![](/screenshots/ec447d49-e799-42fa-b4c8-14e9a67da138.png)
www.travelagencytribes.com
Open in
urlscan Pro
35.229.45.12
Public Scan
Effective URL: https://www.travelagencytribes.com/down?site=kittlam.nexioncanada.com
Submission: On February 22 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 13th 2019. Valid for: 3 months.
This is the only time www.travelagencytribes.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 6 | 35.229.45.12 35.229.45.12 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
3 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
4 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 52.216.104.61 52.216.104.61 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 35.185.8.73 35.185.8.73 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 54.87.158.188 54.87.158.188 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
17 | 8 |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 12.45.229.35.bc.googleusercontent.com
kittlam.nexioncanada.com | |
www.travelagencytribes.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 73.8.185.35.bc.googleusercontent.com
api2.gttwl.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-87-158-188.compute-1.amazonaws.com
trackcmp.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
googleapis.com
fonts.googleapis.com maps.googleapis.com |
110 KB |
5 |
travelagencytribes.com
1 redirects
www.travelagencytribes.com |
7 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net |
61 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
72 KB |
1 |
trackcmp.net
trackcmp.net |
377 B |
1 |
gttwl.net
api2.gttwl.net |
195 B |
1 |
amazonaws.com
s3.amazonaws.com |
5 KB |
1 |
nexioncanada.com
1 redirects
kittlam.nexioncanada.com |
352 B |
17 | 8 |
Domain | Requested by | |
---|---|---|
5 | www.travelagencytribes.com |
1 redirects
www.travelagencytribes.com
cdn.jsdelivr.net |
4 | maps.googleapis.com |
www.travelagencytribes.com
maps.googleapis.com |
3 | cdn.jsdelivr.net |
www.travelagencytribes.com
|
2 | maxcdn.bootstrapcdn.com |
www.travelagencytribes.com
|
1 | trackcmp.net |
www.travelagencytribes.com
|
1 | api2.gttwl.net |
www.travelagencytribes.com
|
1 | s3.amazonaws.com |
www.travelagencytribes.com
|
1 | fonts.googleapis.com |
www.travelagencytribes.com
|
1 | kittlam.nexioncanada.com | 1 redirects |
17 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.travelagencytribes.com Let's Encrypt Authority X3 |
2019-01-13 - 2019-04-13 |
3 months | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-01-29 - 2019-04-23 |
3 months | crt.sh |
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-10-27 - 2019-05-05 |
6 months | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2018-12-03 - 2019-10-25 |
a year | crt.sh |
api2.gttwl.net Let's Encrypt Authority X3 |
2019-02-03 - 2019-05-04 |
3 months | crt.sh |
trackcmp.net Amazon |
2018-05-02 - 2019-06-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.travelagencytribes.com/down?site=kittlam.nexioncanada.com
Frame ID: 96F4497B63B88422BCD528364916320E
Requests: 17 HTTP requests in this frame
Screenshot
![](/screenshots/ec447d49-e799-42fa-b4c8-14e9a67da138.png)
Page URL History Show full URLs
-
https://kittlam.nexioncanada.com/
HTTP 301
http://www.travelagencytribes.com/down?site=kittlam.nexioncanada.com HTTP 301
https://www.travelagencytribes.com/down?site=kittlam.nexioncanada.com Page URL
Detected technologies
![](/vendor/wappa/icons/Google Maps.png)
Detected patterns
- script /\/\/maps.googleapis.com\/maps\/api\/js/i
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/ZURB Foundation.png)
Detected patterns
- html /<link[^>]+foundation[^>"]+css/i
- html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://kittlam.nexioncanada.com/
HTTP 301
http://www.travelagencytribes.com/down?site=kittlam.nexioncanada.com HTTP 301
https://www.travelagencytribes.com/down?site=kittlam.nexioncanada.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
down
www.travelagencytribes.com/ Redirect Chain
|
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
788 B 451 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.min.css
cdn.jsdelivr.net/foundation/6.1.1/ |
52 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
104 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1452173603_original.png
s3.amazonaws.com/gttwl/attachments/tat.gttwl2.com/lsc85x/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.jsdelivr.net/jquery/2.1.4/ |
82 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation.min.js
cdn.jsdelivr.net/foundation/6.1.1/ |
91 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gttwl2.js
www.travelagencytribes.com/javascripts/ |
2 KB 960 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hits
www.travelagencytribes.com/ |
4 B 177 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
574
api2.gttwl.net/tm/h/ |
0 195 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visit
trackcmp.net/ |
0 377 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
humanity
www.travelagencytribes.com/api/ |
36 B 477 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
maps.googleapis.com/maps-api-v3/api/js/36/2/ |
70 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
maps.googleapis.com/maps-api-v3/api/js/36/2/ |
134 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 210 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| _tat_add_script function| _tat_uuid object| _tat_cook string| _tat_u string| _tat_ref string| _tat_req string| _tat_img1 string| _tat_img2 boolean| trackByDefault function| acEnableTracking function| acTrackVisit function| $ function| jQuery object| Foundation object| geo_place object| geo_autocomplete object| geo_autocomplete2 function| google_add_place function| google_add_place2 object| _xdc_4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.travelagencytribes.com/ | Name: _gttwl2_session Value: L0wzQ0ladkxOcFZKTSt0dGcyRGJuYTE5UTYwbVVkVGNMNk9ISGhoNWxXMUpiZnljdTNZSnhIUHdiMk91azRjUDRqZUlOUUk1MFEvL2E5VE1NRUcrT1JzMGlXb09kUFRYK09KT0t0R2FxQ0RhWnc5cnhYVlR2bGJuUE5CaGY2NngzRmNURHRoRERKUFJBdmkrVXk1ZmRMQTV6NUZvTm55SWJiTm5zaTNmV3ZFM21YYTRtK0FHYzFoTHFSbkV1YjY4LS1sYlFsTHlhNHlrcTh5YjFaT2o5eHJBPT0%3D--1b2bd56a83ba888912b079d212e7bb6df0c849f7 |
|
www.travelagencytribes.com/ | Name: ac_enable_tracking Value: 1 |
|
www.travelagencytribes.com/ | Name: __tat_u Value: 10a6e904-ec43-4f79-a62f-5eb942f52fe4 |
|
www.travelagencytribes.com/ | Name: cart Value: 9b2a7cbe-e0d5-4b05-b581-7e94b9bd650e |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api2.gttwl.net
cdn.jsdelivr.net
fonts.googleapis.com
kittlam.nexioncanada.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
s3.amazonaws.com
trackcmp.net
www.travelagencytribes.com
209.197.3.15
2606:4700::6810:5914
2a00:1450:4001:81a::200a
2a00:1450:4001:81d::200a
35.185.8.73
35.229.45.12
52.216.104.61
54.87.158.188
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
4ed7421a58154c4b3f5a365917e6646c1e8793b9f6ff1e9a89304e12939aa18b
6e8f39fd6bcc85e41b7c898e4c4ae006ec3e65be25ec94e1be3898f30dc6b387
755c7a10bcc790ed2f8f1a36796408138c039ba1887ff3ee3b9964015db7320b
82b675b0acb11e66a98289b1cc5ff5448198b2dcafe2a91df1be2daef5ce1f26
96f74305793227cedd99a5b9fb009cbd81968c9293d67dba191c6477545e0a21
a8883bc180474bec5859cbb00c092eb96d48d2ee0d99416c6c3790d04bd7cb0d
a9f5fe817e0bf54f8cf52db2d009217d8212127e7d8a48b7933d5bc8eb18d7c8
af4c1c20a5353d32675bf0e2628e560c81241b6603a97e7f88dfc4cf6c4423f4
ba9f57b7ee0ab91f5f167205cc15e8f1ef73581be675aca3ba037d70da8285f1
beab13d61e2bfc7d5be0fc1a603251710935b2772cd7403995ba03fce9038f30
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0c026d4467f91cbdc4ec9d85fdf331ff0e2b4d7acab228cc7d3911c3525298d
f1bf8df089c3468e26b3ea5a51269f3d38f871d5757114397cb4b14ec4794aad
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995