bright.ai4z.in Open in urlscan Pro
2606:4700:3031::6815:465c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track-fs.i5bm.in/ga/click/2-50251654-5106-18992-37661-20594-fccee9a504-dd4bfc8935
Effective URL:
https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozma...
Submission: On October 07 via api (October 7th 2022, 2:53:30 pm UTC) from JP — Scanned from JP

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3031::6815:465c, located in United States and belongs to CLOUDFLARENET, US. The main domain is bright.ai4z.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 22nd 2021. Valid for: a year.

This is the only time bright.ai4z.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::ac43:af98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::6815:465c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	97.107.133.178 97.107.133.178	63949 (LINODE-AP...) (LINODE-AP Linode)
4	2606:4700::68... 2606:4700::6812:12b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:46e9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
21	9

1 2606:4700:3031::ac43:af98 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track-fs.i5bm.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:465c (United States)

ASN13335 (CLOUDFLARENET, US)

bright.ai4z.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 97.107.133.178 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 97-107-133-178.ip.linodeusercontent.com

roadssign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:12b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:46e9 (United States)

ASN13335 (CLOUDFLARENET, US)

get.geojs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

measurements-api.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	roadssign.com roadssign.com	683 KB
5	wonderpush.com cdn.by.wonderpush.com — Cisco Umbrella Rank: 30847 measurements-api.wonderpush.com — Cisco Umbrella Rank: 21144	112 KB
1	geojs.io get.geojs.io — Cisco Umbrella Rank: 17230	861 B
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	6 KB
1	ai4z.in bright.ai4z.in	4 KB
1	i5bm.in 1 redirects track-fs.i5bm.in	760 B
0	capitalrtv.com Failed mtp.capitalrtv.com Failed
21	9

	Domain	Requested by
10	roadssign.com	bright.ai4z.in
4	cdn.by.wonderpush.com	bright.ai4z.in cdn.by.wonderpush.com
1	measurements-api.wonderpush.com	cdn.by.wonderpush.com
1	get.geojs.io	cdn.by.wonderpush.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	roadssign.com
1	cdnjs.cloudflare.com	bright.ai4z.in
1	bright.ai4z.in
1	track-fs.i5bm.in	1 redirects
0	mtp.capitalrtv.com Failed	bright.ai4z.in
21	10

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-22` - `2022-11-21`	a year	crt.sh
roadssign.com R3	`2022-10-04` - `2023-01-02`	3 months	crt.sh
wonderpush.com Cloudflare Inc ECC CA-3	`2022-09-25` - `2022-12-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
measurements-api.wonderpush.com GTS CA 1D4	`2022-08-13` - `2022-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Frame ID: 51D7BFEA2C9973518DF98253B0B3E79C
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track & Trace

Page URL History Show full URLs

https://track-fs.i5bm.in/ga/click/2-50251654-5106-18992-37661-20594-fccee9a504-dd4bfc8935 HTTP 302
https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

851 kB
Transfer

1248 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track-fs.i5bm.in/ga/click/2-50251654-5106-18992-37661-20594-fccee9a504-dd4bfc8935 HTTP 302
https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request SqVN_8u Show response
bright.ai4z.in/
Redirect Chain

https://track-fs.i5bm.in/ga/click/2-50251654-5106-18992-37661-20594-fccee9a504-dd4bfc8935
https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti

15 KB
4 KB

1621ms
1611ms

Document
text/html

2606:4700:3031::6815:465c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:465c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.14
Resource Hash: a5b3c4e5fce6bbc303aff711374ca566b10de6271668f30b08e421f6e0e3ce4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 756777488ebd8a7b-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 07 Oct 2022 14:53:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDcwAs45758JKsfiCA2geExui8QAD9Zn4aN3%2F8Zy50tYYNHdELP3mRvbFD1hOsnWS71B0%2FO0xbbTngZu1AoARQuQmZCOSbFipm9Hx9ACrgCuhFCp8I%2BoEkjM8gEF3V2FXQvU1byj8qx9Kq3GhA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.14

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75677745ce5434e7-NRT
content-type: text/html; charset=utf-8
date: Fri, 07 Oct 2022 14:53:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoKWiKOHYI2d2jYsxp%2FAFQC25e1Hx9QY0Nib3OODe35eq%2BJt66Sa4gj0B9qKlKavGFBWuWGuQcIuQFUVBYKgoU8BbycpTdh3y21DeOLh6DmFDOPPE8b24%2B1bjKTu8R%2FI%2BIwXiOrBTAqMPlm8VEhy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
status: 302 Found
x-powered-by: Phusion Passenger 6.0.4
x-rack-cache: miss
x-request-id: e994d517566c051f8ebd1e67eeb6d944
x-runtime: 0.027182
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 27 KB
6 KB 22ms
8ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:53:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6809959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4972
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-6b4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxbGp0zmJt9ZKgzF4ZqxwuFqA2i4FtMpNX9Fodgsla2DJV9aM%2BBmYaPiFYPxILrBTSRAqQ9DKNjrwo4c%2FMFTvMMvnlyrUTNU7iLpEBbttNa%2FD%2FmkDg%2BrG%2FIAQJZvtLu0XyGjKCOydRHFJlFhHdYjSvWq"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75677752cd41f5b7-NRT
expires: Wed, 27 Sep 2023 14:53:24 GMT

GET
H/1.1 200
OK bootstrap.min.css
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 118 KB
119 KB 731ms
230ms Stylesheet
text/css 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/bootstrap.min.css
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:24 GMT
Last-Modified: Wed, 17 Aug 2022 11:39:49 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "1d970-5e66e52963917"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 121200

GET
H/1.1 200
OK custom.css
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 40 KB
40 KB 736ms
235ms Stylesheet
text/css 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/custom.css
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: f1ca1bdc39cf7fdd6d3dbfa2d5b36f608c33008a783f5a70f4de38411c6bbbf9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:24 GMT
Last-Modified: Wed, 17 Aug 2022 11:39:53 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "9fe2-5e66e52c6d62f"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 40930

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 1 KB
1 KB 18ms
8ms Script
application/javascript 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd46fe838a93f6e3a83c128d27d67d59e8cc70a9993c5e27e7921c414a06b99e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:53:25 GMT
content-encoding: gzip
via: 1.1 8d9b5e8482bf535887ab85bd4a6a4830.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: LAX50-C1
age: 17604
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 695
last-modified: Mon, 03 Oct 2022 09:57:19 GMT
server: cloudflare
etag: "1e8caf5810dd1a4c92728cb606169b17ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7567775b2e247827-NRT
x-amz-cf-id: ZzHcWucKRUD6kUP1dhcCW9djDgh-pRBTXf61CJLk1sd3GrvWPJ0Tsg==

GET
H/1.1 200
OK trackpackageblue.jpeg
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 168 KB
168 KB 523ms
230ms Image
image/jpeg 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/trackpackageblue.jpeg
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: 235798df18b044dc8c326d79293465c51c3b01312dd210a683c3b87481d73c51

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:26 GMT
Last-Modified: Wed, 17 Aug 2022 11:40:44 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "29eb5-5e66e55d19db8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 171701

GET
H/1.1 200
OK icon-box.jpeg
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 161 KB
162 KB 552ms
230ms Image
image/jpeg 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/icon-box.jpeg
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: 219e5c49c0ff31f129d37e531723e3092c3130b1c570f865171495c310c5598b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:26 GMT
Last-Modified: Wed, 17 Aug 2022 11:40:15 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "28573-5e66e5421f3e1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 165235

GET
H/1.1 200
OK red.png
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 2 KB
2 KB 562ms
232ms Image
image/png 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/red.png
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: af6aa7f578480bea1c63ace8927971b9db4088149e13039dfaeef3f0337e3514

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:26 GMT
Last-Modified: Wed, 17 Aug 2022 11:40:23 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "883-5e66e5491bc8e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2179

GET
H/1.1 200
OK icon-check.svg
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 758 B
1 KB 646ms
305ms Image
image/svg+xml 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/icon-check.svg
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: 8bd9c761a61c61b34be605d32658170334606c2ce8e48bab4f6c5bf501a42410

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:26 GMT
Last-Modified: Wed, 17 Aug 2022 11:40:02 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "2f6-5e66e53556988"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 758

GET
H/1.1 200
OK prd.jpg
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 60 KB
60 KB 348ms
232ms Image
image/jpeg 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/prd.jpg
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: cc91c5ca0fae94d80da5100069c4bb0038330eb6bfe92860e9d9c05312e8ca4e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:25 GMT
Last-Modified: Wed, 17 Aug 2022 11:40:21 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "eeb6-5e66e5473d471"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 61110

GET lander_lp
mtp.capitalrtv.com/ 0
0

GET
H/1.1 200
OK socialfn1.jpeg
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 9 KB
10 KB 369ms
232ms Image
image/jpeg 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/socialfn1.jpeg
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: be7ac25693f6b24af2a5adda4baa28bb956bfab6f1b740ae5e03c4d23fe1c277

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:26 GMT
Last-Modified: Wed, 17 Aug 2022 11:40:25 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "24ef-5e66e54ba6686"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9455

GET
H/1.1 200
OK jquery.min.js Show response
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 85 KB
85 KB 236ms
236ms Script
application/javascript 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/jquery.min.js
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:25 GMT
Last-Modified: Wed, 17 Aug 2022 11:40:10 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "1538e-5e66e53d399a4"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 86926

GET
H/1.1 200
OK bootstrap.min.js Show response
roadssign.com/eml/CH-SwissPost-TT-Aug22/all/ 36 KB
36 KB 234ms
234ms Script
application/javascript 97.107.133.178
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/bootstrap.min.js
Requested by: Host: bright.ai4z.in
URL: https://bright.ai4z.in/SqVN_8u?yby_Ax=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti%40hozmail.com&s3=Hermann&s4=Hefti
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 97.107.133.178 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: 97-107-133-178.ip.linodeusercontent.com
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 14:53:25 GMT
Last-Modified: Wed, 17 Aug 2022 11:39:47 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag: "90b5-5e66e5276a34c"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 37045

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 268ms
229ms Stylesheet
text/css 2404:6800:4004:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: roadssign.com
URL: https://roadssign.com/eml/CH-SwissPost-TT-Aug22/all/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://roadssign.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 14:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 13:32:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 14:53:25 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 43ms
4ms Font
font/woff2 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bright.ai4z.in
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 18:58:45 GMT
x-content-type-options: nosniff
age: 330880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 18:58:45 GMT

GET
H2 200 wonderpush.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.33.6/ 450 KB
108 KB 11ms
10ms Script
application/javascript 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.33.6/wonderpush.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c35634da0ed3e7d1512e4da0d87a1bf5b23d7df3660b16c21f203c70cba60f1e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:53:28 GMT
content-encoding: gzip
via: 1.1 538a08eba98551a196e344df4d0dda06.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: LAX50-C1
age: 363271
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109750
last-modified: Mon, 03 Oct 2022 09:57:14 GMT
server: cloudflare
etag: "844a17012ea7a49929c652aa9f41a95ced6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7567776e2beb7827-NRT
x-amz-cf-id: dq4ssw4z11QpfSUYgSg-YMGeiReMURrC_hdYcVv5g1rgnoUPhyzZYw==

GET
H3 200 41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0 Show response
cdn.by.wonderpush.com/config/webkeys/ 2 KB
1 KB 23ms
16ms Fetch
application/json 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0?_=1665154408714
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.6/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26bcc674b8d135f02ccd03937db80d3740174e6eca968b9f552aaaa84b93d25c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:53:28 GMT
content-encoding: gzip
via: 1.1 642d6c61e3fb5d29e49992176628bf94.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ORD53-C3
age: 2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 716
last-modified: Mon, 03 Oct 2022 10:35:20 GMT
server: cloudflare
etag: "57ee25726020b90b963bfe3c15a3dcb8ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7567776e8f201fae-NRT
x-amz-cf-id: P2gS8ZYwNvC5kimG_Ay9tHmAxO-Gx8KYFGeSb1DFH7XF8CaDo8Fm4g==

GET
H3 200 geojs.js Show response
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ 2 KB
1 KB 8ms
7ms Script
application/javascript 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.6/wonderpush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:53:28 GMT
content-encoding: gzip
via: 1.1 f4ae8c7714a9bd89828bad25fc96be24.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: YVR50-C1
age: 2302642
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1055
last-modified: Mon, 22 Jun 2020 15:30:23 GMT
server: cloudflare
etag: "eade35070a4a96bcbeb77c55c1856e96ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,stale-while-revalidate=2592000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7567776eae768a6c-NRT
x-amz-cf-id: k9HQIssOO7KiipStwkRXv1R-IwjsK74LyXVK5m2vTbMQP3e9A4kZhA==

GET
DATA 200
OK truncated
/ 981 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f59f3632ecd53a95c0f360bd613bdd269b4aff3afa0fcb04ceaaf7c99d53fd96

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 geo.json Show response
get.geojs.io/v1/ip/ 331 B
861 B 104ms
98ms XHR
application/json 2606:4700:20::ac43:46e9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.geojs.io/v1/ip/geo.json

Requested by

Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f59df5dabec826e51e7126baad86896b675e38076ad7ddf0f10e311be5ecc5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://bright.ai4z.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 14:53:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: b665bf882619e7dfcfb240d1a9a22af6-SIN
x-geojs-location: SIN
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QofVJlnkr%2F6qudNDxBLlTCXZiiSBN6XaYDkfJEckLbe2u6lwefLLcgBdWLssNa2giHv9OqP2dExhSMyrfHUtChYZsEEG%2F8fFQVTGA1xUw0L%2B2%2Fbcm8xU9u7ZTY8VGdMSJQAK8gqKCQk%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
cf-ray: 7567776ef84ef619-NRT

POST
H2 202 events Show response
measurements-api.wonderpush.com/v1/ 93 B
269 B 349ms
306ms XHR
application/json 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://measurements-api.wonderpush.com/v1/events
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.6/wonderpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2798614aa78e13c97f64cf9f83c0db7615174e71e03622fadff022b38b894e13

Request headers

Referer: https://bright.ai4z.in/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://bright.ai4z.in
x-cloud-trace-context: 0f191f49f90271934c9c6ebc452197f0
date: Fri, 07 Oct 2022 14:53:28 GMT
access-control-allow-credentials: true
server: Google Frontend
content-length: 93
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mtp.capitalrtv.com
URL: https://mtp.capitalrtv.com/lander_lp?lp=ZH12jnJnbmtfn691l59pcGJze3qEooynqaOfpcFuqoZfa2KjY31yjmtiaIGD/hermannhefti@hozmail.com

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bright.ai4z.in
cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
measurements-api.wonderpush.com
mtp.capitalrtv.com
roadssign.com
track-fs.i5bm.in
mtp.capitalrtv.com
2001:4860:4802:36::15
2404:6800:4004:80c::200a
2404:6800:4004:811::2003
2606:4700:20::ac43:46e9
2606:4700:3031::6815:465c
2606:4700:3031::ac43:af98
2606:4700::6811:190e
2606:4700::6812:12b7
97.107.133.178
219e5c49c0ff31f129d37e531723e3092c3130b1c570f865171495c310c5598b
235798df18b044dc8c326d79293465c51c3b01312dd210a683c3b87481d73c51
26bcc674b8d135f02ccd03937db80d3740174e6eca968b9f552aaaa84b93d25c
2798614aa78e13c97f64cf9f83c0db7615174e71e03622fadff022b38b894e13
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8bd9c761a61c61b34be605d32658170334606c2ce8e48bab4f6c5bf501a42410
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a5b3c4e5fce6bbc303aff711374ca566b10de6271668f30b08e421f6e0e3ce4c
af6aa7f578480bea1c63ace8927971b9db4088149e13039dfaeef3f0337e3514
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
be7ac25693f6b24af2a5adda4baa28bb956bfab6f1b740ae5e03c4d23fe1c277
c35634da0ed3e7d1512e4da0d87a1bf5b23d7df3660b16c21f203c70cba60f1e
cc91c5ca0fae94d80da5100069c4bb0038330eb6bfe92860e9d9c05312e8ca4e
cd46fe838a93f6e3a83c128d27d67d59e8cc70a9993c5e27e7921c414a06b99e
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
f1ca1bdc39cf7fdd6d3dbfa2d5b36f608c33008a783f5a70f4de38411c6bbbf9
f59df5dabec826e51e7126baad86896b675e38076ad7ddf0f10e311be5ecc5aa
f59f3632ecd53a95c0f360bd613bdd269b4aff3afa0fcb04ceaaf7c99d53fd96
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

bright.ai4z.in Open in urlscan Pro 2606:4700:3031::6815:465c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

89 %IPv6

9 Domains

10 Subdomains

9 IPs

2 Countries

851 kBTransfer

1248 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

0 Cookies

Indicators

bright.ai4z.in Open in urlscan Pro
2606:4700:3031::6815:465c Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

851 kB
Transfer

1248 kB
Size

0
Cookies

21 HTTP transactions
1 data transactions