![](/screenshots/b349d2d3-8ce4-4328-9c7b-0acafaf9acd2.png)
r24.asia
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Submission Tags: phishingrod
Submission: On May 03 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2023. Valid for: 3 months.
This is the only time r24.asia was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 104.109.86.168 104.109.86.168 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 104.109.83.11 104.109.83.11 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 3.123.186.207 3.123.186.207 | 16509 (AMAZON-02) (AMAZON-02) | |
20 | 5 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-109-86-168.deploy.static.akamaitechnologies.com
www.trip.com | |
ak-s.tripcdn.com | |
m.trip.com | |
webresource.tripcdn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-109-83-11.deploy.static.akamaitechnologies.com
webresource.english.c-ctrip.com | |
dimg04.c-ctrip.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-186-207.eu-central-1.compute.amazonaws.com
chloro.trip.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
tripcdn.com
ak-s.tripcdn.com — Cisco Umbrella Rank: 47894 webresource.tripcdn.com — Cisco Umbrella Rank: 57301 ubt-sin.tripcdn.com Failed |
190 KB |
5 |
trip.com
www.trip.com — Cisco Umbrella Rank: 40095 m.trip.com — Cisco Umbrella Rank: 54871 chloro.trip.com — Cisco Umbrella Rank: 77229 |
4 KB |
3 |
c-ctrip.com
webresource.english.c-ctrip.com — Cisco Umbrella Rank: 145814 dimg04.c-ctrip.com — Cisco Umbrella Rank: 62064 |
204 KB |
1 |
r24.asia
r24.asia |
1 KB |
20 | 4 |
Domain | Requested by | |
---|---|---|
7 | ak-s.tripcdn.com |
www.trip.com
ak-s.tripcdn.com |
2 | m.trip.com |
webresource.english.c-ctrip.com
|
2 | webresource.english.c-ctrip.com |
www.trip.com
webresource.english.c-ctrip.com |
2 | www.trip.com |
r24.asia
ak-s.tripcdn.com |
1 | chloro.trip.com |
webresource.tripcdn.com
|
1 | webresource.tripcdn.com |
webresource.english.c-ctrip.com
|
1 | dimg04.c-ctrip.com | |
1 | r24.asia | |
0 | ubt-sin.tripcdn.com Failed |
webresource.english.c-ctrip.com
|
20 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.afternic.com |
www.thaistay.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
r24.asia GTS CA 1P5 |
2023-05-03 - 2023-08-01 |
3 months | crt.sh |
Trip.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-20 - 2023-12-20 |
a year | crt.sh |
trip.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-09 - 2023-09-13 |
a year | crt.sh |
*.trip.com GlobalSign RSA OV SSL CA 2018 |
2022-08-09 - 2023-09-10 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://r24.asia/
Frame ID: BE99196523A74B3D6604958BBC3760F1
Requests: 1 HTTP requests in this frame
Frame:
https://www.trip.com/partners/ad/S13838?Allianceid=3329986&SID=15772183&ouid=
Frame ID: CDF7DF8905810DF4DC91A5C79998A87A
Requests: 17 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Tahug
Search URL Search Domain Scan URL
Title: Thaistay.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
r24.asia/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S13838
www.trip.com/partners/ad/ Frame CDF7 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_vendor.e3974adf5fc3aab4390cd1e75d62e811.css
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame CDF7 |
70 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad.097e13f5eac16e1b2233b194c374552f.css
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame CDF7 |
511 B 950 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_bfa.min.js
webresource.english.c-ctrip.com/code/ubt/ Frame CDF7 |
83 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc
ak-s.tripcdn.com/ares/api/ Frame CDF7 |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_vendor.29f5eb675d460116569fd192d412b3e7.js
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame CDF7 |
356 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_react_all.3893bd41d8e0c6431f3fae1b29b74d89.js
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame CDF7 |
134 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad.343c1fd86f244e62026caff8e935e036.js
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame CDF7 |
27 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
getAppConfig.json
m.trip.com/restapi/soa2/18088/ Frame CDF7 |
683 B 994 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getAppConfig.json
m.trip.com/restapi/soa2/18088/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
0c72edd0-661d-4e4d-8c07-be85ea0ad571
https://www.trip.com/ Frame CDF7 |
2 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
queryToolDetail
www.trip.com/restapi/soa2/26577/json/ Frame CDF7 |
1013 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wj081g000001hfwb65274.jpg
dimg04.c-ctrip.com/images/ Frame CDF7 |
168 KB 168 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
partener.5b2a473cfb39a3f4c4644de7191c708d.woff
ak-s.tripcdn.com/modules/ibu/partner-online/ Frame CDF7 |
2 KB 2 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rms.js
webresource.english.c-ctrip.com/resaresenglish/risk/ubtrms/latest/default/ Frame CDF7 |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d.min.d7a9ee87.js
webresource.tripcdn.com/resaresenglish/risk/ubtrms/ Frame CDF7 |
77 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
d
chloro.trip.com/v2/ Frame CDF7 |
109 B 396 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
ubt-sin.tripcdn.com/bee/ Frame CDF7 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
collect
ubt-sin.tripcdn.com/bee/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ubt-sin.tripcdn.com
- URL
- https://ubt-sin.tripcdn.com/bee/collect
- Domain
- ubt-sin.tripcdn.com
- URL
- https://ubt-sin.tripcdn.com/bee/collect
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ak-s.tripcdn.com
chloro.trip.com
dimg04.c-ctrip.com
m.trip.com
r24.asia
ubt-sin.tripcdn.com
webresource.english.c-ctrip.com
webresource.tripcdn.com
www.trip.com
ubt-sin.tripcdn.com
104.109.83.11
104.109.86.168
2a06:98c1:3120::3
3.123.186.207
04e214c79d58de0ac1ba90fc4754c13771460436efb76b34a48f362bd6b68b86
1942529eb3e0444a63ef13152c112fd1a6e70cdfee6510fe4a74f6a5ecdf9993
1ef974141cd50c6285cfe58b5ae952bea1f2a54e3de0f7547c43268fa6540e7e
46a5624b87673e1c40b93ad6facb2214fb7ff7d7a61381edbceed0badf51ba47
4f24a908ac4abda28e395263967b3b526953158c8ad28a316cf6fccff40b35ca
616f0380533194359c62cd8535b6951692c79bb921b7c3d89df994c54b01592c
6aedcbb73a7e7535a303a5f1460ca70140f9ba4ade6c7982bef01f601641f3a0
761250daf6a9fc6ae8fa4063e308029ede72dd4e8ef328b97ec5da62a3ac574a
80ebe821cafab38948605035f3eb6b6dc0f437554940c50cb78ff6bbbef63aeb
880e67b3fd6d73fce62403cb94dea6aa890f2547c5666b47a3ef4add8134fb03
881f1b3fc448d50f8bdff61f2c9f14d8c53c519dd0a1ca3fbd37e38cdabe835a
a4f5857e0684cf48abb79230cd50d35443a30da7d03021c5236e0ead6116e98b
afd14fa5b191c88d334e71bb2dd7a5faf9f25c15a3eb99d764bdfff11828de85
b63228fa5f87d801da03ce2ebec21948238298bee6db7fd2c00dc1fe09b5031e
ea131f1a6a0c09115d88164099411421a65c7b9add06b2bab4c31426844c4d8e
f9854e282bf970d1f1841d2227a4909f1aba8c913b1c51c65aa165fbc8dda5b2
fba73571c858f2a740ae0f034a83b23c1423521e89b8d4b0461120b7119e9c2b