SHAOY
content-type
application/javascript
content-length
1856
last-modified
Tue, 04 Aug 2020 06:34:27 GMT
server
nginx/1.16.1
etag
W/"8ceaaef2723d126bb0b7c8569a308240"
vary
Accept-Encoding
x-varnish
613171964 607806226
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1140684
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Dec 2020 00:35:43 GMT
floating_normal.min.js
webresource.c-ctrip.com/ResUnionOnline/R3/float/
26 KB
8 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/floating_normal.min.js?20201215
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/pcfloat.min.js?v=20160329
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
43c99bab454ce2f83f1d24bb55f81d36b61d0a4fb3f853cf8868c7b6c9d03bd7

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
1183
date
Tue, 15 Dec 2020 19:44:19 GMT
content-encoding
gzip
x-ares-server
CTN00271527@SHARB
x-edgeconnect-midmile-rtt
0
content-type
application/javascript
content-length
8247
last-modified
Mon, 07 Dec 2020 09:48:15 GMT
etag
W/"e20eb0d4a77dc6744d1be5e8892e0d55"
vary
Accept-Encoding
x-varnish
545090388 544595033
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=5085589
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Feb 2021 16:24:08 GMT
bf.gif
s.c-ctrip.com/
43 B
453 B
Image
General
Full URL
https://s.c-ctrip.com/bf.gif?ac=g&d=%7B%22c%22%3A%5B101067%2C%221608061457690.2aqx40%22%2C1%2C1%2C%22%22%2C%22%22%2C%22%22%2C%222.8.8%22%2C%221b66wvf-9mff45-lhwu43%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22online%22%2C%22%22%5D%2C%22d%22%3A%7B%22uinfo%22%3A%5B15%2C0%2C0%2C%22https%3A%2F%2Fnsair.flights.ctrip.com%2F%22%2C1600%2C1200%2C%22cl%3D134%2Cckl%3D4%22%2C%22en-us%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C1%2C0%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22online%22%2C1%2C1%2C%22%7B%5C%22fef_name%5C%22%3A%5C%22%5C%22%2C%5C%22fef_ver%5C%22%3A%5C%22%5C%22%2C%5C%22tz%5C%22%3A60%2C%5C%22dt%5C%22%3Afalse%2C%5C%22rg%5C%22%3A%5C%22TJK5r17D_YD59D3Vn_Vf8A%5C%22%2C%5C%22lang%5C%22%3A%5C%22%5C%22%7D%22%2C%22%22%2C%22%22%2C%22%22%2C%7B%7D%2C%22%22%5D%7D%7D&mt=1608061461616&jv=2.8.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.74.55 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-74-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:21 GMT
x-content-type-options
nosniff
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Thu, 1 Jan 1970 00:00:00 GMT
bf.gif
s.c-ctrip.com/
43 B
454 B
Image
General
Full URL
https://s.c-ctrip.com/bf.gif?ac=g&d=%7B%22c%22%3A%5B101067%2C%221608061457690.2aqx40%22%2C1%2C1%2C%22%22%2C%22%22%2C%22%22%2C%222.8.8%22%2C%221b66wvf-9mff45-lhwu43%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22online%22%2C%22%22%5D%2C%22d%22%3A%7B%22ps%22%3A%5B6%2C1608061455054%2C0%2C0%2C0%2C0%2C1608061456399%2C1608061456400%2C1608061456400%2C1608061456400%2C1608061456964%2C1608061456964%2C1608061457256%2C1608061457257%2C1608061457259%2C1608061457448%2C1608061457448%2C1608061457448%2C1608061460273%2C1608061460273%2C1608061460273%2C0%2C0%5D%7D%7D&mt=1608061461617&jv=2.8.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.74.55 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-74-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:21 GMT
x-content-type-options
nosniff
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Thu, 1 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/ActivityController_V3.min.js?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5969
date
Tue, 15 Dec 2020 18:04:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 15 Dec 2020 20:04:53 GMT
remarketing.js
webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/
6 KB
2 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/remarketing.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResCRMOnline/R1/pageheader/js/ActivityController_V3.min.js?date=1541048870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
240b4f271b325f73dd769cfb1ba9e69ba722daca852b1848d70f01fad2cd68db

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-ares-server
CTN00300099@SHAOY
content-type
application/javascript
content-length
1712
last-modified
Thu, 02 Jul 2020 06:12:46 GMT
server
nginx/1.16.1
etag
W/"65ea493dc01f52d996d538ede05c6843"
vary
Accept-Encoding
x-varnish
736698288 677697179
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1824856
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jan 2021 22:38:38 GMT
collect
www.google-analytics.com/j/
4 B
395 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1802178811&t=pageview&_s=1&dl=https%3A%2F%2Fnsair.flights.ctrip.com%2F&ul=en-us&de=UTF-8&dt=%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E7%89%B9%E4%BB%B7%E6%9C%BA%E7%A5%A8%EF%BC%8C%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E6%89%93%E6%8A%98%E6%9C%BA%E7%A5%A8%E3%80%90%E6%90%BA%E7%A8%8B%E8%88%AA%E7%A9%BA%E4%BF%A1%E6%81%AF%E3%80%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=277102575&gjid=293082069&cid=338609438.1608061462&tid=UA-3748357-1&_gid=44437897.1608061462&_r=1&_slc=1&z=248455089
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nsair.flights.ctrip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
__nts.js
webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/
18 KB
6 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/__nts.js?v=202072134559
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/remarketing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e096fb904a77a33712175a1923a4cd7d76d1d86381598dba99e571de24c6419

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-ares-server
CTN00271527@SHARB
content-type
application/javascript
content-length
6036
last-modified
Thu, 02 Jul 2020 06:12:46 GMT
etag
W/"cf4517a6c35de7427a511796222436be"
vary
Accept-Encoding
x-varnish
352346515 348617553
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=3633730
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jan 2021 21:06:32 GMT
thirdPart.js
webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/
5 KB
2 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/thirdPart.js?v=202072134559
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/remarketing.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
7bfd7193f594b8e1592ae05c0bf6bd9f58b79ec51d305181122b7a15600bc7bc

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-ares-server
CTN00300098@SHAOY
content-type
application/javascript
content-length
1679
last-modified
Thu, 02 Jul 2020 06:12:46 GMT
server
nginx/1.16.1
etag
W/"5cfd3e05843e60a785ece0b6f9cd02ec"
vary
Accept-Encoding
x-varnish
725592684 672097186
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1736603
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Jan 2021 22:07:45 GMT
collect
stats.g.doubleclick.net/j/
1 B
90 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-3748357-1&cid=338609438.1608061462&jid=277102575&gjid=293082069&_gid=44437897.1608061462&_u=IEBAAEAAAAAAAC~&z=1472171948
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 15 Dec 2020 19:44:22 GMT
content-type
text/plain
access-control-allow-origin
https://nsair.flights.ctrip.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
mba_ctrip.js
webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/
18 KB
5 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/mba_ctrip.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/thirdPart.js?v=202072134559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
5e644e19e8c403cfc84f9d75a5d12237f74e8a83e2b00e200e531f8a90357d10

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-ares-server
CTN00300093@SHAOY
content-type
application/javascript
content-length
5221
last-modified
Thu, 02 Jul 2020 06:12:46 GMT
server
nginx/1.16.1
etag
W/"6d8475255473434cc3bb1d2d901b194a"
vary
Accept-Encoding
x-varnish
694403433 678370053
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1140902
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Dec 2020 00:39:24 GMT
collect.js
webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/
5 KB
2 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/collect.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/thirdPart.js?v=202072134559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
0611ff3862eab22d98f8e0ba3a34fab234a795ebf66dee1fc9875dbd4b4061fc

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-ares-server
CTN00300093@SHAOY
content-type
application/javascript
content-length
2019
last-modified
Thu, 02 Jul 2020 06:12:46 GMT
server
nginx/1.16.1
etag
W/"78e6b384c404f2c33ece548409ccaff6"
vary
Accept-Encoding
x-varnish
684249626 678370551
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1140848
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Dec 2020 00:38:30 GMT
s.js
webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/
9 KB
4 KB
Script
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/s.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/thirdPart.js?v=202072134559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
a7d8c96414f8c9e3f54ec16a75fe2545f1313efbf33570a397910e515a10703e

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-ares-server
CTN00300093@SHAOY
content-type
application/javascript
content-length
3518
last-modified
Thu, 02 Jul 2020 06:12:46 GMT
server
nginx/1.16.1
etag
W/"4d92d777315cfc5893be8d10a279be3d"
vary
Accept-Encoding
x-varnish
682741977 671318191
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1140745
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Dec 2020 00:36:47 GMT
rt.js
cpro.baidu.com/cpro/ui/
992 B
1 KB
Script
General
Full URL
https://cpro.baidu.com/cpro/ui/rt.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/thirdPart.js?v=202072134559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
180.101.49.201 , China, ASN134756 (CHINANET-NANJING-JISHAN-IDC CHINANET Nanjing Jishan IDC network, CN),
Reverse DNS
Software
nginx /
Resource Hash
874c33954e920ed91a5854f6902ab2ca3fb05d429ea77cb27b5136a3f5c26f81

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 19:44:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Oct 2020 04:02:31 GMT
Server
nginx
Etag
"5f9255d7-220"
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=3600
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
544
Expires
Tue, 15 Dec 2020 20:44:24 GMT
conversion_async.js
www.googleadservices.com/pagead/
30 KB
13 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/thirdPart.js?v=202072134559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12175
x-xss-protection
0
server
cafe
etag
17536051821503146167
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Dec 2020 19:44:22 GMT
/
www.google.de/pagead/1p-user-list/1066331136/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0&is_vtc=1&random=4147992096
  • https://www.google.de/pagead/1p-user-list/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0&is_vtc=1&random=4147992096&ipr=y
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0&is_vtc=1&random=4147992096&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1066331136/?value=0&label=cG9hCIyRngMQgNi7_AM&guid=ON&script=0&is_vtc=1&random=4147992096&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
secure.mediav.com/
43 B
565 B
Image
General
Full URL
https://secure.mediav.com/t?type=3&db=none&qzja=1.1402009922.1608061462386.1608061462386.1608061462386.1608061462386.1608061462386.0.0.0.1.1&qzjb=1.1608061462386.1.0.1.0&qzjto=1.1.0&jzqh=nsair.flights.ctrip.com&jzqpt=%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E7%89%B9%E4%BB%B7%E6%9C%BA%E7%A5%A8%EF%BC%8C%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E6%89%93%E6%8A%98%E6%9C%BA%E7%A5%A8%E3%80%90%E6%90%BA%E7%A8%8B%E8%88%AA%E7%A9%BA%E4%BF%A1%E6%81%AF%E3%80%91&jzqre=&jzqc=_jzqa%3D1.1402009922.1608061462.1608061462.1608061462.1&jzqs=m-26049-0&jzqv=3.3.ctrip.17&jzqrd=1608061462386
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
112.65.69.51 Shanghai, China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Dec 2020 19:44:24 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/gif
m
ckmap.mediav.com/
43 B
327 B
Image
General
Full URL
https://ckmap.mediav.com/m?tid=26049&tck=1608061462387.smfhh.27j2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:24 GMT
cache-control
no-cache, no-store, must-revalidate
server
openresty/1.15.8.2
content-type
image/gif
content-length
43
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GetFloatUI
m.ctrip.com/restapi/soa2/10994/json/ Frame
0
0
Other
General
Full URL
https://m.ctrip.com/restapi/soa2/10994/json/GetFloatUI?timestamp=1608061462392
Protocol
H2
Server
211.95.54.1 , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
cookieorigin
Origin
https://nsair.flights.ctrip.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-type
text/html
content-length
0
access-control-expose-headers
x-gate-region slb-http-protocol-version
x-gate-root-id
100025527-0a3d50ab-446683-1820104
access-control-allow-origin
https://nsair.flights.ctrip.com
access-control-allow-credentials
true
access-control-allow-methods
POST
x-gate-region
SHARB
access-control-allow-headers
cookieorigin
x-gate
ctrip-gate
x-originating-url
https://m.ctrip.com/restapi/soa2/10994/json/GetFloatUI?timestamp=1608061462392
slb-http-protocol-version
HTTP/2.0
pc_flaot.css
webresource.c-ctrip.com/ResUnionOnline/R3/float/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/css/pc_flaot.css
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/floating_normal.min.js?20201215
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
95675854ad335b584aa4c71eb6ef49496fdb041b676a5fe5bb649d7d52abc1df

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-ares-server
CTN00300099@SHAOY
content-type
text/css
content-length
3776
last-modified
Tue, 27 Oct 2020 06:00:13 GMT
server
nginx/1.16.1
etag
W/"2e3a5dd1bbdb993a74a0e6dbbe6bbb92"
vary
Accept-Encoding
x-varnish
671873629 669133606
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1140813
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Dec 2020 00:37:55 GMT
GetFloatUI
m.ctrip.com/restapi/soa2/10994/json/
5 KB
2 KB
XHR
General
Full URL
https://m.ctrip.com/restapi/soa2/10994/json/GetFloatUI?timestamp=1608061462392
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/floating_normal.min.js?20201215
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
211.95.54.1 , China, ASN17621 (CNCGROUP-SH China Unicom Shanghai network, CN),
Reverse DNS
Software
/
Resource Hash
b69b6be644567ff4696a47418a4fcdf88938f3ef640c2e2f8303a8e2d25e1275

Request headers

cookieOrigin
https://nsair.flights.ctrip.com
Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
access-control-expose-headers
RootMessageId, x-gate-region, x-service-call, slb-http-protocol-version
x-service-call
0.008
clogging_trace_id
3754548594560653132
x-gate-region
SHARB
vary
accept-encoding
x-originating-url
https://m.ctrip.com/restapi/soa2/10994/json/GetFloatUI?timestamp=1608061462392
access-control-allow-origin
https://nsair.flights.ctrip.com
x-gate-root-id
100025527-0a3d50a1-446683-1819400
access-control-allow-credentials
true
servermessageid
100025527-0a3d50a1-446683-1819399
rootmessageid
100025527-0a3d50a1-446683-1819400
slb-http-protocol-version
HTTP/2.0
x-gate
ctrip-gate
bf.gif
s.c-ctrip.com/
43 B
448 B
Image
General
Full URL
https://s.c-ctrip.com/bf.gif?ac=tl&pi=101067&key=brovserVersion&val=Chrome&pv=1608061457690.2aqx40.1.1&duid=&env=online&v=6&mt=1608061462390&jv=2.8.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.74.55 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-74-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:22 GMT
x-content-type-options
nosniff
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Thu, 1 Jan 1970 00:00:00 GMT
dasp3
dat.gtags.net/imp/
43 B
560 B
Image
General
Full URL
https://dat.gtags.net/imp/dasp3?a=9&ext_args=&vc=1&vt=0&vpc=1&rvt=0&fr=1&vrt=0&ot=4&u=https%3A%2F%2Fnsair.flights.ctrip.com%2F&sc=1600*1200&ch=UTF-8&la=en-US&ti=%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E7%89%B9%E4%BB%B7%E6%9C%BA%E7%A5%A8%EF%BC%8C%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E6%89%93%E6%8A%98%E6%9C%BA%E7%A5%A8%E3%80%90%E6%90%BA%E7%A8%8B%E8%88%AA%E7%A9%BA%E4%BF%A1%E6%81%AF%E3%80%91&v=3.0.0.9&t=1&r=0.6370837408700567
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.228.208.3 , China, ASN138950 (CHINATELECOM-JIANGSU-WUXI-INTERNATIONAL-IDC Jiangsu Wuxi International IDC network, CN),
Reverse DNS
Software
nginx/1.1.19 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Tue, 15 Dec 2020 19:44:25 GMT
Server
nginx/1.1.19
X-RequestError
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, must-revalidate, no-cache, must-revalidate
Connection
close
Content-Type
image/gif
Content-Length
43
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1066331136/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1066331136/?random=1608061462458&cv=9&fst=1608061462458&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=flight_pagetype%3Dsearchresults&frm=0&url=https%3A%2F%2Fnsair.flights.ctrip.com%2F&tiba=%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E7%89%B9%E4%BB%B7%E6%9C%BA%E7%A5%A8%EF%BC%8C%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E6%89%93%E6%8A%98%E6%9C%BA%E7%A5%A8%E3%80%90%E6%90%BA%E7%A8%8B%E8%88%AA%E7%A9%BA%E4%BF%A1%E6%81%AF%E3%80%91&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1f90a0fb40b2dab9712ef4f8ea4f4ad22eaef38c6605f8762054ec49b385aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1108
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1066331136/
42 B
530 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1066331136/?random=1608061462458&cv=9&fst=1608058800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=flight_pagetype%3Dsearchresults&frm=0&url=https%3A%2F%2Fnsair.flights.ctrip.com%2F&tiba=%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E7%89%B9%E4%BB%B7%E6%9C%BA%E7%A5%A8%EF%BC%8C%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E6%89%93%E6%8A%98%E6%9C%BA%E7%A5%A8%E3%80%90%E6%90%BA%E7%A8%8B%E8%88%AA%E7%A9%BA%E4%BF%A1%E6%81%AF%E3%80%91&async=1&fmt=3&is_vtc=1&random=2663450074&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1066331136/
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1066331136/?random=1608061462458&cv=9&fst=1608058800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=flight_pagetype%3Dsearchresults&frm=0&url=https%3A%2F%2Fnsair.flights.ctrip.com%2F&tiba=%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E7%89%B9%E4%BB%B7%E6%9C%BA%E7%A5%A8%EF%BC%8C%E6%B2%B3%E5%8C%97%E8%88%AA%E7%A9%BA%E6%89%93%E6%8A%98%E6%9C%BA%E7%A5%A8%E3%80%90%E6%90%BA%E7%A8%8B%E8%88%AA%E7%A9%BA%E4%BF%A1%E6%81%AF%E3%80%91&async=1&fmt=3&is_vtc=1&random=2663450074&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdCallProxyV2.aspx
crm.ws.ctrip.com/Customer-Market-Proxy/
24 KB
7 KB
Script
General
Full URL
https://crm.ws.ctrip.com/Customer-Market-Proxy/AdCallProxyV2.aspx?biztype=2101&adlist=%5B%7B%27pagecode%27%3A%271%27%2C%27domid%27%3A%27ad_Link%27%2C%27type%27%3A0%7D%5D
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/floating_normal.min.js?20201215
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.74.55 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-74-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55241489d00e374a40db40c8a3f8868d20b67eb2c31fb624d8b9f97eb0d568b5

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:24 GMT
content-encoding
gzip
content-disposition
inline;filename=f.txt
content-length
7105
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
sjicon.png
images4.c-ctrip.com/img3/marketing/2015/12/float_system_pc/
0
0
Image
General
Full URL
https://images4.c-ctrip.com/img3/marketing/2015/12/float_system_pc/sjicon.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/css/pc_flaot.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/css/pc_flaot.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,Accept
access-control-allow-methods
GET,POST,PUT,OPTIONS,HEAD
bf.gif
s.c-ctrip.com/
43 B
448 B
Image
General
Full URL
https://s.c-ctrip.com/bf.gif?ac=tl&pi=101067&key=pcfloatSuccess&val=pcfloatSuccess7&pv=1608061457690.2aqx40.1.1&duid=&env=online&v=6&mt=1608061462937&jv=2.8.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.74.55 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-74-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:23 GMT
x-content-type-options
nosniff
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Thu, 1 Jan 1970 00:00:00 GMT
internal_ads.png
images4.c-ctrip.com/img3/marketing/2015/12/float_system_pc/
0
0
Image
General
Full URL
https://images4.c-ctrip.com/img3/marketing/2015/12/float_system_pc/internal_ads.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,Accept
access-control-allow-methods
GET,POST,PUT,OPTIONS,HEAD
log.png
webresource.c-ctrip.com/ResUnionOnline/R3/float/pic/
2 KB
3 KB
Image
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/pic/log.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
0d0578ee50c5cef92199018df85707aafc069349881579807cfef4675cd4853e

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 19:44:23 GMT
x-ares-server
CTN00300091@SHAOY
last-modified
Tue, 04 Aug 2020 06:34:27 GMT
server
nginx/1.16.1
etag
W/"e09a75232172a7cfabab84de971e10d9"
x-varnish
840779865 548941738
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=3244481
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
content-type
image/png
content-length
2422
expires
Fri, 22 Jan 2021 08:59:04 GMT
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
s_open.png
webresource.c-ctrip.com/ResUnionOnline/R3/float/pic/
5 KB
5 KB
Image
General
Full URL
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/pic/s_open.png
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R3/float/css/pc_flaot.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
nginx/1.16.1 /
Resource Hash
5921c204fb20b4e478e465681c0e8a44f07968a65be2252ee43d622ac91d489a

Request headers

Referer
https://webresource.c-ctrip.com/ResUnionOnline/R3/float/css/pc_flaot.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Dec 2020 19:44:23 GMT
x-ares-server
CTN00300099@SHAOY
last-modified
Tue, 04 Aug 2020 06:34:27 GMT
server
nginx/1.16.1
etag
W/"3d9310c75f9b88b467d474422889abd6"
x-varnish
680731694 522532188
access-control-allow-origin
*
access-control-expose-headers
cache-control
cache-control
max-age=1058028
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/png
content-length
4919
expires
Mon, 28 Dec 2020 01:38:11 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a4dbacf125115b526aa6e8d0b1461ff3dd990bec60da874468c6f143d243c02

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
Cookie set w
cms.gtags.net/ Frame EC23
0
0
Document
General
Full URL
https://cms.gtags.net/w?a=9
Requested by
Host: webresource.c-ctrip.com
URL: https://webresource.c-ctrip.com/ResUnionOnline/R1/remarketing/js/s.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
221.228.208.97 , China, ASN138950 (CHINATELECOM-JIANGSU-WUXI-INTERNATIONAL-IDC Jiangsu Wuxi International IDC network, CN),
Reverse DNS
Software
nginx/1.1.19 /
Resource Hash

Request headers

Host
cms.gtags.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://nsair.flights.ctrip.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nsair.flights.ctrip.com/

Response headers

Server
nginx/1.1.19
Date
Tue, 15 Dec 2020 19:44:25 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, must-revalidate, max-age=0
Set-Cookie
zid=d31712df47ff9642318d1958e20c8444; expires=Sun, 07 Feb 2106 06:28:15 GMT; path=/; domain=.gtags.net; SameSite=None; secure=true
Content-Encoding
gzip
ad_moren.png
images4.c-ctrip.com/img3/marketing/2016/10/
0
0
Image
General
Full URL
https://images4.c-ctrip.com/img3/marketing/2016/10/ad_moren.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.100.126 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-100-126.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,Accept
access-control-allow-methods
GET,POST,PUT,OPTIONS,HEAD
bf.gif
s.c-ctrip.com/
43 B
454 B
Image
General
Full URL
https://s.c-ctrip.com/bf.gif?ac=tl&pi=101067&key=sumadpv&val=UserId%3D%26PageId%3D101067%26PositionIdVSAdId%3D101169%3A1010216%26SiteID%3D%26SiteType%3D&pv=1608061457690.2aqx40.1.1&duid=&env=online&v=6&mt=1608061464034&jv=2.8.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.74.55 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-74-55.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:24 GMT
x-content-type-options
nosniff
p3p
CP=CUR ADM OUR NOR STA NID
access-control-allow-origin
*
cache-control
private, no-store, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
43
expires
Thu, 1 Jan 1970 00:00:00 GMT
m
ckmap.mediav.com/
43 B
327 B
Image
General
Full URL
https://ckmap.mediav.com/m?tid=26049&tck=no_tck
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.163.247.134 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
openresty/1.15.8.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 19:44:24 GMT
cache-control
no-cache, no-store, must-revalidate
server
openresty/1.15.8.2
content-type
image/gif
content-length
43
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
rt.jpg
eclick.baidu.com/
0
294 B
Image
General
Full URL
https://eclick.baidu.com/rt.jpg?t=script&rtid=PWTzPjD&stamp=1608061464230&refer=&word=https%3A%2F%2Fnsair.flights.ctrip.com%2F&origin=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.202.114.81 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nsair.flights.ctrip.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 19:44:25 GMT
Last-Modified
Fri, 23 Oct 2020 04:02:32 GMT
Server
nginx
Etag
"5f9255d8-0"
Content-Type
image/jpeg
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Tue, 15 Dec 2020 19:44:25 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| globalConfig string| root string| version function| importScript string| timespan string| bt string| nav string| isOffline string| UrlConfig string| PageHeader_V3 string| PageHeader string| PageHeaderJs function| ajax object| utils object| ENV_CONFIG function| getLocationOrigin function| getEnv function| getRequestUrl function| getResourceUrlHost function| getJSUrl function| headScriptFn function| loadCSS function| loadScript function| setJsContent function| setHtmlObj string| requestUrl function| replace object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ object| __bfi function| addScriptIfValidBrowserOrMsie function| execCallBackIfValidBrowserOrMsie function| execCallBackIfValidBrowser function| addScriptIfValidBrowser function| addCssIfValidBrowser function| fltInPrefetchScript object| fltInScriptLoader object| $_bf object| __ubtAES object| Visibility object| RMS number| rmsd__startScriptLoad object| __rmsbfi function| idleRunner string| CHLOROFP_STATUS boolean| cookieStatusInD function| headerStr object| headerObj function| footerStr object| footerObj object| jsonobj string| logintype string| marketJS string| envir string| according function| setGoogleAnalytics function| setMetric function| setTrace object| navDom number| len string| key function| getArgs function| getTimeSpan string| tp function| loadJS function| loadCss function| loadMarketJs function| GetUserHTML function| DoLogin function| BuildHTML function| QRCode function| MKT_PCFLOAT_YUtil object| Floating string| CHLOROFP_IP string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __union_api object| _zpq string| bd_cpro_rtid object| mediav object| _mvq string| userAgent object| __zp_smartpixel_list object| zamplus_tag_params function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ads_mkt_globalbakAdList function| setAuthCodeImg object| G_OnlineAdContentConfig object| G_Ad_DyLoad_1 object| mini_tangram_log_dvivlz

4 Cookies

Domain/Path Name / Value
.ctrip.com/ Name: _RGUID
Value: d8bf3470-7515-44dd-a229-7ffc5f0cd245
.ctrip.com/ Name: _RDG
Value: 28b7ff81a581d02ef832559f4b46eb1c62
.ctrip.com/ Name: _RSG
Value: TJK5r17D_YD59D3Vn_Vf8A
.ctrip.com/ Name: _RF1
Value: 185.212.171.67

1 Console Messages

Source Level URL
Text
console-api log URL: https://webresource.c-ctrip.com/ResFlightOnline/P2/assets/airlinesearchheader.js?v=202006051739(Line 1)
Message:
this.state.flightWay==========S

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.ctrip.com
cdid.c-ctrip.com
ckmap.mediav.com
cms.gtags.net
cpro.baidu.com
crm.ws.ctrip.com
dat.gtags.net
eclick.baidu.com
googleads.g.doubleclick.net
images4.c-ctrip.com
m.ctrip.com
nsair.flights.ctrip.com
pic.c-ctrip.com
s.c-ctrip.com
secure.mediav.com
stats.g.doubleclick.net
webresource.c-ctrip.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
111.202.114.81
112.65.69.51
140.206.211.12
140.206.211.36
172.217.23.162
180.101.49.201
180.163.247.134
211.95.54.1
221.228.208.3
221.228.208.97
23.203.74.55
23.5.100.126
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9a
020337e332c783d2619380ed87f4012474627fed536adb028f9d8127dd7ac0d7
028215b11fe65b34e10e98ebc34b9b12ea0323efff4e188796e15744a796411e
05bb2617897803de22290b21f2bf76db78eb796f529277cdc8089589c7e88fd0
0611ff3862eab22d98f8e0ba3a34fab234a795ebf66dee1fc9875dbd4b4061fc
0d0578ee50c5cef92199018df85707aafc069349881579807cfef4675cd4853e
1821533639315e665768d822666ae2cc05550fcd6da9a385323c48b0e632cabc
1bc87926d89604f093bb7a25d086db5375d4cadb6eb71f27991e5532ccc57cab
1d8ec23abd3412b72e8c963b10bfb2a79e0ce25d3c17886526b85458521aee63
240b4f271b325f73dd769cfb1ba9e69ba722daca852b1848d70f01fad2cd68db
242fd4f1b87c43e0a199f5e258abbe12c3fa32a50a9fce12c37b7e4b534c508f
2e9834bedc3834104d970110416c5bec307d5d0090ddb27f95b92e55b7055147
348bd193a063a3e9b7a92be01a6c6e29a87537d3391bc3dc2e84217b3a33e215
432f61f5cea9ca24f616088619cb5c1149810841c58efd96883c8a264795aa64
43c99bab454ce2f83f1d24bb55f81d36b61d0a4fb3f853cf8868c7b6c9d03bd7
4a4dbacf125115b526aa6e8d0b1461ff3dd990bec60da874468c6f143d243c02
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
511d63b55a16a8ef1a97bb1e96ea8ab8a1bd7406abaec64dcd5cb1cf12ad04ed
55241489d00e374a40db40c8a3f8868d20b67eb2c31fb624d8b9f97eb0d568b5
5751b2faa8d5968638efcd8ec55ac3cb3d0ce194b1edf6a53a187ad02ae024de
5921c204fb20b4e478e465681c0e8a44f07968a65be2252ee43d622ac91d489a
5988a70cab6d2523a28811e0d6d761a497c85211f3c82bb17fdccf73c97994ed
5e644e19e8c403cfc84f9d75a5d12237f74e8a83e2b00e200e531f8a90357d10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e096fb904a77a33712175a1923a4cd7d76d1d86381598dba99e571de24c6419
74cba3349e4dc8481aaa99ee312decf37085c77ca0eb9d1ab63cf91feb648497
75d95304e09a801bdd01525297b6b97b27e175067a35fca29b84c0680f06facb
798d55b4a879b66cde6e7bae47bbdcd001f3609b065070dad8766940b7630e25
7bfd7193f594b8e1592ae05c0bf6bd9f58b79ec51d305181122b7a15600bc7bc
874c33954e920ed91a5854f6902ab2ca3fb05d429ea77cb27b5136a3f5c26f81
9142bd78cdd28dd8cfa6f77c4dea61d607d76e45a40856a552417a68aeff7118
95675854ad335b584aa4c71eb6ef49496fdb041b676a5fe5bb649d7d52abc1df
a003b412ff1d1889a207ba62e8eccf075dba7776f52bcefc9f35faf257daa57c
a133d89c995a2154a3b78ad381aa5d69ed10c0dc69be5623c659bcaf0bc9b709
a22419f106d3b1b5d702536e5dd70f5d60a43e620aa2716ff739ed01959e3b2d
a45f74f7e8289c1ff117046e763efbf628196869c0654d710b5509db607cad66
a4f5857e0684cf48abb79230cd50d35443a30da7d03021c5236e0ead6116e98b
a5bede0b8797de4cc03fdf0115c39a964a1fb8f3f23664f81c475565ee6d4fcb
a7d8c96414f8c9e3f54ec16a75fe2545f1313efbf33570a397910e515a10703e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b69b6be644567ff4696a47418a4fcdf88938f3ef640c2e2f8303a8e2d25e1275
b6d318a1256a217f5e964bf464dfc60d47e2f13d847904fa51a798bb2fe4b0a4
b775eb2ef538969f1d5378a6ca44b371e8b9b6d467cc58449eddb57be902ee1f
baed278e7d6ea5e792900818870ef72b769f9c30685b57a8a54c83b3e6bfb64d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1f90a0fb40b2dab9712ef4f8ea4f4ad22eaef38c6605f8762054ec49b385aa0
df27165eb5295308d436379adaabbdc39c13288b7a0ffaa0064e9dd8b6494bf5
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e51391a4f02a0667b7e064a13dd844648941fd4ba09927b83339aa2a05ca2884
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff1291e1b3c8b2e61ede74de88585e5c65d43301f6975d49a45c87e640803d6
fd63aac0acf787eee089bed7a0cb629a82d9e474ed00b0333ba2c901e7191a92