URL: https://booking.rainbowmountaintravels.com/
Submission: On January 23 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is booking.rainbowmountaintravels.com.
TLS certificate: Issued by GTS CA 1D4 on January 23rd 2024. Valid for: 3 months.
This is the only time booking.rainbowmountaintravels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

Apex Domain
Subdomains
Transfer
13 rainbowmountaintravels.com
booking.rainbowmountaintravels.com
576 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
firestore.googleapis.com — Cisco Umbrella Rank: 1910
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
267 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
0 web.app Failed
api-triphub-dev.web.app Failed
20 5
Domain Requested by
13 booking.rainbowmountaintravels.com booking.rainbowmountaintravels.com
2 firestore.googleapis.com booking.rainbowmountaintravels.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com booking.rainbowmountaintravels.com
1 fonts.googleapis.com booking.rainbowmountaintravels.com
0 api-triphub-dev.web.app Failed booking.rainbowmountaintravels.com
20 6

This site contains no links.

Subject Issuer Validity Valid
booking.rainbowmountaintravels.com
GTS CA 1D4
2024-01-23 -
2024-04-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
edgecert.googleapis.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.rainbowmountaintravels.com/
Frame ID: 4380678AF69F4A83C8B40A945506B3CD
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

FindLocalTours

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

90 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

669 kB
Transfer

4346 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
booking.rainbowmountaintravels.com/
918 B
694 B
Document
General
Full URL
https://booking.rainbowmountaintravels.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee1858f6993d1a79799a3326b2690ea159be998256611467af8c3d9b0a8616cd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
344
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 17:55:23 GMT
etag
"3045cde19fb21256daff9a265c42dc4523790259e6b48af677426d9bcb130654-br"
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230069-FRA
x-timer
S1706032523.998002,VS0,VE36
css
fonts.googleapis.com/
5 KB
1009 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito:400,600,700
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33364bfa43f71e8488caea7a56c3f44c19c62d0805357bc99efe091b9759310d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 17:55:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 16:20:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 17:55:23 GMT
js
www.googletagmanager.com/gtag/
276 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4PHSDB8WB
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ab520b9a55bbbac223296ecd9306906bd15e2ec8b38e8b3db5c482d7a03e046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:55:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93402
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 17:55:23 GMT
main.c3908c28.js
booking.rainbowmountaintravels.com/static/js/
3 MB
465 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9da8d395ac2cae9a7138ef1753028a80ffea968b0e72ad18059557de3c5b027
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032523.119877,VS0,VE117
etag
"f0456ef725a90ec35838729de1d828309abec6e39db3ced39e401808e0c8cae7-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
475854
x-cache-hits
0
main.1fc67f3e.css
booking.rainbowmountaintravels.com/static/css/
543 KB
49 KB
Stylesheet
General
Full URL
https://booking.rainbowmountaintravels.com/static/css/main.1fc67f3e.css
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa5a42dfedbe1104746b248af330cbad6ba1de08404f2ae311bc278804091084
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230069-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032523.055569,VS0,VE70
etag
"a458f1207969db964db4243e34c7dbecae9523588b47c57739bf92aac1332c85-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
50304
x-cache-hits
0
collect
region1.google-analytics.com/g/
0
267 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X4PHSDB8WB&gtm=45je41h0v9123729070&_p=1706032523117&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&tag_exp=71847096&cid=467571712.1706032523&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706032523&sct=1&seg=0&dl=https%3A%2F%2Fbooking.rainbowmountaintravels.com%2F&dt=FindLocalTours&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=896
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X4PHSDB8WB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 17:55:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://booking.rainbowmountaintravels.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3937.64d6303f.chunk.js
booking.rainbowmountaintravels.com/static/js/
1 KB
747 B
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/3937.64d6303f.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5780ba1c383d1a86879927a627e1763d8c85ceac2e8ab9aa9e36af875cecd768
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.573764,VS0,VE58
etag
"72acea1546da37dd50c918e23846c7a345ad5ffc46a37488bf428bbc67e54e89-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
388
x-cache-hits
0
679.857da87b.chunk.js
booking.rainbowmountaintravels.com/static/js/
10 KB
3 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/679.857da87b.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32586d7af2544578282e3c39b3552effb4864aa705a643a8d267906b739cb470
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.666719,VS0,VE92
etag
"3ebbe7b310ede19e9fb72c508d6d64751e77b7de56512dd9bcd9bf101fbf878b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3161
x-cache-hits
0
4762.7696c224.chunk.js
booking.rainbowmountaintravels.com/static/js/
78 KB
23 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/4762.7696c224.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
124e53db794ab69af4e2defa7569ab5078ce617b8d64daa5e43f1d26b008e859
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.667574,VS0,VE70
etag
"b4c1c21b64a22126c4684e110e289e841acba73cdd83d85d62327a55660d6f2d-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23267
x-cache-hits
0
886.37fda6ab.chunk.js
booking.rainbowmountaintravels.com/static/js/
4 KB
2 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/886.37fda6ab.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d8692e6b27b7527a5c21ce99c5fff5bdb26f679e271c8ecaad3c7e34d2eee5b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.667789,VS0,VE72
etag
"375663e46b28d2daf54875990997f00211b1deb3af9f9b8f596a9040e49062e5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1355
x-cache-hits
0
2563.acf8b210.chunk.js
booking.rainbowmountaintravels.com/static/js/
28 KB
9 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/2563.acf8b210.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3802bf46a2bb32a98920be6e5c74679bcdbf40a85706d8c7b08c79cc676e3b0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.668187,VS0,VE77
etag
"e62577548257987acf88007b15973dddb749b4bfde7538ee4d9971d0ee43fe24-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9294
x-cache-hits
0
4562.44cbc2c9.chunk.js
booking.rainbowmountaintravels.com/static/js/
30 KB
9 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/4562.44cbc2c9.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bd8f1af36662591c311a1ba721029afd490a72c1400063fe07ac4b001281198b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.668248,VS0,VE96
etag
"749462c736596b3a42523cd14750e7c35a15c6fd6c65e466f8e6a79770d1af56-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8393
x-cache-hits
0
5523.3c768643.chunk.js
booking.rainbowmountaintravels.com/static/js/
18 KB
5 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/5523.3c768643.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
decad0b91224fc6e0e498f4fbc16b30b10fccd759c463ae4b7aefff55a452f10
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.668821,VS0,VE85
etag
"daf961b7a0724b1b4a67676163e9ebb494e4ac9104158262e9dcdef130075330-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4340
x-cache-hits
0
1761.78e505d9.chunk.js
booking.rainbowmountaintravels.com/static/js/
23 KB
7 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/1761.78e505d9.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35fb15715b66fa4edcab776a22ef4319a0b4864f5eaa706c1499b4bcf462ff71
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.669285,VS0,VE100
etag
"7ceb7e6b74717470c0c37f2a9af6b1aa26bec9cd204d99ce450feea2f30e96ba-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7144
x-cache-hits
0
1634.58074453.chunk.js
booking.rainbowmountaintravels.com/static/js/
2 KB
1 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/1634.58074453.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1dbd1d8552ca7130912f9f648dc691cfe735358b29b018a577c720af19924cbe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.669704,VS0,VE326
etag
"3128160ac5b47f8897fa276d2995f13d06a576e904494dfe67c0985359b2f6bb-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
783
x-cache-hits
0
7742.df0d4fed.chunk.js
booking.rainbowmountaintravels.com/static/js/
2 KB
1 KB
Script
General
Full URL
https://booking.rainbowmountaintravels.com/static/js/7742.df0d4fed.chunk.js
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cc77c16924fcd065d4baa6c7c0201ca6bd81fdc33d0c1a671c141fd47eb2a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230076-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 23 Jan 2024 17:55:23 GMT
last-modified
Tue, 23 Jan 2024 15:30:23 GMT
x-timer
S1706032524.670117,VS0,VE101
etag
"348c36918ca451358061be674dc959c704545f7fc0536d8162ea2210284853f9-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000000, s-maxage=31536000000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
760
x-cache-hits
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
54 B
466 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Ftriphub-dev%2Fdatabases%2F(default)&RID=21629&CVER=22&X-HTTP-Session-Id=gsessionid&zx=59be4xj9m912&t=1
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c5a53fe75ae41e8f4c4d05123ce2d7ac5ed1dc581ba37f04cfb9945acb1bdd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.rainbowmountaintravels.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 23 Jan 2024 17:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://booking.rainbowmountaintravels.com
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
4LmWuFMpLk1LzOYAnwDKbleXwKMyLd58NRYElBgUMcg
search
api-triphub-dev.web.app/
0
0

search
api-triphub-dev.web.app/
0
0

channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
718 KB
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=4LmWuFMpLk1LzOYAnwDKbleXwKMyLd58NRYElBgUMcg&VER=8&database=projects%2Ftriphub-dev%2Fdatabases%2F(default)&RID=rpc&SID=XTbblEi9N_dizNGzFZXjhw&AID=0&CI=0&TYPE=xmlhttp&zx=bxudufrn09ge&t=1
Requested by
Host: booking.rainbowmountaintravels.com
URL: https://booking.rainbowmountaintravels.com/static/js/main.c3908c28.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.rainbowmountaintravels.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 17:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://booking.rainbowmountaintravels.com
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api-triphub-dev.web.app
URL
https://api-triphub-dev.web.app/search
Domain
api-triphub-dev.web.app
URL
https://api-triphub-dev.web.app/search

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkhosting object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _

2 Cookies

Domain/Path Name / Value
.rainbowmountaintravels.com/ Name: _ga
Value: GA1.1.467571712.1706032523
.rainbowmountaintravels.com/ Name: _ga_X4PHSDB8WB
Value: GS1.1.1706032523.1.0.1706032523.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-triphub-dev.web.app
booking.rainbowmountaintravels.com
firestore.googleapis.com
fonts.googleapis.com
region1.google-analytics.com
www.googletagmanager.com
api-triphub-dev.web.app
2001:4860:4802:34::36
2620:0:890::100
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:813::200a
0ab520b9a55bbbac223296ecd9306906bd15e2ec8b38e8b3db5c482d7a03e046
124e53db794ab69af4e2defa7569ab5078ce617b8d64daa5e43f1d26b008e859
1c5a53fe75ae41e8f4c4d05123ce2d7ac5ed1dc581ba37f04cfb9945acb1bdd7
1dbd1d8552ca7130912f9f648dc691cfe735358b29b018a577c720af19924cbe
32586d7af2544578282e3c39b3552effb4864aa705a643a8d267906b739cb470
33364bfa43f71e8488caea7a56c3f44c19c62d0805357bc99efe091b9759310d
35fb15715b66fa4edcab776a22ef4319a0b4864f5eaa706c1499b4bcf462ff71
4cc77c16924fcd065d4baa6c7c0201ca6bd81fdc33d0c1a671c141fd47eb2a4b
5780ba1c383d1a86879927a627e1763d8c85ceac2e8ab9aa9e36af875cecd768
7d8692e6b27b7527a5c21ce99c5fff5bdb26f679e271c8ecaad3c7e34d2eee5b
aa5a42dfedbe1104746b248af330cbad6ba1de08404f2ae311bc278804091084
b3802bf46a2bb32a98920be6e5c74679bcdbf40a85706d8c7b08c79cc676e3b0
bd8f1af36662591c311a1ba721029afd490a72c1400063fe07ac4b001281198b
decad0b91224fc6e0e498f4fbc16b30b10fccd759c463ae4b7aefff55a452f10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee1858f6993d1a79799a3326b2690ea159be998256611467af8c3d9b0a8616cd
f9da8d395ac2cae9a7138ef1753028a80ffea968b0e72ad18059557de3c5b027