urlscan.io logo urlscan.io
SecurityTrails logo

admin.hoteladmin.africanjewell.co.za Open in urlscan Pro
41.185.8.122  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Submission: On October 27 via manual from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 5 domains to perform 32 HTTP transactions. The main IP is 41.185.8.122, located in South Africa and belongs to webafrica, ZA. The main domain is admin.hoteladmin.africanjewell.co.za.
This is the only time admin.hoteladmin.africanjewell.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

IP Address AS Autonomous System
5 41.185.8.122 36943 (webafrica)
4 5.57.16.100 43996 (BOOKING-B...)
16 5.57.16.51 43996 (BOOKING-B...)
1 5.57.17.220 43996 (BOOKING-B...)
1 198.232.124.194 54104 (AS-NETDNA)
2 5.57.16.99 43996 (BOOKING-B...)
1 94.31.29.249 54104 (AS-NETDNA)
1 2a00:1450:400... 15169 (GOOGLE)
32 9
5    41.185.8.122 (South Africa)

ASN36943 (webafrica, ZA)
PTR: srv22.hostserv.co.za
admin.hoteladmin.africanjewell.co.za
4    5.57.16.100 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: r.bstatic.com
r.bstatic.com
16    5.57.16.51 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: admin.booking.com
admin.booking.com
1    5.57.17.220 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: www.booking.com
www.booking.com
1    198.232.124.194 (Los Angeles, United States)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 194-124-232-198.static.unitasglobal.net
static.hotjar.com
2    5.57.16.99 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: q.bstatic.com
q.bstatic.com
1    94.31.29.249 (United Kingdom)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 94.31.29.249.IPYX-077437-ZYO.above.net
script.hotjar.com
1    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
Domain Requested by
16 admin.booking.com admin.hoteladmin.africanjewell.co.za
admin.booking.com
5 admin.hoteladmin.africanjewell.co.za admin.hoteladmin.africanjewell.co.za
4 r.bstatic.com admin.hoteladmin.africanjewell.co.za
2 q.bstatic.com admin.hoteladmin.africanjewell.co.za
1 www.google-analytics.com admin.hoteladmin.africanjewell.co.za
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com admin.hoteladmin.africanjewell.co.za
1 www.booking.com admin.hoteladmin.africanjewell.co.za
0 vars.hotjar.com Failed static.hotjar.com
32 9

This site contains links to these domains. Also see Links.

Domain
admin.booking.com
www.booking.com
join.booking.com
Subject Issuer Validity Valid
*.bstatic.com
DigiCert SHA2 Secure Server CA		 2017-09-18 -
2018-11-20		 a year crt.sh
admin.booking.com
DigiCert SHA2 Extended Validation Server CA		 2016-11-06 -
2017-11-15		 a year crt.sh
www.booking.com
DigiCert SHA2 Extended Validation Server CA		 2017-04-06 -
2018-04-11		 a year crt.sh
*.hotjar.com
Gandi Standard SSL CA 2		 2015-10-23 -
2018-11-16		 3 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-10-17 -
2018-01-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Frame ID: 4493.1
Requests: 31 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
Frame ID: 4493.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

32
Requests

78 %
HTTPS

13 %
IPv6

5
Domains

9
Subdomains

9
IPs

5
Countries

214 kB
Transfer

770 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/ 		33 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Server
41.185.8.122 , South Africa, ASN36943 (webafrica, ZA),
Reverse DNS
srv22.hostserv.co.za
Software
Apache /
Resource Hash
991150ecbe31aa3d26907e959a59e69279a7c40ed7f9cf15632c71fef6b3d9dd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.hoteladmin.africanjewell.co.za
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:58 GMT
Last-Modified
Tue, 12 Sep 2017 15:52:09 GMT
Server
Apache
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33562
bootstrap.min.css
r.bstatic.com/libs/bootstrap/3.0.0/css/ 		95 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r.bstatic.com/libs/bootstrap/3.0.0/css/bootstrap.min.css
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.100 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
r.bstatic.com
Software
nginx /
Resource Hash
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
r.bstatic.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Dec 2015 12:48:22 GMT
Server
nginx
ETag
W/"56700c16-17c3b"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
notification.v6523v.css
admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/modules/ 		756 B
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/modules/notification.v6523v.css
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
b3ab0e14f972c47d7b086a409d87e21f3d6986933328d310ea057e8940896b3e
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Last-Modified
Thu, 26 Oct 2017 15:42:27 GMT
Server
nginx
Date
Fri, 27 Oct 2017 11:32:59 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
X-MECHANIC
Sombody set up us the bomb!!
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Content-Length
756
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
tooltip.v6523v.css
admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/modules/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/modules/tooltip.v6523v.css
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
14257b3cc7e3c96b897133cb3563f63a7ca47e30b34c64d61db2a6ac30519919
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 26 Oct 2017 15:42:27 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
46cd9cf9bfd54c484a5601bd35dcc80de105e087.css
r.bstatic.com/backend_static/extranet/css/login_page/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r.bstatic.com/backend_static/extranet/css/login_page/46cd9cf9bfd54c484a5601bd35dcc80de105e087.css
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.100 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
r.bstatic.com
Software
nginx /
Resource Hash
14a61dfbc31308483431f7b27c7f4881c74ce01503c04c6302cf61afdb527d00
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
r.bstatic.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2017 10:55:09 GMT
Server
nginx
ETag
"5995760d-bd3"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Content-Length
3027
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
new-login.v6523v.css
admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/modules/ 		3 KB
967 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/modules/new-login.v6523v.css
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
cf44c89cfaf229970882037ce52c3ccd32fc8aabf75dca0bed6899afe7b1192c
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 26 Oct 2017 15:42:27 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
booking_iconfont.v6523v.css
admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/css_transpiled/booking_iconfont.v6523v.css
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
ed1bcb6945c899e411b74136814466bd657354fbb28730d46c6a745d8ed91a38
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 26 Oct 2017 15:42:27 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
error_catcher
admin.booking.com/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/error_catcher?6523
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
86cc4820b9bd668a6cc3a9ec0b2752a53c7f7ebd38d36561399e963ee76a8628
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation?pid=fbe051352f5d01af; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
User-Agent, Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://developers.booking.com
Content-Security-Policy
report-uri /csp_violation?pid=fbe051352f5d01af; frame-ancestors 'self'
X-MECHANIC
Sombody set up us the bomb!!
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Content-Length
8295
X-XSS-Protection
1; mode=block
modernizr.custom.min.js
r.bstatic.com/libs/modernizr/2.6.2/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.bstatic.com/libs/modernizr/2.6.2/modernizr.custom.min.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.100 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
r.bstatic.com
Software
nginx /
Resource Hash
9ef1dcf3a611c7f6f32ca872c8d0343a99f83874b7b9c754e96afe81e0f63cf4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
r.bstatic.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 May 2016 11:27:05 GMT
Server
nginx
ETag
W/"57458c09-3aee"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
logo.png
admin.booking.com/hotel/hoteladmin/i/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.booking.com/hotel/hoteladmin/i/logo.png?ses=0c8587cefa86b34b25773b32eb09f690&lang=en
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
1de87a440a08823986332d82428c40fc5e424ee4b321a75aa1dbb20f27db4942
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Last-Modified
Thu, 18 May 2017 09:17:50 GMT
Server
nginx
Date
Fri, 27 Oct 2017 11:32:59 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST
Content-Type
image/png
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
X-MECHANIC
Sombody set up us the bomb!!
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Content-Length
2117
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
_etnht
www.booking.com/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.booking.com/_etnht?cpr=http&ch=admin.hoteladmin.africanjewell.co.za&we=we&cpa=%2Fhoteladmin%2Fextranet%2F
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.17.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
www.booking.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Server
nginx
Strict-Transport-Security
max-age=604800
Content-Length
35
X-XSS-Protection
1; mode=block
Content-Type
image/gif
hotjar-301883.js
static.hotjar.com/c/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.hotjar.com/c/hotjar-301883.js?sv=5
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Server
198.232.124.194 Los Angeles, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
194-124-232-198.static.unitasglobal.net
Software
NetDNA-cache/2.2 /
Resource Hash
6078ecfe4b38795ca7d1be580e40fbf27456b366f3bc94d8bf940019b36ed8a0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.hotjar.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
NetDNA-cache/2.2
X-Cache-Hit
1
ETag
W/8dac9c6fe5d776283e8578f3270d82b2
X-Frame-Options
SAMEORIGIN
X-Cache
EXPIRED
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
content-type
ae6c9b84ea8c95bbdc7ea7eede0a827770cd6c63.png
q.bstatic.com/backend_static/extranet/img/logo/homesprite_caption/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.bstatic.com/backend_static/extranet/img/logo/homesprite_caption/ae6c9b84ea8c95bbdc7ea7eede0a827770cd6c63.png
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.99 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
q.bstatic.com
Software
nginx /
Resource Hash
4deedff854a7cb30b6ec8a1ed69ea526e8bd78df07e9d0a7eb0d6fdefcd7c10e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
q.bstatic.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://r.bstatic.com/backend_static/extranet/css/login_page/46cd9cf9bfd54c484a5601bd35dcc80de105e087.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://r.bstatic.com/backend_static/extranet/css/login_page/46cd9cf9bfd54c484a5601bd35dcc80de105e087.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Last-Modified
Fri, 23 Jun 2017 10:50:19 GMT
Server
nginx
ETag
"594cf26b-c5b"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
3163
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
jquery.min.js
q.bstatic.com/libs/jquery/1.11/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://q.bstatic.com/libs/jquery/1.11/jquery.min.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.99 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
q.bstatic.com
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
q.bstatic.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Dec 2015 12:48:22 GMT
Server
nginx
ETag
W/"56700c16-176d5"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
jquery.cookie.custom.min.js
r.bstatic.com/libs/jquery-cookie/1.3.1/ 		1 KB
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r.bstatic.com/libs/jquery-cookie/1.3.1/jquery.cookie.custom.min.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.100 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
r.bstatic.com
Software
nginx /
Resource Hash
70232189db6d4c4dfb50c39468ad2ba3e30f337eabf694ac9d288e5879e2417d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
r.bstatic.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 May 2016 09:34:44 GMT
Server
nginx
ETag
W/"574d5ab4-4f7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Nov 2017 11:32:59 GMT
cookie.warning.v6523v.js
admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/ 		3 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/cookie.warning.v6523v.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
33f47dbfb0e709c5626140bea3303b2e65b8cb17f7cc2a6b6b44da8c3b6eed68
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 11 Jul 2017 10:37:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
event-names.v6523v.js
admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/modules/ 		2 KB
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/modules/event-names.v6523v.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
01f4535ac5285fb56c5d3680284b5980d9a1684c04e9dd49b842d06b72cda548
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 18 May 2017 09:17:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
tooltip.v6523v.js
admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/modules/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/modules/tooltip.v6523v.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
9fbddc60283752d6c06bcdb7702f75eaae355309702f261f2e3913b4a77f5f6c
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 18 May 2017 09:17:50 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
index.v6523v.js
admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/login/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/login/index.v6523v.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
61d3e46a74be9ba3b70080b652d87c18ffbe36afb15030b27f23a630e4570700
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 04 Sep 2017 11:36:30 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
ec.v6523v.js
admin.booking.com/hotel/hoteladmin/ec/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/ec/ec.v6523v.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
22cdead82760a46b1e1b96732ffe6ce0018c093e63a89f66f621a1c9f3740949
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 11 Aug 2017 11:03:20 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
Cookie set ui.json
admin.booking.com/hotel/hoteladmin/ec/ 		201 B
190 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/ec/ui.json
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
80e9a1f9c3bdef009e606425a0cce3067c1c5cecbff3b86ecdfb83bfc4f350d4
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation?pid=f483513567e000da; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://developers.booking.com
Transfer-Encoding
chunked
Content-Security-Policy
report-uri /csp_violation?pid=f483513567e000da; frame-ancestors 'self'
Set-Cookie
esadm=02UmFuZG9tSVYkc2RlIyh9YbxZGyl9Y5%2BP7hlZi1c5qOI9nWr%2BHLIsRFP7d%2B3K%2FTyVRc9yuW%2B%2Bmrs%3D; domain=booking.com; path=/; expires=Wed, 26-Oct-2022 11:32:59 GMT; secure; HttpOnly
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge,chrome=1
bfp.v6523v.js
admin.booking.com/hotel/hoteladmin/bfp/ 		1 KB
697 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/bfp/bfp.v6523v.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
1c4e25c21b03f77256fc9aaccfef79d4569d64c5681f859a85b9a4bd34f7d9d8
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Sep 2017 13:50:18 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
ga_track_events.v6523v.js
admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/login/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/extranet_ng/static/js/login/ga_track_events.v6523v.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
104a74380171b90ab4ef6fe3b6b644635c4acccc7aabad83cf49a740dd6779fb
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 11 Jul 2017 10:37:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
fp2.js
admin.booking.com/hotel/hoteladmin/bfp/dependencies/ 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.booking.com/hotel/hoteladmin/bfp/dependencies/fp2.js
Requested by
Host: admin.booking.com
URL: https://admin.booking.com/hotel/hoteladmin/bfp/bfp.v6523v.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
a50716934aba9247350a6e8093db6f2978fa97948d469189333ded935f7f607d
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Cookie
esadm=02UmFuZG9tSVYkc2RlIyh9YbxZGyl9Y5%2BP7hlZi1c5qOI9nWr%2BHLIsRFP7d%2B3K%2FTyVRc9yuW%2B%2Bmrs%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-MECHANIC
Sombody set up us the bomb!!
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 23 Aug 2017 13:13:43 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://developers.booking.com
Cache-Control
max-age=2592000
Content-Security-Policy
report-uri /csp_violation; frame-ancestors 'self'
Access-Control-Allow-Headers
X-Booking-CSRF, X-Powered-By, X-UA-Compatible, X-XSS-Protection, x-booking-csrf
Expires
Sun, 26 Nov 2017 11:32:59 GMT
modules-ae1ac99481e08b5ba7df9ac9386c3db5.js
script.hotjar.com/ 		341 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-ae1ac99481e08b5ba7df9ac9386c3db5.js
Requested by
Host: static.hotjar.com
URL: http://static.hotjar.com/c/hotjar-301883.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.249 , United Kingdom, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
94.31.29.249.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5c5d4f13471a2610bedbb986399000deeba433888fdc32801953405e3852286a

Request headers

:path
/modules-ae1ac99481e08b5ba7df9ac9386c3db5.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
script.hotjar.com
referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
:scheme
https
:method
GET
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Fri, 27 Oct 2017 11:32:59 GMT
content-encoding
gzip
last-modified
Thu, 26 Oct 2017 08:00:40 GMT
server
NetDNA-cache/2.2
x-amz-request-id
05697B8C26336E63
etag
W/"ae1ac99481e08b5ba7df9ac9386c3db5"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-id-2
DFfDHZg/4saLCq4lx0Wkc15ENmsxyE16zrR6xgAh27mrP2O1Q1gtBUQ0pLmoqOkV4KJWL+yxxt0=
rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
vars.hotjar.com/ Frame 4493 		0
0
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
:scheme
https
:method
GET
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2017 23:46:20 GMT
server
Golfe2
age
1792
date
Fri, 27 Oct 2017 11:03:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14635
expires
Fri, 27 Oct 2017 13:03:07 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
c.html
admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/ 		343 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/c.html?name=ecid
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Server
41.185.8.122 , South Africa, ASN36943 (webafrica, ZA),
Reverse DNS
srv22.hostserv.co.za
Software
Apache /
Resource Hash
604103a8b75eb669c332bfc82ad28a851a85f62e550f5d8ce18be42fe89e98f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.hoteladmin.africanjewell.co.za
X-Booking-CSRF
empty-token
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
X-Requested-With
XMLHttpRequest
X-Booking-CSRF
empty-token
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:58 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
e.html
admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/ 		343 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/e.html?name=ecid
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Server
41.185.8.122 , South Africa, ASN36943 (webafrica, ZA),
Reverse DNS
srv22.hostserv.co.za
Software
Apache /
Resource Hash
afff27f53c4aebc7818c568f1e957773283f498893749a120db8e3c2bd434fef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.hoteladmin.africanjewell.co.za
X-Booking-CSRF
empty-token
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Accept
*/*
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
X-Requested-With
XMLHttpRequest
X-Booking-CSRF
empty-token
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
c.html
admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/ 		343 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/c.html?name=ecid
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Server
41.185.8.122 , South Africa, ASN36943 (webafrica, ZA),
Reverse DNS
srv22.hostserv.co.za
Software
Apache /
Resource Hash
604103a8b75eb669c332bfc82ad28a851a85f62e550f5d8ce18be42fe89e98f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.hoteladmin.africanjewell.co.za
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
e.html
admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/ 		343 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://admin.hoteladmin.africanjewell.co.za/hotel/hoteladmin/ec/e.html?name=ecid
Requested by
Host: admin.hoteladmin.africanjewell.co.za
URL: http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Protocol
HTTP/1.1
Server
41.185.8.122 , South Africa, ASN36943 (webafrica, ZA),
Reverse DNS
srv22.hostserv.co.za
Software
Apache /
Resource Hash
afff27f53c4aebc7818c568f1e957773283f498893749a120db8e3c2bd434fef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.hoteladmin.africanjewell.co.za
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 27 Oct 2017 11:32:59 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
navigation_times
admin.booking.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.booking.com/navigation_times?pid=cd4b5f6e856a1486&amp;nts=0,0,1509103979107,0,0,0,0,1509103979107,1509103979107,1509103979108,1509103979108,1509103979271,0,1509103979271,1509103979436,1509103979600,1509103979437,1509103979734,1509103979734,1509103979739,1509103981625,1509103981625,1509103981625,&first=&cdn=&dc=1&lang=en-gb&ref_app=hoteladmin&ref_action=index-admin&stype=&aid=0&route=0&ch=e&info=&ac=1509103982626
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.16.51 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),
Reverse DNS
admin.booking.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy report-uri /csp_violation?pid=f483513767ed00d7; frame-ancestors 'self'
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
admin.booking.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
Cookie
esadm=02UmFuZG9tSVYkc2RlIyh9YbxZGyl9Y5%2BP7hlZi1c5qOI9nWr%2BHLIsRFP7d%2B3K%2FTyVRc9yuW%2B%2Bmrs%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
http://admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Content-Security-Policy
report-uri /csp_violation?pid=f483513767ed00d7; frame-ancestors 'self'
Server
nginx
Date
Fri, 27 Oct 2017 11:33:02 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
X-MECHANIC
Sombody set up us the bomb!!
Content-Length
0
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vars.hotjar.com
URL
https://vars.hotjar.com/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet Name: ece
Value: QC3flQq75xGQZ3%2BN5VWgpwFN
admin.hoteladmin.africanjewell.co.za/hoteladmin/extranet Name: ecc
Value: QC3flQq75xGQZ3%2BN5VWgpwFN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.booking.com
admin.hoteladmin.africanjewell.co.za
q.bstatic.com
r.bstatic.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.booking.com
www.google-analytics.com
vars.hotjar.com
198.232.124.194
2a00:1450:4001:816::200e
41.185.8.122
5.57.16.100
5.57.16.51
5.57.16.99
5.57.17.220
94.31.29.249
01f4535ac5285fb56c5d3680284b5980d9a1684c04e9dd49b842d06b72cda548
104a74380171b90ab4ef6fe3b6b644635c4acccc7aabad83cf49a740dd6779fb
14257b3cc7e3c96b897133cb3563f63a7ca47e30b34c64d61db2a6ac30519919
14a61dfbc31308483431f7b27c7f4881c74ce01503c04c6302cf61afdb527d00
1c4e25c21b03f77256fc9aaccfef79d4569d64c5681f859a85b9a4bd34f7d9d8
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1de87a440a08823986332d82428c40fc5e424ee4b321a75aa1dbb20f27db4942
22cdead82760a46b1e1b96732ffe6ce0018c093e63a89f66f621a1c9f3740949
33f47dbfb0e709c5626140bea3303b2e65b8cb17f7cc2a6b6b44da8c3b6eed68
45fa5c9e6fed4bf92ae35aec5d65164af6365cb957bbfeaa81c96d7aad186c5a
4deedff854a7cb30b6ec8a1ed69ea526e8bd78df07e9d0a7eb0d6fdefcd7c10e
5c5d4f13471a2610bedbb986399000deeba433888fdc32801953405e3852286a
604103a8b75eb669c332bfc82ad28a851a85f62e550f5d8ce18be42fe89e98f2
6078ecfe4b38795ca7d1be580e40fbf27456b366f3bc94d8bf940019b36ed8a0
61d3e46a74be9ba3b70080b652d87c18ffbe36afb15030b27f23a630e4570700
70232189db6d4c4dfb50c39468ad2ba3e30f337eabf694ac9d288e5879e2417d
80e9a1f9c3bdef009e606425a0cce3067c1c5cecbff3b86ecdfb83bfc4f350d4
86cc4820b9bd668a6cc3a9ec0b2752a53c7f7ebd38d36561399e963ee76a8628
991150ecbe31aa3d26907e959a59e69279a7c40ed7f9cf15632c71fef6b3d9dd
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ef1dcf3a611c7f6f32ca872c8d0343a99f83874b7b9c754e96afe81e0f63cf4
9fbddc60283752d6c06bcdb7702f75eaae355309702f261f2e3913b4a77f5f6c
a50716934aba9247350a6e8093db6f2978fa97948d469189333ded935f7f607d
afff27f53c4aebc7818c568f1e957773283f498893749a120db8e3c2bd434fef
b3ab0e14f972c47d7b086a409d87e21f3d6986933328d310ea057e8940896b3e
cf44c89cfaf229970882037ce52c3ccd32fc8aabf75dca0bed6899afe7b1192c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed1bcb6945c899e411b74136814466bd657354fbb28730d46c6a745d8ed91a38