urlscan.io logo urlscan.io
SecurityTrails logo

rustynailbackpackers.co.nz Open in urlscan Pro
2606:4700:3030::ac43:b8dc  Public Scan

Go To Rescan Add Verdict Report
URL: https://rustynailbackpackers.co.nz/
Submission Tags: phishingrod
Submission: On July 25 via api from DE — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3030::ac43:b8dc, located in United States and belongs to CLOUDFLARENET, US. The main domain is rustynailbackpackers.co.nz.
TLS certificate: Issued by GTS CA 1P5 on July 25th 2023. Valid for: 3 months.
This is the only time rustynailbackpackers.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 202.174.115.34 24192 (DIGIWEB-N...)
4 151.101.194.83 54113 (FASTLY)
1 1 151.101.130.83 54113 (FASTLY)
3 151.101.194.40 54113 (FASTLY)
1 2a03:2880:f10... 32934 (FACEBOOK)
2 2a03:2880:f00... 32934 (FACEBOOK)
16 6
5    2606:4700:3030::ac43:b8dc (United States)

ASN13335 (CLOUDFLARENET, US)
rustynailbackpackers.co.nz
1    202.174.115.34 (New Zealand)

ASN24192 (DIGIWEB-NET-NZ-AP Digiweb New Zealand Limited, NZ)
PTR: nsd2.digiweb.net.nz
www.tourism.net.nz
4    151.101.194.83 (United States)

ASN54113 (FASTLY, US)
static.tacdn.com
1    151.101.130.83 (United States)

ASN54113 (FASTLY, US)
www.jscache.com
3    151.101.194.40 (United States)

ASN54113 (FASTLY, US)
www.tripadvisor.com
www.tripadvisor.co.nz
1    2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
5 rustynailbackpackers.co.nz
rustynailbackpackers.co.nz
110 KB
4 tacdn.com
static.tacdn.com — Cisco Umbrella Rank: 9896
7 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 679
135 KB
2 tripadvisor.co.nz
www.tripadvisor.co.nz — Cisco Umbrella Rank: 295896
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
17 KB
1 tripadvisor.com
www.tripadvisor.com — Cisco Umbrella Rank: 7445
944 B
1 jscache.com
www.jscache.com — Cisco Umbrella Rank: 14430
819 B
1 tourism.net.nz
www.tourism.net.nz
14 KB
16 8
Domain Requested by
5 rustynailbackpackers.co.nz rustynailbackpackers.co.nz
4 static.tacdn.com rustynailbackpackers.co.nz
www.tripadvisor.co.nz
2 static.xx.fbcdn.net www.facebook.com
2 www.tripadvisor.co.nz www.jscache.com
1 www.facebook.com rustynailbackpackers.co.nz
1 www.tripadvisor.com rustynailbackpackers.co.nz
1 www.jscache.com 1 redirects
1 www.tourism.net.nz rustynailbackpackers.co.nz
16 8

This site contains links to these domains. Also see Links.

Domain
www.tripadvisor.co.nz
Subject Issuer Validity Valid
rustynailbackpackers.co.nz
GTS CA 1P5		 2023-07-25 -
2023-10-23		 3 months crt.sh
www.tourism.net.nz
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-10-07		 a year crt.sh
static.tacdn.com
GlobalSign RSA OV SSL CA 2018		 2023-02-22 -
2024-03-19		 a year crt.sh
www.tripadvisor.com
GlobalSign RSA OV SSL CA 2018		 2023-05-24 -
2024-06-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-03 -
2023-08-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rustynailbackpackers.co.nz/
Frame ID: 3F9D0A428826278BF9AFD6EFEF54922F
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.rustynailbackpackers.co.nz%2F&send=false&layout=standard&width=450&show_faces=true&action=like&colorscheme=light&font&height=80&appId=393505570692144
Frame ID: 568B72672CA8391EC9BE0AB897416C6E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Rusty Nail Backpackers

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

16
Requests

94 %
HTTPS

43 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

290 kB
Transfer

822 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.jscache.com/wejs?wtype=excellent&uniq=595&locationId=3166449&lang=en_NZ&display_version=2 HTTP 301
  • https://www.tripadvisor.com/wejs?wtype=excellent&uniq=595&locationId=3166449&lang=en_NZ&display_version=2

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rustynailbackpackers.co.nz/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rustynailbackpackers.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b8dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b661532abd561ae1b01932d6331f4eabb7ad30d40dda5f75c0b11148ffdd41d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ec2aa9929aeaae1-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 25 Jul 2023 07:25:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgB9NiWNGzFvzLPq7wWxvOOzdjrmMAIc1TqBFfhPG5BN8AcMNnEMxm7JFnzRdiSKBrO4IbQHhqa0IDQYBVBnZpP1Xz22Nchn7rX7RDnQgdhQENEb4firhvFCvd%2BPLJb8CafsxhLn%2F2uQuU9plJr48M3CefuGZqRm9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
HIT
x-iplb-instance
34271
x-iplb-request-id
AC453E10:F2E4_33B29065:0050_64BF78CC_6116:240B5
x-proxy-cache
MISS
x-proxy-cache-is
0
bootstrap.css
rustynailbackpackers.co.nz/theme/rustynail/css/css/ 		115 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rustynailbackpackers.co.nz/theme/rustynail/css/css/bootstrap.css
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b8dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d6df3f03e2cc96ef85e9fb34db7b4996fb4dc4ae843cd485f9b1d5dd6ba50d1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:25:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance
34271
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-iplb-request-id
AC453E51:D7C4_33B29065:0050_64BF78CC_5D0D:240B3
etag
W/"44de23f736b05dc0b3019d8ef9d816ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTTlvqqeFyc1H5DWir8vsJffhjXO1Tze2lMoa9M4OKqwJJlFAdXnY1EFrsKZlg6lDHeDIi%2FiFvAz%2FUhgVJsAElbAh3Ny93%2B5pylyocsjkT7dYx8tWlxrGaolZ75eVoyaXZxBALwDmOxeNUW1%2BOhdhoAqH4w1MdFtzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=
x-fastcgi-cache
HIT
cache-control
public, max-age=2592000
cf-ray
7ec2aa9dd81caae1-SYD
x-proxy-cache-is
0
x-proxy-cache
MISS
testcss.css
rustynailbackpackers.co.nz/theme/rustynail/css/css/ 		687 B
734 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rustynailbackpackers.co.nz/theme/rustynail/css/css/testcss.css
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b8dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f1cb08b61594dde2f4307529ad64340c32c3712ca54d12a5bfbb671c9fd915

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:25:01 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance
34271
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-iplb-request-id
AC453E0F:EAB6_33B29065:0050_64BF78CC_5DDF:240B2
etag
W/"78c54807f4426795d3bd6290f4e49bf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0AhR6pBvRDkNZ41WbAH0q2Xd%2BD8vEGuMPpNZ407Q4NvMJpWz2LhfD8TTKlFzFf9tnTyWFiyKDiIc4gTZEA5cEfaB6ZdVmM3jNJjCKCtmz6YUhFkIL3PHRrDVt9vpa1SsO04QDN%2B2AaL3p1ACnq5fH%2BGiyjFtUOlpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=
x-fastcgi-cache
HIT
cache-control
public, max-age=2592000
cf-ray
7ec2aa9dd81faae1-SYD
x-proxy-cache-is
0
x-proxy-cache
MISS
rusty-nail-final-logowhite.png
rustynailbackpackers.co.nz/data/uploads/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustynailbackpackers.co.nz/data/uploads/rusty-nail-final-logowhite.png
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b8dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf06cc413f362e426924e99080115d56c1717f9c97059e0516098f005d5c742c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:25:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance
34271
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-iplb-request-id
AC453E22:D252_33B29065:0050_64BF78CC_5DDE:240B2
etag
"84d3c3eae2e5435333f5808635fc94eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7r1AAgg1CTmJNShx5Tf9srD0eY3geBeCH7BhF%2Bx8ZkQnPL6CM3%2FoF4iEy5oQ%2FBeHpN2SdR7F%2BvfMKe1qKQDqikvKtV%2FZgURBgYb%2FSuQcXCyO6fznQ9INXed6gbn3nJsnrlMO5NiWPSCEiuIcxAxNaESUEvWsFUnoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-fastcgi-cache
HIT
cache-control
public, max-age=2592000
cf-ray
7ec2aa9dd821aae1-SYD
x-proxy-cache-is
0
x-proxy-cache
MISS
home.jpg
rustynailbackpackers.co.nz/data/uploads/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rustynailbackpackers.co.nz/data/uploads/home.jpg
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b8dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97515f677d442242fa526480d9cd69db445734c8ebbb635c71d5acfa828266b1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:25:01 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-iplb-instance
34290
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-iplb-request-id
AC453E4D:AFC4_33B29065:0050_64BF78CC_600E:EDD0
etag
"36f07724cf45620a214903f66f9eac57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N23zublVyklArLeJGY4uSJIB8%2Bh9Zr72J0wQ0RHZweP0zjkDxGEDbTPVc3p9AZ0lN%2FtmtOk4ypQRD7Dsx4gFDkkVBnh%2Fa9fn9yIxbps70ZkyeyDs3An4eTiDLlxe3YQmN%2FVDRT20%2BUsgvwhDvnr%2BjcOf0jG7U0%2FWTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-fastcgi-cache
HIT
cache-control
public, max-age=2592000
cf-ray
7ec2aa9dd824aae1-SYD
x-proxy-cache-is
0
x-proxy-cache
MISS
gold-membership.png
www.tourism.net.nz/images/nzto-logos/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tourism.net.nz/images/nzto-logos/gold-membership.png
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.174.115.34 , New Zealand, ASN24192 (DIGIWEB-NET-NZ-AP Digiweb New Zealand Limited, NZ),
Reverse DNS
nsd2.digiweb.net.nz
Software
nginx /
Resource Hash
e5e1e2050766978e032c8c04fefd29ba1b9065e0eec04542953dc2f0f79493e1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
public
Date
Tue, 25 Jul 2023 07:25:01 GMT
Last-Modified
Mon, 16 Apr 2018 23:58:44 GMT
Server
nginx
ETag
"42a0a-363c-56a0000837846"
Content-Type
image/png
Cache-Control
max-age=315360000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
tripadvisor_logo_115x18.gif
static.tacdn.com/img2/widget/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tacdn.com/img2/widget/tripadvisor_logo_115x18.gif
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a44b6ed032ae990e08e3c5aa86930d212adf229e69caeb44093492d8b76de28f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-cache-hits
396
date
Tue, 25 Jul 2023 07:25:00 GMT
via
1.1 varnish
age
487383
x-cache
HIT
content-length
1677
x-request-id
b0654f03-4b9b-4d3b-872c-4712a58bdd68
x-served-by
cache-akl10335-AKL
last-modified
Thu, 09 May 2019 19:11:33 GMT
server
envoy
x-timer
S1690269901.699323,VS0,VE0
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jul 2023 15:14:44 GMT
wejs
www.tripadvisor.com/
Redirect Chain
  • https://www.jscache.com/wejs?wtype=excellent&uniq=595&locationId=3166449&lang=en_NZ&display_version=2
  • https://www.tripadvisor.com/wejs?wtype=excellent&uniq=595&locationId=3166449&lang=en_NZ&display_version=2
254 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.com/wejs?wtype=excellent&uniq=595&locationId=3166449&lang=en_NZ&display_version=2
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
H2
Server
151.101.194.40 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
6ed8cfe0d30e054b8c32a88ec9389c624a1d06caf284810b9e6b52f46414815a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 25 Jul 2023 07:25:01 GMT
content-encoding
br
via
1.1 varnish
x-cache
MISS
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
x-request-id
7d4072dc-9ee6-4a2c-85b2-47d281417a55
x-served-by
cache-akl10321-AKL
pragma
no-cache
server
envoy
x-timer
S1690269902.526594,VS0,VE248
vary
Accept-Encoding
content-type
application/x-javascript;charset=UTF-8
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0

Redirect headers

x-cache-hits
0
date
Tue, 25 Jul 2023 07:25:01 GMT
via
1.1 varnish
x-cache
MISS
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-length
0
x-request-id
4a7b509f-f052-4879-83cb-9ac33dfc730d
x-served-by
cache-akl10324-AKL
pragma
no-cache
server
envoy
x-timer
S1690269901.883497,VS0,VE198
content-type
text/plain; charset=utf-8
location
https://www.tripadvisor.com/wejs?wtype=excellent&uniq=595&locationId=3166449&lang=en_NZ&display_version=2
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
expires
0
WidgetEmbed-excellent
www.tripadvisor.co.nz/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tripadvisor.co.nz/WidgetEmbed-excellent?lang=en_NZ&locationId=3166449&display_version=2&uniq=595
Requested by
Host: www.jscache.com
URL: https://www.jscache.com/wejs?wtype=excellent&uniq=595&locationId=3166449&lang=en_NZ&display_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.40 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a26db654c3f7f737223d19788d4d42ecd0fc78b94e711df588bb2d3545584b98

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires
0
date
Tue, 25 Jul 2023 07:25:02 GMT
content-encoding
br
via
1.1 varnish
x-datadome
protected
x-cache
MISS
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
x-request-id
55ba3b80-4e4d-462a-95ae-fcfaae9f5014
x-served-by
cache-akl10321-AKL
pragma
no-cache
server
envoy
accept-ch
Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-timer
S1690269902.107731,VS0,VE339
vary
User-Agent,Accept-Encoding
content-type
text/javascript;charset=UTF-8
content-language
en-NZ
cache-control
no-cache,no-store,must-revalidate
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-cache-hits
0
like.php
www.facebook.com/plugins/ Frame 568B 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.rustynailbackpackers.co.nz%2F&send=false&layout=standard&width=450&show_faces=true&action=like&colorscheme=light&font&height=80&appId=393505570692144
Requested by
Host: rustynailbackpackers.co.nz
URL: https://rustynailbackpackers.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab58fc98ea13d8e81b93d341f2ef8471b639d744ac52b67567f3090ec2ec043b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rustynailbackpackers.co.nz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 07:25:02 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
/IZIOGDVc5htJ8QikCfe2Ql2buYmSM5O93POLdO7DhSUSFXooiPP3yfimiw+GdjI1fdUOR9i0XWI6YG3FKZiMg==
x-xss-protection
0
t4b_widget_excellent-v23276556766a.css
static.tacdn.com/css2/build/concat/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/css2/build/concat/t4b_widget_excellent-v23276556766a.css
Requested by
Host: www.tripadvisor.co.nz
URL: https://www.tripadvisor.co.nz/WidgetEmbed-excellent?lang=en_NZ&locationId=3166449&display_version=2&uniq=595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
3936af000eb204f705b6c376c349c060b0e26b4107aa3705b5f4da61245fe565

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-cache-hits
660
date
Tue, 25 Jul 2023 07:25:02 GMT
content-encoding
br
via
1.1 varnish
age
1869428
x-cache
HIT
content-length
1947
x-request-id
cbd2f9cf-6c76-4766-a4e7-0990b6042f0f
x-served-by
cache-akl10335-AKL
last-modified
Mon, 26 Jun 2023 09:30:59 GMT
server
envoy
x-timer
S1690269903.573998,VS0,VE0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jul 2024 16:07:54 GMT
cdswidgets_min-c-v2395114504a.js
static.tacdn.com/js3/build/concat/widget/ 		2 KB
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
Requested by
Host: www.tripadvisor.co.nz
URL: https://www.tripadvisor.co.nz/WidgetEmbed-excellent?lang=en_NZ&locationId=3166449&display_version=2&uniq=595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-cache-hits
4505
date
Tue, 25 Jul 2023 07:25:02 GMT
content-encoding
br
via
1.1 varnish
age
11877681
x-cache
HIT
content-length
697
x-request-id
f3098485-f27b-445b-95af-4c2a5c7c3eea
x-served-by
cache-akl10335-AKL
last-modified
Sun, 26 Feb 2023 12:32:58 GMT
server
envoy
x-timer
S1690269903.574659,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 20:03:41 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3i7244/yW/l/en_GB/ Frame 568B 		518 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/yW/l/en_GB/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.rustynailbackpackers.co.nz%2F&send=false&layout=standard&width=450&show_faces=true&action=like&colorscheme=light&font&height=80&appId=393505570692144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c201b0d6f9c9f28a998aa2473a47edc9ab87bc7f47af7845256ca56f0c726477
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:25:03 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Z8Oz2WkDSkh217qfqQXwIw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136734
x-fb-debug
HmzQjEybrX9uj0bqHNVCQoNJIFPwU3JICBBW1iz6gl7MACRCkECCbzE8bKGTrJgnYGVcE41TV0Rqsh6AjMcLjA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 18 Jul 2024 14:31:45 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 568B 		299 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.rustynailbackpackers.co.nz%2F&send=false&layout=standard&width=450&show_faces=true&action=like&colorscheme=light&font&height=80&appId=393505570692144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:25:03 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
4c8tnldhnWVkz596a1XzmlhVa228+Yv+fa0DYjmh55OhX3mlzGkTH/rL5YErv74nLF4pGtAuGy/adL4C0Nhwzg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 19 Jul 2024 19:12:02 GMT
transparent_pixel-11863-2.gif
www.tripadvisor.co.nz/img/cdsi/partner/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tripadvisor.co.nz/img/cdsi/partner/transparent_pixel-11863-2.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.40 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 25 Jul 2023 07:25:05 GMT
via
1.1 varnish
expires
Tue, 25 Jul 2023 19:25:04 GMT
server
envoy
x-timer
S1690269905.847394,VS0,VE213
x-cache
MISS
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
content-type
image/gif
cache-control
private, max-age=43200
accept-ranges
bytes
timing-allow-origin
https://www.tripadvisor.com
x-request-id
0116a086-3a1b-4527-92f1-98c6211eb991
x-served-by
cache-akl10321-AKL
Tripadvisor_lockup_horizontal_secondary_registered.svg
static.tacdn.com/img2/brand_refresh/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tacdn.com/img2/brand_refresh/Tripadvisor_lockup_horizontal_secondary_registered.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
0f7ea4574612c5e8e28aa0f9c02c659768fd6e9401956aed6777a1bd38edfbe6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://rustynailbackpackers.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-cache-hits
19291
date
Tue, 25 Jul 2023 07:25:04 GMT
content-encoding
br
via
1.1 varnish
age
1509678
x-cache
HIT
content-length
2285
x-request-id
ff75c8ab-93c9-43a8-bbd4-b0fd8a4bf7ed
x-served-by
cache-akl10335-AKL
last-modified
Thu, 02 Jul 2020 16:01:49 GMT
server
envoy
x-timer
S1690269905.848332,VS0,VE0
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Apr 2023 20:03:38 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| newSS object| newJs function| checkHomePageLink function| injectexcellent6211 object| taOnLoad object| taValList number| taValIndex function| taValidate function| taAddValidator object| ta number| ii function| fname

0 Cookies

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rustynailbackpackers.co.nz
static.tacdn.com
static.xx.fbcdn.net
www.facebook.com
www.jscache.com
www.tourism.net.nz
www.tripadvisor.co.nz
www.tripadvisor.com
151.101.130.83
151.101.194.40
151.101.194.83
202.174.115.34
2606:4700:3030::ac43:b8dc
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
0f7ea4574612c5e8e28aa0f9c02c659768fd6e9401956aed6777a1bd38edfbe6
16f1cb08b61594dde2f4307529ad64340c32c3712ca54d12a5bfbb671c9fd915
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3936af000eb204f705b6c376c349c060b0e26b4107aa3705b5f4da61245fe565
4b661532abd561ae1b01932d6331f4eabb7ad30d40dda5f75c0b11148ffdd41d
6d6df3f03e2cc96ef85e9fb34db7b4996fb4dc4ae843cd485f9b1d5dd6ba50d1
6ed8cfe0d30e054b8c32a88ec9389c624a1d06caf284810b9e6b52f46414815a
97515f677d442242fa526480d9cd69db445734c8ebbb635c71d5acfa828266b1
a26db654c3f7f737223d19788d4d42ecd0fc78b94e711df588bb2d3545584b98
a44b6ed032ae990e08e3c5aa86930d212adf229e69caeb44093492d8b76de28f
ab58fc98ea13d8e81b93d341f2ef8471b639d744ac52b67567f3090ec2ec043b
c201b0d6f9c9f28a998aa2473a47edc9ab87bc7f47af7845256ca56f0c726477
c99528654d193b123e3f9dd7668529eeffa9c956ddcf0ea8d84ec589b3fdd5cd
cf06cc413f362e426924e99080115d56c1717f9c97059e0516098f005d5c742c
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
e5e1e2050766978e032c8c04fefd29ba1b9065e0eec04542953dc2f0f79493e1