urlscan.io logo urlscan.io
SecurityTrails logo

rainbow.me Open in urlscan Pro
172.67.70.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.rainbow.me/points?ref=N7KKGP
Effective URL: https://rainbow.me/points?ref=N7KKGP
Submission: On December 13 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 27 HTTP transactions. The main IP is 172.67.70.158, located in United States and belongs to CLOUDFLARENET, US. The main domain is rainbow.me.
TLS certificate: Issued by E1 on November 19th 2023. Valid for: 3 months.
This is the only time rainbow.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.67.70.158 13335 (CLOUDFLAR...)
4 172.217.18.8 15169 (GOOGLE)
15 18.66.196.4 16509 (AMAZON-02)
3 13.32.110.21 16509 (AMAZON-02)
1 104.16.56.101 13335 (CLOUDFLAR...)
3 216.239.34.36 15169 (GOOGLE)
27 6
2    172.67.70.158 (United States)

ASN13335 (CLOUDFLARENET, US)
www.rainbow.me
rainbow.me
4    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com
15    18.66.196.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-196-4.mxp63.r.cloudfront.net
framerusercontent.com
3    13.32.110.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-21.vie50.r.cloudfront.net
events.framer.com
1    104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
15 framerusercontent.com
framerusercontent.com — Cisco Umbrella Rank: 63857
264 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
292 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
349 B
3 framer.com
events.framer.com — Cisco Umbrella Rank: 74558
16 KB
2 rainbow.me
www.rainbow.me
rainbow.me
10 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
27 6
Domain Requested by
15 framerusercontent.com rainbow.me
4 www.googletagmanager.com rainbow.me
www.googletagmanager.com
3 region1.google-analytics.com www.googletagmanager.com
3 events.framer.com rainbow.me
events.framer.com
1 static.cloudflareinsights.com rainbow.me
1 rainbow.me
1 www.rainbow.me 1 redirects
27 7

This site contains links to these domains. Also see Links.

Domain
rainbow.download
Subject Issuer Validity Valid
rainbow.me
E1		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
framerusercontent.com
Amazon RSA 2048 M02		 2023-02-23 -
2024-02-15		 a year crt.sh
events.framer.com
Amazon RSA 2048 M01		 2023-04-26 -
2024-05-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://rainbow.me/points?ref=N7KKGP
Frame ID: 90376CA99C68170A79074AE2ED554BF6
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Bonus Rainbow Points with me

Page URL History Show full URLs

  1. https://www.rainbow.me/points?ref=N7KKGP HTTP 301
    https://rainbow.me/points?ref=N7KKGP Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

589 kB
Transfer

4869 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.rainbow.me/points?ref=N7KKGP HTTP 301
    https://rainbow.me/points?ref=N7KKGP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request points
rainbow.me/
Redirect Chain
  • https://www.rainbow.me/points?ref=N7KKGP
  • https://rainbow.me/points?ref=N7KKGP
73 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7d14148be5d8c04c8326d6f217be551b5f04d3bbeed380059a2a2a7898a5a9
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' data: blob: ipfs:; frame-ancestors 'self' https://gnosis-safe.io https://dev.gnosis-safe.io https://app.safe.global https://platform.apps.ledger.com https://dapp-browser.apps.ledger.com filesystem:;
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
834e778c0b7e56be-OSL
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' data: blob: ipfs:; frame-ancestors 'self' https://gnosis-safe.io https://dev.gnosis-safe.io https://app.safe.global https://platform.apps.ledger.com https://dapp-browser.apps.ledger.com filesystem:;
content-type
text/html
date
Wed, 13 Dec 2023 13:13:53 GMT
last-modified
Wed, 13 Dec 2023 05:46:32 GMT
link
<https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prH3U9NmlDTqgC6%2BaJb3T%2Bs1LuCvXYAC6t2jcwulYjUSX0VY00UZsYz2myzuvOE7zjHcH1lUJ969WU7aXc9NTh2U0EsEpf0VkI8SuAx682v3g1Fj7Xk0Wr5fb08%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
region;desc="eu-west-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="72d08bf"
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
max-age=3600
cf-ray
834e778afa6b56be-OSL
date
Wed, 13 Dec 2023 13:13:53 GMT
expires
Wed, 13 Dec 2023 14:13:53 GMT
location
https://rainbow.me/points?ref=N7KKGP
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FpRUR5pdkLN%2BJdAiUvGtvM7cqwdOH%2B5RVfoeCG%2FBRNJZhjot8lQ42eMC1L3fusxcFH%2FZadkzcX6s6pTzs%2BEgnjUkjvnvTJ4ZTkap%2BPy0pg6UWITxk5IWEoUksh5Lrvl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		193 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M6CWWCPG
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ce56d58b1cf1c0b4edfa60904491dfe22e35b027b65504f36cfbf3b42e35107c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:13:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66402
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Dec 2023 13:13:54 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-323933180
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
84117618d7817b97e672d540c3b2675d6bb25046e38c92c1085b18e852d3c933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:13:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72914
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Dec 2023 13:13:54 GMT
LaEPpK4zSUcIeReETgMWy85zDmk.otf
framerusercontent.com/assets/ 		2 MB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/LaEPpK4zSUcIeReETgMWy85zDmk.otf
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rainbow.me/
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:56:11 GMT
x-amz-version-id
j3UZ5lvJczGLDWSFmN9ZAiQIxNE5gXmb
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
6110264
x-amz-server-side-encryption
aws:kms
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2245284
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 27 Nov 2020 21:58:17 GMT
server
CloudFront
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag
"b9e5933ab2f6f1798d3b63b52a3ab298"
x-frame-options
deny
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
FYaPF6JFDWAtmlP1FCs3SzNB9Y95O6mmaM0yQDnq2ThpV9VE_QFSmA==
WHuLBbzJNyDs52rTeIe5fQMvpw.woff2
framerusercontent.com/assets/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/WHuLBbzJNyDs52rTeIe5fQMvpw.woff2
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
e71127c4a8219e3d1eb7d1472b837860b82ae1d18545b550a8db04a6fc68a915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rainbow.me/
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 22:21:28 GMT
x-amz-version-id
nR1tDWoa_RctVzbFjO.83oMLGuFLnXh0
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
5237547
x-amz-server-side-encryption
aws:kms
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25976
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Nov 2022 12:10:10 GMT
server
CloudFront
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag
"ec9a2742785ab11de9807cc498d1b69f"
x-frame-options
deny
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
uUiM_GPlc4IvXDp1es95Q0hFgAMdOY6pEHd4yVq-coocjCAw8WGPgw==
4R583J86JMRtiqX3XNqQK8GAbg.woff2
framerusercontent.com/assets/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/4R583J86JMRtiqX3XNqQK8GAbg.woff2
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
2a63d71711c3fb52602ef8fcb9082c809a3c6d9d3d23cd58be9689587628ddeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rainbow.me/
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:56:11 GMT
x-amz-version-id
sEXpM1GhonPn0EtWH5jy2_uHGMj15thP
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
6110264
x-amz-server-side-encryption
aws:kms
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26416
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Nov 2022 12:10:11 GMT
server
CloudFront
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag
"5b3326b0680e454272d38d5c51b52691"
x-frame-options
deny
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
4_9wgEQXrtw2hKggbjQqyuaPk-w965mm6l2ufFiujMwakotscC2DxA==
YHBDXQ3qwbbuTRW3F2opC0mxQ4~__rJ_w9wTHEnJiqw16Vbk_dlcj9um7tQrH6LRDkeAZE.woff2
framerusercontent.com/modules/assets/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/modules/assets/YHBDXQ3qwbbuTRW3F2opC0mxQ4~__rJ_w9wTHEnJiqw16Vbk_dlcj9um7tQrH6LRDkeAZE.woff2
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
/
Resource Hash
c952dd0a2d1de12b03e2f237f9633852733039a18849381c2c81e8a4f220e4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rainbow.me/
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:45:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
52089
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
25964
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-frame-options
deny
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
vary
Accept
x-amz-cf-id
SJTdDdo3SX77uML2GrMk78NLwpzYrkvR7HX5isWs3vr6hVrNi5g8TQ==
dF1CY5TYYhHxaAvZKMMnBAo.otf
framerusercontent.com/assets/ 		1 MB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/assets/dF1CY5TYYhHxaAvZKMMnBAo.otf
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rainbow.me/
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 19:56:11 GMT
x-amz-version-id
yK4LoRHhAjIbp3gM0Ek4B0a_gxEY2O2e
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
6110264
x-amz-server-side-encryption
aws:kms
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2383476
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 27 Nov 2020 21:58:20 GMT
server
CloudFront
x-amz-server-side-encryption-aws-kms-key-id
arn:aws:kms:us-east-1:946663360620:key/73540960-f9f6-40d6-b02a-3aa22f5f7459
etag
"2cef67aac1464a682c5199c30fff29bc"
x-frame-options
deny
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-amz-cf-id
dmE_NfnbQCekKM8llYPDAh6deIBzUNzE1PLJBawqKLuB8doSMga-qA==
chunk-42IWKCCI.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		282 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-42IWKCCI.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
1fdfc63fc41be47514e6f9f75930f912032a21215ea75d2c195ea92f4be2d96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:45:46 GMT
x-amz-version-id
AxGMl1RvjHxYCJ5kAqAvoTbNKImm6o1_
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
52089
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
282
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 22:32:33 GMT
server
CloudFront
etag
"6bcbb47b182fdb5cd9d84a2a14c2c24e"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
3uEiPHggufbX8fZfFIFsPF9ADn9TPtnpIf3ScAzun0PqScn5EAmrfA==
chunk-5AFDVSEF.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		535 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-5AFDVSEF.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
99a69899c57c6ebb1d5dddaf23f100c617e5bfdbc54a5ce30324897f3d42d268
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:01:44 GMT
x-amz-version-id
1GmskSJOMXEJoV93DSDugtJxXrm0DTvl
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
age
54731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 20:53:36 GMT
server
CloudFront
etag
W/"a6521eb4d63a8885e488bdd9e123c805"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
VUr9UC6STk5L0MP1X_Mfjh4BG2051IvsQxFcmWaBXq0YkEprZGYcCQ==
chunk-4T27S7KK.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-4T27S7KK.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
2b2dd64557b7becc4c3b7548a76d0c46926c98a2265c25427bebae859d0a52cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:01:44 GMT
x-amz-version-id
c6uEvcflCK1d.Gji3qdhmnq1TIV33i_l
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
age
54731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 20:53:35 GMT
server
CloudFront
etag
W/"970efa0b4f0d061d9f416096ef061d17"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
txdh7DwIQId67iabzHG-bPd-art5E8XejnU7wDyHEiXWEP50KCqY7w==
chunk-HUR4FSNO.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		1006 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-HUR4FSNO.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
6ba206d6fe90fb7d04a0bb1ad9fcd0143eaece805e8688d58a732562e2ac8a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:01:44 GMT
x-amz-version-id
EnX_ntvSCLGUZZlMpbvzGmLE.ViW3qIs
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
age
54731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 20:53:35 GMT
server
CloudFront
etag
W/"75088e58526ec69f114d12eaf3e7f579"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
bq4wehHXTyXMZKq9LtqDxCHmLYrXaZMV0oirVmMumEJPJOcX_BKjDA==
2XztTkTxgotik6s51YXh7rNFNCcvIo7DcR4tV3kop9s.WCKD6ACT.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		111 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/2XztTkTxgotik6s51YXh7rNFNCcvIo7DcR4tV3kop9s.WCKD6ACT.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
f80c0d865fc0ee5d7525c24501efcd83858174db6c116146ffe6d6135b14b714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:01:43 GMT
x-amz-version-id
QhmnjW5dDee7N92rQxC_oH1l4eCaB7Ir
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
age
54732
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 20:53:35 GMT
server
CloudFront
etag
W/"0a193496b67cd55280e04b1c0a32ff73"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
bIIfMt9vurTSr_wF-s-_wL738Jo2k6ymVCSR8v_x-c7okoVMABZ7Cw==
chunk-LE2EKKEA.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-LE2EKKEA.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
c7b180e8b1a6d4e100a5e1b3247d56e734b7be6a5e6be5055ad81767b2ea7c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:01:44 GMT
x-amz-version-id
e0tMPOPdtlh7M9hQfyY5owd6SY.XyU7o
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
age
54731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 20:53:35 GMT
server
CloudFront
etag
W/"533b5fa8eb7b544ff572c2c03ce83644"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
CI6-lUDO13sL4Itc0XrLeN7FveeyujbTJozD0Jd96Qr8vlA4-Rd15w==
chunk-MK6RGZNZ.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-MK6RGZNZ.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
2c0fd72a3934ff0aadf080f8ab1cd4ac6b5f4f761ab3465ec4dd14dd1f62b074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:01:44 GMT
x-amz-version-id
48VTvGzrQ2lm__AsrCR0DwKf_KuQHyoO
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
age
54731
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 20:53:35 GMT
server
CloudFront
etag
W/"3170448049d044dfc8986624a08ea7ec"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
2POxrozz7O13NYC9bAcmhSefTxB-57gSEOQpLxg1EHVOPCKtOleixg==
chunk-464VYTPL.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		788 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-464VYTPL.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
3851b11706e29d0d2e1f7633a7d1606eb0ed55d8b5c9c6283f5b7205522cc0df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:45:47 GMT
x-amz-version-id
AjrX.McFHolHoD0NyAaNO83HM_UzDHjW
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
52087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
788
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 22:32:36 GMT
server
CloudFront
etag
"501ca22a1225631783ef84cef896b2b0"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
_p2R3_dKm4ry19bXOYsqIyuMIWLetN233w6HK1jQl5xcQuGrPZUXWA==
chunk-ZCJYE5MD.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		90 B
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/chunk-ZCJYE5MD.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
f9dd90a84d667cceb085f9ae3bb53b98d498d394e8d2c13e6f38638d63e9f032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 22:45:48 GMT
x-amz-version-id
zekRogH.WVhdj1AU6HDC2d0IxkkUnESJ
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
age
52087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
90
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 12 Dec 2023 22:32:36 GMT
server
CloudFront
etag
"656a4edfaf749e9be7adcaf478154eb5"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
WLfxhyOOQnVHGhoJ6RO62GMU5ieks6gK046aD07UFqkFPE6_41WpSg==
script
events.framer.com/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/script
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-21.vie50.r.cloudfront.net
Software
/
Resource Hash
0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:13:53 GMT
via
1.1 3cf68d8be617999c7beade955cf69ddc.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
15602
x-amz-cf-pop
VIE50-C2
x-amzn-trace-id
Root=1-6579ae11-3c433f8d681ab913143d82eb
x-amzn-requestid
eb2f6bcb-eb0f-4b47-8298-f0ff16d130db
x-cache
Miss from cloudfront
content-type
text/javascript
timestamp
Wed, 13 Dec 2023 13:10:07 GMT
x-amz-apigw-id
P4gi2GNooAMEW-g=
content-length
15602
x-amz-cf-id
Wb3EjkXH4SjgVTFvXeBX0GiSplJ6Jh_4x_CWQGXw_U2sP_1lw2vbBQ==
preview_script0.5J2I4KRG.mjs
framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://framerusercontent.com/sites/ijYyUiit3VLDfopI9VEqd/preview_script0.5J2I4KRG.mjs
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.196.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-196-4.mxp63.r.cloudfront.net
Software
CloudFront /
Resource Hash
87d90d478bfb35089db3100b40d634509233fd9910f3eab41a0a5b8e3e6f0836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rainbow.me/
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 05:46:36 GMT
x-amz-version-id
VHo5EUku3d6Tkg70Pdksqb1ah1y5fgZp
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
via
1.1 8b4dff1a460d3b75804878834458c20a.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P1
x-amz-server-side-encryption
AES256
age
26839
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 13 Dec 2023 05:46:35 GMT
server
CloudFront
etag
W/"2794463a0d5b658fac1ca7b7d746a0c2"
access-control-max-age
0
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
x-frame-options
deny
cache-control
public, max-age=31536000, immutable
vary
Accept-Encoding,Origin
x-amz-cf-id
7lGgh_jfePcqS_kojcrMppPJ8pTP20d3l5MWbc-JAja7l-xURgmOdA==
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: rainbow.me
URL: https://rainbow.me/points?ref=N7KKGP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://rainbow.me/
Origin
https://rainbow.me
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:13:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
834e77918dd97122-TLL
anonymous
events.framer.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Requested by
Host: events.framer.com
URL: https://events.framer.com/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-21.vie50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://rainbow.me/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Dec 2023 13:13:56 GMT
via
1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amzn-trace-id
Root=1-6579ae14-6066b24d7a88d2b7493b46f6;Sampled=1;lineage=c457ad49:0
x-amzn-requestid
7f5f5a79-6d4a-4210-b73e-05be4a090e8b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
P4gjMHLVoAMEoBQ=
content-length
0
x-amz-cf-id
BMSuvexSVemoJq_1bPE0eKXvjbqL1SPhOCMZyTVb_UPqQamJXW-w4Q==
anonymous
events.framer.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.framer.com/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-21.vie50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rainbow.me
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 13 Dec 2023 13:13:54 GMT
via
1.1 614c7e2196cc5b32f71450d1d8261094.cloudfront.net (CloudFront)
x-amz-apigw-id
P4gjAEC2IAMEPdQ=
x-amz-cf-id
SmOOcYsW3HpfLTgd57Fm2S06tX45RV8dO6kMFUZVCkEI_abWzaDqGg==
x-amz-cf-pop
VIE50-C2
x-amzn-requestid
63ad8107-3be7-4edf-8653-b655f8801b40
x-cache
Miss from cloudfront
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V9Y6441QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CWWCPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b3ffb11e07ccb5aa2e29ad34971e6031c356678edf22873081cc66af6495e49b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:13:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86191
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Dec 2023 13:13:54 GMT
js
www.googletagmanager.com/gtag/ 		193 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-323933180&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6CWWCPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cbd6bfb00699d985927d84ce9cfe3522155c1783ca91aceabdbc6ba79db43387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:13:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72855
x-xss-protection
0
last-modified
Wed, 13 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Dec 2023 13:13:54 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-323933180&gtm=45je3bt0&_p=1702473233515&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=892267899.1702473235&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702473234&sct=1&seg=0&dl=https%3A%2F%2Frainbow.me%2Fpoints%3Fref%3DN7KKGP&dt=Get%20Bonus%20Rainbow%20Points%20with%20me&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2191
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-323933180
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 13:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbow.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V9Y6441QW4&gtm=45je3bt0v890061196z89166307544&_p=1702473233515&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=892267899.1702473235&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702473236&sct=1&seg=0&dl=https%3A%2F%2Frainbow.me%2Fpoints%3Fref%3DN7KKGP&dt=Get%20Bonus%20Rainbow%20Points%20with%20me&en=page_view&_fv=1&_ss=1&tfd=3989
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V9Y6441QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 13:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbow.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-V9Y6441QW4&gtm=45je3bt0v890061196&_p=1702473233515&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=892267899.1702473235&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702473236&sct=1&seg=0&dl=https%3A%2F%2Frainbow.me%2Fpoints%3Fref%3DN7KKGP&dt=Get%20Bonus%20Rainbow%20Points%20with%20me&en=scroll&epn.percent_scrolled=90&_et=8&tfd=8999
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V9Y6441QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://rainbow.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Dec 2023 13:14:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rainbow.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayer function| gtag function| __send_framer_event object| google_tag_manager object| google_tag_data object| gaGlobal function| onYouTubeIframeAPIReady function| __framer_importFromPackage object| process object| __cfBeacon

3 Cookies

Domain/Path Name / Value
.rainbow.me/ Name: _ga_323933180
Value: GS1.1.1702473234.1.0.1702473234.0.0.0
.rainbow.me/ Name: _ga
Value: GA1.1.892267899.1702473235
.rainbow.me/ Name: _ga_V9Y6441QW4
Value: GS1.1.1702473236.1.0.1702473236.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' data: blob: ipfs:; frame-ancestors 'self' https://gnosis-safe.io https://dev.gnosis-safe.io https://app.safe.global https://platform.apps.ledger.com https://dapp-browser.apps.ledger.com filesystem:;
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

events.framer.com
framerusercontent.com
rainbow.me
region1.google-analytics.com
static.cloudflareinsights.com
www.googletagmanager.com
www.rainbow.me
104.16.56.101
13.32.110.21
172.217.18.8
172.67.70.158
18.66.196.4
216.239.34.36
0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e
0c7d14148be5d8c04c8326d6f217be551b5f04d3bbeed380059a2a2a7898a5a9
1fdfc63fc41be47514e6f9f75930f912032a21215ea75d2c195ea92f4be2d96d
2a63d71711c3fb52602ef8fcb9082c809a3c6d9d3d23cd58be9689587628ddeb
2b2dd64557b7becc4c3b7548a76d0c46926c98a2265c25427bebae859d0a52cb
2c0fd72a3934ff0aadf080f8ab1cd4ac6b5f4f761ab3465ec4dd14dd1f62b074
3851b11706e29d0d2e1f7633a7d1606eb0ed55d8b5c9c6283f5b7205522cc0df
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6ba206d6fe90fb7d04a0bb1ad9fcd0143eaece805e8688d58a732562e2ac8a7f
84117618d7817b97e672d540c3b2675d6bb25046e38c92c1085b18e852d3c933
87d90d478bfb35089db3100b40d634509233fd9910f3eab41a0a5b8e3e6f0836
99a69899c57c6ebb1d5dddaf23f100c617e5bfdbc54a5ce30324897f3d42d268
b3ffb11e07ccb5aa2e29ad34971e6031c356678edf22873081cc66af6495e49b
c7b180e8b1a6d4e100a5e1b3247d56e734b7be6a5e6be5055ad81767b2ea7c38
c952dd0a2d1de12b03e2f237f9633852733039a18849381c2c81e8a4f220e4a3
cbd6bfb00699d985927d84ce9cfe3522155c1783ca91aceabdbc6ba79db43387
ce56d58b1cf1c0b4edfa60904491dfe22e35b027b65504f36cfbf3b42e35107c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71127c4a8219e3d1eb7d1472b837860b82ae1d18545b550a8db04a6fc68a915
f80c0d865fc0ee5d7525c24501efcd83858174db6c116146ffe6d6135b14b714
f9dd90a84d667cceb085f9ae3bb53b98d498d394e8d2c13e6f38638d63e9f032