urlscan.io logo urlscan.io
SecurityTrails logo

zurichnights.com Open in urlscan Pro
35.166.17.12  Public Scan

Go To Rescan Add Verdict Report
URL: https://zurichnights.com/
Submission: On December 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 20 HTTP transactions. The main IP is 35.166.17.12, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is zurichnights.com.
TLS certificate: Issued by R3 on December 5th 2023. Valid for: 3 months.
This is the only time zurichnights.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    35.166.17.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-17-12.us-west-2.compute.amazonaws.com
zurichnights.com
3    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2600:9000:21d5:2200:14:692e:a300:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.urbaninteractive.com
7    2600:9000:203a:ac00:1:fa24:cf00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.geetest.com
1    2607:f8b0:400d:c0e::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    43.159.107.100 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
gcaptcha4.geetest.com
1    13.32.151.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-59.iad66.r.cloudfront.net
t.escrow.com
Apex Domain
Subdomains		 Transfer
8 geetest.com
static.geetest.com — Cisco Umbrella Rank: 42247
gcaptcha4.geetest.com — Cisco Umbrella Rank: 74843
295 KB
3 urbaninteractive.com
cdn.urbaninteractive.com
440 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
262 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 zurichnights.com
zurichnights.com
1 KB
1 escrow.com
t.escrow.com
398 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
886 B
20 7
Domain Requested by
7 static.geetest.com zurichnights.com
static.geetest.com
3 cdn.urbaninteractive.com zurichnights.com
3 cdn.jsdelivr.net zurichnights.com
2 fonts.gstatic.com fonts.googleapis.com
2 zurichnights.com cdn.jsdelivr.net
1 t.escrow.com
1 gcaptcha4.geetest.com static.geetest.com
1 fonts.googleapis.com cdn.jsdelivr.net
20 8

This site contains links to these domains. Also see Links.

Domain
www.godaddy.com
gerrypacher.ch
www.geetest.com
Subject Issuer Validity Valid
urbaninteractive.com
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.geetest.com
GeoTrust TLS RSA CA G1		 2023-03-28 -
2024-04-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
t.escrow.com
Amazon RSA 2048 M02		 2023-03-03 -
2024-03-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://zurichnights.com/
Frame ID: 2A5450BE7AD1DB209DC552D638A117B0
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ZURICHNIGHTS.COM is for sale

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+semantic(?:\.min)\.css"
  • /semantic(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1046 kB
Transfer

2388 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zurichnights.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zurichnights.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.166.17.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-17-12.us-west-2.compute.amazonaws.com
Software
nginx-more / Express
Resource Hash
ab36b3064b8c9e8972e9cb4288425c05eb17962f6aeb8836b6e85140982a8b0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Tue, 05 Dec 2023 15:56:17 GMT
ETag
W/"b9f-jQ4QF++YFJ/CHQhPUf6wgVInTys"
Server
nginx-more
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express
semantic.min.css
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/ 		614 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Requested by
Host: zurichnights.com
URL: https://zurichnights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Dec 2023 15:56:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
1779752
x-jsd-version
2.4.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
107615
x-served-by
cache-fra-eddf8230050-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type
version
etag
W/"99738-xBtVnjRc5piOJZyFKbhk0QxxYOQ"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.min.css
cdn.urbaninteractive.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.urbaninteractive.com/css/style.min.css?1.07
Requested by
Host: zurichnights.com
URL: https://zurichnights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21d5:2200:14:692e:a300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-more /
Resource Hash
56aede748a1064c0a84a8f1bfa799d3800f4c437884d3e1d3ee8b4d986b0b47c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:35:55 GMT
content-encoding
gzip
via
1.1 8dc256e43720ba0f5d01b9e6cd4ce544.cloudfront.net (CloudFront)
last-modified
Sun, 13 Sep 2020 08:25:43 GMT
server
nginx-more
x-amz-cf-pop
ORD51-C2
age
1222
etag
W/"5f5dd787-97e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
64hi3HigfTyULwcr1vyRbny0tOv_hL4tCOBNECoSdGxnb1l60_fUFQ==
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Requested by
Host: zurichnights.com
URL: https://zurichnights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Dec 2023 15:56:17 GMT
x-content-type-options
nosniff
age
2466983
x-jsd-version
3.5.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
89476
x-served-by
cache-fra-eddf8230128-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type
version
etag
W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
semantic.min.js
cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/ 		269 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.js
Requested by
Host: zurichnights.com
URL: https://zurichnights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0a04a8582f70e7036623568df1d20c2bee833de95412dbc3afe05cda6ff4371f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Dec 2023 15:56:17 GMT
x-content-type-options
nosniff
content-encoding
br
age
4285338
x-jsd-version
2.4.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
70398
x-served-by
cache-fra-etou8220046-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type
version
etag
W/"43512-PR9QEjcC6Nc1PZjwS12BntUL6DY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
gt4.js
static.geetest.com/v4/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/v4/gt4.js
Requested by
Host: zurichnights.com
URL: https://zurichnights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:ac00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee95c2d52cbebcb785b9cee2d7b7e712587229851b6cecc3a11fc1bffe2adac9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 02:19:06 GMT
content-encoding
gzip
via
1.1 29cac7767e3846e444e0942fa7013c16.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 02:16:43 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C2
age
49032
etag
W/"bfa3fb2115d23b6fe0e2ae32ee9a0e99"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
hn6ZL-GCpUX_a7xtA6led_j0XcEGAlW_hiHUMkIQOHQ6etMwgEP48Q==
x-amz-meta-mtime
1701742397
main.min.js
cdn.urbaninteractive.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.urbaninteractive.com/js/main.min.js?v=0.054
Requested by
Host: zurichnights.com
URL: https://zurichnights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21d5:2200:14:692e:a300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-more /
Resource Hash
3fc95774ce97cc1f880b317d87235c91fb2c2701eabbaa0eb01dac349ab82853

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:09:59 GMT
content-encoding
gzip
via
1.1 8dc256e43720ba0f5d01b9e6cd4ce544.cloudfront.net (CloudFront)
last-modified
Fri, 06 Oct 2023 20:39:43 GMT
server
nginx-more
x-amz-cf-pop
ORD51-C2
age
6378
etag
W/"6520708f-e33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
x-amz-cf-id
EDylVsDY_DqQs0S5vwh_TnC5HRMXhUFBsxQ5f3yg4Z6Ru1TI3yOGhA==
css
fonts.googleapis.com/ 		3 KB
886 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/semantic-ui@2.4.2/dist/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.jsdelivr.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 15:56:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Dec 2023 15:52:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 15:56:17 GMT
zurich.jpg
cdn.urbaninteractive.com/images/ 		437 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.urbaninteractive.com/images/zurich.jpg
Requested by
Host: zurichnights.com
URL: https://zurichnights.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21d5:2200:14:692e:a300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx-more /
Resource Hash
fb542168f5dc6c0cbda3104bcf04b0dc744b90de5d2e76e6e63dc6b0f0942345

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:14:43 GMT
via
1.1 8dc256e43720ba0f5d01b9e6cd4ce544.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 23:34:14 GMT
server
nginx-more
x-amz-cf-pop
ORD51-C2
age
6094
etag
"5f29f076-6d245"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
447045
x-amz-cf-id
D6STJv-xqurnvwOrGvpTHH4MQj7RMfhjtoZjFJfI4fsQ8n5E-8us4Q==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zurichnights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 03:58:27 GMT
x-content-type-options
nosniff
age
302270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 03:58:27 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://zurichnights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 05:35:21 GMT
x-content-type-options
nosniff
age
382856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 05:35:21 GMT
trk
zurichnights.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zurichnights.com/trk
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.166.17.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-166-17-12.us-west-2.compute.amazonaws.com
Software
nginx-more / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://zurichnights.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 05 Dec 2023 15:56:18 GMT
Server
nginx-more
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Content-Type
application/json; charset=utf-8
load
gcaptcha4.geetest.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gcaptcha4.geetest.com/load?callback=geetest_1701791785621&captcha_id=a9b9f1f7c203e5e0178ce74e19c96af8&challenge=5bbced53-ab46-49b7-8853-6d2779d59b1f&client_type=web&lang=eng
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/v4/gt4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash
1d2367db1a298d63e08b285bfb94171f61dc205f35d0e88a0fcc6b180e3cd065

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 15:56:18 GMT
server
TencentEdgeOne
eo-cache-status
MISS
etag
"52b935833f2594fa4b69b4805d6c7779e74928a7"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH,OPTIONS
content-type
text/javascript;charset=UTF-8
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
4461090686023849889
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,token,GeeToken
content-length
2030
expires
0
1px.gif
t.escrow.com/ 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.escrow.com/1px.gif?name=bin&price=960&title=Sale%20of%20zurichnights.com&user_id=324410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-59.iad66.r.cloudfront.net
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:56:18 GMT
via
1.1 603961b1b2dad8873023f00c2744bd6e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
x-amzn-trace-id
Root=1-656f4822-411c4e743683e6410437bb43;Sampled=0;lineage=2b9dc378:0
x-amzn-requestid
cb83080f-7984-4ea5-abb4-5fb789448797
x-cache
Miss from cloudfront
content-type
image/gif
x-amz-apigw-id
Peg1bH-wvHcEoag=
content-length
43
x-amz-cf-id
NWqknVHeEA0ZiYw5uKe7WmREiCvnU_dBJH5Dpz4uCFhT7jgcyU2AQA==
gct4.5a2e755576738ba0499d714db4f1c9e0.js
static.geetest.com/v4/gct/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/v4/gct/gct4.5a2e755576738ba0499d714db4f1c9e0.js
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/v4/gt4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:ac00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e72ac688b03131ba0cd4494a2311a9f425fb0bf97ced5ad86053b65f33a31d8

Request headers

Referer
https://zurichnights.com/
Origin
https://zurichnights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:14:45 GMT
content-encoding
gzip
via
1.1 ab5193a864f389c2c920a42689722418.cloudfront.net (CloudFront)
last-modified
Fri, 22 Apr 2022 06:31:52 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C2
age
6094
etag
W/"87a0a61a119e6b2b2f605f2e03387705"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
wCrJ0qZuoCuMeyUK2COp6-083CI-VADb736203SzEL29xoSzeZPuzA==
x-amz-meta-mtime
1650609020
gcaptcha4.js
static.geetest.com/v4/static/v1.7.5-ccc668/js/ 		710 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/v4/static/v1.7.5-ccc668/js/gcaptcha4.js
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/v4/gt4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:ac00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
208cf87949be6dadb6096c27b6638b24c49c3bdbcfa265b6f2fea802a68b9e0b

Request headers

Referer
https://zurichnights.com/
Origin
https://zurichnights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:14:45 GMT
content-encoding
gzip
via
1.1 ab5193a864f389c2c920a42689722418.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C2
age
6094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 01 Dec 2023 17:00:13 GMT
server
AmazonS3
etag
W/"b45862f1a1a7195a186fabc9d7cc4587"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
85REFIVQqui-zTX8ufQS_zj7wElpLZ0-9o573iLGstapj4HjMIDTuQ==
x-amz-meta-mtime
1701320638
gcaptcha4.css
static.geetest.com/v4/static/v1.7.5-ccc668/css/ 		105 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/v4/static/v1.7.5-ccc668/css/gcaptcha4.css
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/v4/static/v1.7.5-ccc668/js/gcaptcha4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:ac00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
5cfd42b565b93128bb2acf30621de4602a6b1db20d4e52e3fa5f96304b5adf23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 07:49:34 GMT
content-encoding
gzip
via
1.1 29cac7767e3846e444e0942fa7013c16.cloudfront.net (CloudFront)
x-oss-request-id
65683E8EF1D0713831DD01A2
content-md5
M/z1KRr0Zg8lb0dufwDxFQ==
x-amz-cf-pop
ORD53-C2
age
461205
x-cache
Hit from cloudfront
x-oss-object-type
Normal
last-modified
Thu, 30 Nov 2023 07:47:56 GMT
server
AliyunOSS
vary
Accept-Encoding, Origin
content-type
text/css
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7381584898935708327
x-amz-cf-id
QckkLGmwVFYfsJnOOV74JRpaNpR1lTPUAIQW25Yr7PckVyt-oBL7zg==
x-oss-server-time
1
eng.js
static.geetest.com/v4/static/v1.7.5-ccc668/i18n/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.geetest.com/v4/static/v1.7.5-ccc668/i18n/eng.js
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/v4/static/v1.7.5-ccc668/js/gcaptcha4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:ac00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eeb552fcdb75e5ea707a46ed0b4ebcc942ac679c09be86d81b6a5e72a436294f

Request headers

Referer
https://zurichnights.com/
Origin
https://zurichnights.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:14:45 GMT
content-encoding
gzip
via
1.1 ab5193a864f389c2c920a42689722418.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD53-C2
age
6095
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 01 Dec 2023 17:00:10 GMT
server
AmazonS3
etag
W/"f31e91737ac846efe11713d388f228c3"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
2L2fJCkibQ36E3oze96EEWAOOUCqKAFLl03R02oZWfqg7SwlWEGzCA==
x-amz-meta-mtime
1701320639
5d97c0dde37944008ed453e88c9777b2.png
static.geetest.com/pictures/v4_pic/slide_2021_07_14/Group78/bg/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.geetest.com/pictures/v4_pic/slide_2021_07_14/Group78/bg/5d97c0dde37944008ed453e88c9777b2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:ac00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66f940d77084d9916d34598fd46c176c2630c3588e08dd07e574d04513c72c34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:41:05 GMT
via
1.1 29cac7767e3846e444e0942fa7013c16.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 11:18:00 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C2
age
8115
etag
"93780a5a0e48f5bdec4b685faafeeef7"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
80131
x-amz-cf-id
yQg64DJG3r9FY5tDPl-MRsmne5lTmKsLSRsdO6FvdV9qtZgRsl-yNw==
x-amz-meta-mtime
1626257099
5d97c0dde37944008ed453e88c9777b2.png
static.geetest.com/pictures/v4_pic/slide_2021_07_14/Group78/slide/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.geetest.com/pictures/v4_pic/slide_2021_07_14/Group78/slide/5d97c0dde37944008ed453e88c9777b2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203a:ac00:1:fa24:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d5ed8d6a080fe38f9c3dcc7d5f8774c753f3547f425f83179b418c2eb96a980

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zurichnights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:30:16 GMT
via
1.1 29cac7767e3846e444e0942fa7013c16.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 11:18:00 GMT
server
AmazonS3
x-amz-cf-pop
ORD53-C2
age
516363
etag
"a99cca7feced50b4a65e4e7fd4c2a232"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9812
x-amz-cf-id
R4irbToH0tIOq33GApGqCX0GyWwpYivEQFgCVbTnqWzVoqbLBJ7-cQ==
x-amz-meta-mtime
1626257099

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| initGeetest4 function| addEvent function| init function| onClickModal function| onClick function| _gct function| bJQwh function| setImmediate function| clearImmediate function| Geetest4 object| gt object| GeetestLang

1 Cookies

Domain/Path Name / Value
gcaptcha4.geetest.com/ Name: captcha_v4_user
Value: ca6ee164dc00460ebbe99eedb901e15c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.urbaninteractive.com
fonts.googleapis.com
fonts.gstatic.com
gcaptcha4.geetest.com
static.geetest.com
t.escrow.com
zurichnights.com
13.32.151.59
2600:9000:203a:ac00:1:fa24:cf00:93a1
2600:9000:21d5:2200:14:692e:a300:93a1
2607:f8b0:4006:817::2003
2607:f8b0:400d:c0e::5f
2a04:4e42:600::485
35.166.17.12
43.159.107.100
0a04a8582f70e7036623568df1d20c2bee833de95412dbc3afe05cda6ff4371f
1d2367db1a298d63e08b285bfb94171f61dc205f35d0e88a0fcc6b180e3cd065
208cf87949be6dadb6096c27b6638b24c49c3bdbcfa265b6f2fea802a68b9e0b
3fc95774ce97cc1f880b317d87235c91fb2c2701eabbaa0eb01dac349ab82853
5177ac8b16de2e407f518c554f3ba3fe0837f8b333830026837cc3f82e190124
56aede748a1064c0a84a8f1bfa799d3800f4c437884d3e1d3ee8b4d986b0b47c
5cfd42b565b93128bb2acf30621de4602a6b1db20d4e52e3fa5f96304b5adf23
66f940d77084d9916d34598fd46c176c2630c3588e08dd07e574d04513c72c34
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6d5ed8d6a080fe38f9c3dcc7d5f8774c753f3547f425f83179b418c2eb96a980
7e72ac688b03131ba0cd4494a2311a9f425fb0bf97ced5ad86053b65f33a31d8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
ab36b3064b8c9e8972e9cb4288425c05eb17962f6aeb8836b6e85140982a8b0e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee95c2d52cbebcb785b9cee2d7b7e712587229851b6cecc3a11fc1bffe2adac9
eeb552fcdb75e5ea707a46ed0b4ebcc942ac679c09be86d81b6a5e72a436294f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb542168f5dc6c0cbda3104bcf04b0dc744b90de5d2e76e6e63dc6b0f0942345