rhl-brua2.kylinvc.com Open in urlscan Pro
2606:4700:3034::681b:8cd6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trk-beet.caar-international.com/ga/click/2-5616890-372-5412-10453-10804-7b790330db-b56e5dfea6
Effective URL:
https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Submission: On May 15 via manual (May 15th 2020, 9:42:12 am UTC) from IN

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3034::681b:8cd6, located in United States and belongs to CLOUDFLARENET, US. The main domain is rhl-brua2.kylinvc.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 20th 2020. Valid for: 8 months.

This is the only time rhl-brua2.kylinvc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3033::681c:1b7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3034::681b:8cd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:12b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
22	5

2 2606:4700:3033::681c:1b7f (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

trk-beet.caar-international.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3034::681b:8cd6 (United States)

ASN13335 (CLOUDFLARENET, US)

rhl-brua2.kylinvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:12b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	kylinvc.com rhl-brua2.kylinvc.com	925 KB
3	gstatic.com fonts.gstatic.com	33 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	caar-international.com 2 redirects trk-beet.caar-international.com	1 KB
1	wonderpush.com cdn.by.wonderpush.com	1 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
22	6

	Domain	Requested by
15	rhl-brua2.kylinvc.com	rhl-brua2.kylinvc.com
3	fonts.gstatic.com	rhl-brua2.kylinvc.com
2	fonts.googleapis.com	rhl-brua2.kylinvc.com
2	trk-beet.caar-international.com	2 redirects
1	cdn.by.wonderpush.com	rhl-brua2.kylinvc.com
1	cdnjs.cloudflare.com	rhl-brua2.kylinvc.com
22	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-20` - `2020-10-09`	8 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.by.wonderpush.com Gandi Standard SSL CA 2	`2019-05-27` - `2020-06-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Frame ID: 80F531D23EDFAAF432D550D6B4CBDA66
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://trk-beet.caar-international.com/ga/click/2-5616890-372-5412-10453-10804-7b790330db-b56e5dfea6 HTTP 301
https://trk-beet.caar-international.com/ga/click/2-5616890-372-5412-10453-10804-7b790330db-b56e5dfea6 HTTP 302
https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

967 kB
Transfer

1301 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk-beet.caar-international.com/ga/click/2-5616890-372-5412-10453-10804-7b790330db-b56e5dfea6 HTTP 301
https://trk-beet.caar-international.com/ga/click/2-5616890-372-5412-10453-10804-7b790330db-b56e5dfea6 HTTP 302
https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request rk Show response
rhl-brua2.kylinvc.com/
Redirect Chain

http://trk-beet.caar-international.com/ga/click/2-5616890-372-5412-10453-10804-7b790330db-b56e5dfea6
https://trk-beet.caar-international.com/ga/click/2-5616890-372-5412-10453-10804-7b790330db-b56e5dfea6
https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com

10 KB
4 KB

1062ms
942ms

Document
text/html

2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.1
Resource Hash: cbd261d081038a841da0afc8b80f1a844d8f9e55b00f6850eb72a1213b7bef44

Request headers

:method: GET
:authority: rhl-brua2.kylinvc.com
:scheme: https
:path: /rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 15 May 2020 09:41:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d30dc052bad4268195ac1c4e74b47684f1589535711; expires=Sun, 14-Jun-20 09:41:51 GMT; path=/; domain=.kylinvc.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.2.1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 593be7d56d6d325c-FRA
content-encoding: br
cf-request-id: 02b94f39610000325c5407f200000001

Redirect headers

status: 302 302 Found
date: Fri, 15 May 2020 09:41:51 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d507b9c5510994a86c516edb03ad7a1411589535711; expires=Sun, 14-Jun-20 09:41:51 GMT; path=/; domain=.caar-international.com; HttpOnly; SameSite=Lax; Secure
x-rack-cache: miss
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
x-request-id: 40eb16033e139a1fe4b26a98adf48be1
x-ua-compatible: IE=Edge,chrome=1
x-runtime: 0.019892
expires: Mon, 01 Jan 1990 00:00:00 GMT
x-powered-by: Phusion Passenger 5.3.7
location: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 593be7d28fcbdff7-FRA
cf-request-id: 02b94f37990000dff7219e8200000001

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 15ms
12ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8475323
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02b94f3d160000074a49b0a200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 593be7db5b64074a-FRA
expires: Wed, 05 May 2021 09:41:52 GMT

GET
H2 200 bootstrap.min.css
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 118 KB
18 KB 456ms
453ms Stylesheet
text/css 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/bootstrap.min.css
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:06:15 GMT
server: cloudflare
etag: W/"1d970-5a37b60539365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593be7db5df5325c-FRA
cf-request-id: 02b94f3d160000325c540bc200000001

GET
H2 200 animate.css
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 56 KB
4 KB 230ms
227ms Stylesheet
text/css 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/animate.css
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 17 Apr 2020 12:06:15 GMT
server: cloudflare
etag: W/"df07-5a37b6052ef55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593be7db5df8325c-FRA
cf-request-id: 02b94f3d160000325c540bd200000001

GET
H2 200 custome.css
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 46 KB
9 KB 373ms
371ms Stylesheet
text/css 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/custome.css
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eab77d4b7d4224f3508ab644f501166f6d1865ff4c9b41c03e30f0e4cd9b85d

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:06:15 GMT
server: cloudflare
etag: W/"b799-5a37b6054338d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 593be7db5dfa325c-FRA
cf-request-id: 02b94f3d160000325c540be200000001

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 887 B
1 KB 105ms
27ms Script
application/javascript 2606:4700::6812:12b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b6f6a2d5e136e857c17b23997308bb5db803f797835728e1727e78aaf5b6d8

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 65443
x-cache: Hit from cloudfront
status: 200
access-control-max-age: 86400
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 497
cf-request-id: 02b94f3d66000064d9e42f7200000001
access-control-allow-origin: *
last-modified: Wed, 29 Apr 2020 15:30:42 GMT
server: cloudflare
etag: "b5b3356ae20a169d04c5399bc28cd75fed6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: HEAD, GET
content-type: application/javascript
via: 1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
cf-ray: 593be7dbd82964d9-FRA
x-amz-cf-id: gsTysF4-260rQItahuTqqyj2Ouk5ovfh_pWBclNehyTYxS7BYlwSdA==

GET
H2 200 search.png
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 25 KB
25 KB 2129ms
2125ms Image
image/png 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/search.png
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8cb7158bf2112e187ac18bd8a48749bb1ae2dfd8106dcf0a0af805a0842c52

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:54 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:02:42 GMT
server: cloudflare
etag: "6362-5a37b53992725"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7db5e09325c-FRA
content-length: 25442
cf-request-id: 02b94f3d180000325c540c2200000001

GET
H2 200 icon-box.png
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 743 KB
744 KB 445ms
442ms Image
image/png 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/icon-box.png
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb1f259288d41a7dd472fa934c39a09893406d30471b9e2ab10b815ac66e4612

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:02:42 GMT
server: cloudflare
etag: "b9d86-5a37b53971f9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7db5e0b325c-FRA
content-length: 761222
cf-request-id: 02b94f3d180000325c540c3200000001

GET
H2 200 ajax-loader.gif
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 11 KB
11 KB 3043ms
3040ms Image
image/gif 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ajax-loader.gif
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476a7b1085cc64de1c0eb74a6776fa8385d57eb18774f199df83fc4d7bbcc24e

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:55 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:02:41 GMT
server: cloudflare
etag: "2a43-5a37b538f3445"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7db5e0e325c-FRA
content-length: 10819
cf-request-id: 02b94f3d180000325c540c4200000001

GET
H2 200 sun.png
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 3 KB
3 KB 214ms
211ms Image
image/png 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/sun.png
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 318918b712d23c2ca29fb48ed113af35726c95cdf9925f614ee9a9e82ae4e009

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 17 Apr 2020 12:02:42 GMT
server: cloudflare
etag: "cc7-5a37b539b51d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7db5e0f325c-FRA
content-length: 3271
cf-request-id: 02b94f3d180000325c540c5200000001

GET
H2 200 moon.png
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 3 KB
4 KB 208ms
205ms Image
image/png 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/moon.png
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48b62b2761d81ea67df4b0babc1d3b26b76e2c11eba9dc62de18b0d0f028ea1

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:02:42 GMT
server: cloudflare
etag: "d80-5a37b5397fe45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7db5e12325c-FRA
content-length: 3456
cf-request-id: 02b94f3d180000325c540c6200000001

GET
H2 200 error.png
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 5 KB
5 KB 1034ms
1031ms Image
image/png 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/error.png
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc2a9255487b26e9937e09b0bba149fd6a18f076db3cd495f9650b3a33821a2

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:53 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:02:42 GMT
server: cloudflare
etag: "131e-5a37b5395f6bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7db5e13325c-FRA
content-length: 4894
cf-request-id: 02b94f3d180000325c540c7200000001

GET
H2 200 Corona.png
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 7 KB
7 KB 2036ms
2033ms Image
image/png 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/Corona.png
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d63ceadee38586a2be289462c242a32d41b42bce3b6bb3a0c6ff2edde4d0b419

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:54 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:20:35 GMT
server: cloudflare
etag: "1ba6-5a37b93894955"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7db5e16325c-FRA
content-length: 7078
cf-request-id: 02b94f3d180000325c540c8200000001

GET
H2 200 jquery.min.js Show response
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 85 KB
29 KB 374ms
370ms Script
application/javascript 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/jquery.min.js
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:06:16 GMT
server: cloudflare
etag: W/"1538e-5a37b60555885"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593be7db5e02325c-FRA
cf-request-id: 02b94f3d180000325c540bf200000001

GET
H2 200 wow.js Show response
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 16 KB
4 KB 286ms
282ms Script
application/javascript 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/wow.js
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be7c8eb016d4564431a764b673536472756559248bbb6dbbfbaa1be4d1fe219

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:06:16 GMT
server: cloudflare
etag: W/"4015-5a37b6055fc95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593be7db5e05325c-FRA
cf-request-id: 02b94f3d180000325c540c0200000001

GET
H2 200 bootstrap.min.js Show response
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 36 KB
9 KB 294ms
291ms Script
application/javascript 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/bootstrap.min.js
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:06:16 GMT
server: cloudflare
etag: W/"90b5-5a37b6054d3b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 593be7db5e07325c-FRA
cf-request-id: 02b94f3d180000325c540c1200000001

GET
H2 200 css
fonts.googleapis.com/ 1 KB
536 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bevan&subset=latin-ext,vietnamese

Requested by

Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f3b236e89ca45e623234a8767e955f7f771e078ba5909310f51881e8d4b5a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 09:41:53 GMT
server: ESF
date: Fri, 15 May 2020 09:41:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 09:41:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i

Requested by

Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

869cdf77c9817e1a40651708800da8acb0e17f4b2a7d1050b1ec37f54830a947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 09:41:53 GMT
server: ESF
date: Fri, 15 May 2020 09:41:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 09:41:53 GMT

GET
H2 200 bg.jpg
rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/ 48 KB
48 KB 2699ms
2699ms Image
image/jpeg 2606:4700:3034::681b:8cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/bg.jpg
Requested by: Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:8cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2559f20696797693ad71ecffae04fc813065981f4e63a52389de8f3371dc6377

Request headers

Referer: https://rhl-brua2.kylinvc.com/allcustomfiles/CH-Express-Track/custome.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 09:41:55 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Apr 2020 12:02:41 GMT
server: cloudflare
etag: "c02f-5a37b539287d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 593be7de8ec0325c-FRA
content-length: 49199
cf-request-id: 02b94f3f140000325c540f9200000001

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Origin: https://rhl-brua2.kylinvc.com

Response headers

date: Fri, 17 Apr 2020 00:29:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2452322
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 17 Apr 2021 00:29:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Origin: https://rhl-brua2.kylinvc.com

Response headers

date: Fri, 08 May 2020 19:19:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 570168
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 08 May 2021 19:19:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: rhl-brua2.kylinvc.com
URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i
Origin: https://rhl-brua2.kylinvc.com

Response headers

date: Wed, 13 May 2020 03:42:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 194370
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Thu, 13 May 2021 03:42:23 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kylinvc.com/	1970-01-19 10:15:27	Name: __cfduid Value: d30dc052bad4268195ac1c4e74b47684f1589535711

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://rhl-brua2.kylinvc.com/rk?no=aYVwlG1mcWKEmLqxy5qmnnx0YpCJjIx0fGBoYsBxj2o/kevin.gill%40csfb.com(Line 151) Message: WOW: animating <div>

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
rhl-brua2.kylinvc.com
trk-beet.caar-international.com
2606:4700:3033::681c:1b7f
2606:4700:3034::681b:8cd6
2606:4700::6810:84e5
2606:4700::6812:12b7
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3b236e89ca45e623234a8767e955f7f771e078ba5909310f51881e8d4b5a7d
2559f20696797693ad71ecffae04fc813065981f4e63a52389de8f3371dc6377
318918b712d23c2ca29fb48ed113af35726c95cdf9925f614ee9a9e82ae4e009
476a7b1085cc64de1c0eb74a6776fa8385d57eb18774f199df83fc4d7bbcc24e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5eab77d4b7d4224f3508ab644f501166f6d1865ff4c9b41c03e30f0e4cd9b85d
6be7c8eb016d4564431a764b673536472756559248bbb6dbbfbaa1be4d1fe219
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
869cdf77c9817e1a40651708800da8acb0e17f4b2a7d1050b1ec37f54830a947
9d8cb7158bf2112e187ac18bd8a48749bb1ae2dfd8106dcf0a0af805a0842c52
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
b4b6f6a2d5e136e857c17b23997308bb5db803f797835728e1727e78aaf5b6d8
cb1f259288d41a7dd472fa934c39a09893406d30471b9e2ab10b815ac66e4612
cbd261d081038a841da0afc8b80f1a844d8f9e55b00f6850eb72a1213b7bef44
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d63ceadee38586a2be289462c242a32d41b42bce3b6bb3a0c6ff2edde4d0b419
e48b62b2761d81ea67df4b0babc1d3b26b76e2c11eba9dc62de18b0d0f028ea1
ecc2a9255487b26e9937e09b0bba149fd6a18f076db3cd495f9650b3a33821a2
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

rhl-brua2.kylinvc.com Open in urlscan Pro 2606:4700:3034::681b:8cd6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

967 kBTransfer

1301 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

rhl-brua2.kylinvc.com Open in urlscan Pro
2606:4700:3034::681b:8cd6 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

967 kB
Transfer

1301 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions