bookings.mafadiair.co.za Open in urlscan Pro
54.189.34.167  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bookings.mafadiair.co.za/	6 KB 3 KB	653ms 237ms	Document text/html	54.189.34.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.mafadiair.co.za/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.189.34.167 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-189-34-167.us-west-2.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 509c7900ef956b123d271a705bec498f6613f5e4431421b92d766544ac5b1fe9 Security Headers Name Value Content-Security-Policy script-src 'self' https://* 'unsafe-inline' 'unsafe-eval';style-src 'self' https://* blob: 'unsafe-inline';img-src 'self' https://* data:;media-src 'self' https://*;connect-src 'self' https://* wss://*;frame-src 'self' https://*;frame-ancestors 'self' https://* http://localhost:*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains max-age=600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Security-Policy script-src 'self' https://* 'unsafe-inline' 'unsafe-eval';style-src 'self' https://* blob: 'unsafe-inline';img-src 'self' https://* data:;media-src 'self' https://*;connect-src 'self' https://* wss://*;frame-src 'self' https://*;frame-ancestors 'self' https://* http://localhost:*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests Content-Type text/html; charset=utf-8 Cross-Origin-Resource-Policy same-origin Date Fri, 21 Jun 2024 23:11:48 GMT ETag W/"17f0-HeVdwARglbH+RmiQ3ti7GTT/BXE" Origin-Agent-Cluster ?1 Referrer-Policy no-referrer Server nginx/1.14.0 (Ubuntu) Strict-Transport-Security max-age=15552000; includeSubDomains max-age=600 Transfer-Encoding chunked X-Booking-Engine booking-engine-6 X-Content-Type-Options nosniff X-DNS-Prefetch-Control off X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-XSS-Protection 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	313 KB 103 KB	148ms 57ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DZF2BQ8W47 Requested by Host: bookings.mafadiair.co.za URL: https://bookings.mafadiair.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 481b470d3cea57e795f5f1a73cdf6311de51b3720f7ecaa506650eaeea278b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 23:11:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 104667 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 21 Jun 2024 23:11:48 GMT
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 944 B	128ms 48ms	Script text/javascript	142.250.186.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: bookings.mafadiair.co.za URL: https://bookings.mafadiair.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f4.1e100.net Software GSE / Resource Hash 2cb3f55c7c3ad8d7cdcb3bbcea9ff3c1e66ab2daa4638bc52ec6b08eccfb0b19 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 23:11:48 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 21 Jun 2024 23:11:48 GMT
GET H2	200	leaflet.css unpkg.com/leaflet@1.9.4/dist/	14 KB 5 KB	168ms 84ms	Stylesheet text/css	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/leaflet@1.9.4/dist/leaflet.css Requested by Host: bookings.mafadiair.co.za URL: https://bookings.mafadiair.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 23:11:48 GMT content-encoding br via 1.1 fly.io cf-cache-status HIT x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 1074728 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HZYG5WVR3WT62JQ2Y94RFSY9-fra server cloudflare etag "39d6-7JKfEQDGZCzMXEJyz0zKEiUaml0" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8977ae08cd2f1e6e-FRA
GET H2	200	67143-lzdjY-yzOTdiK32j6G317caIHByyTo1fVgHQpxHngGU-65671a25e8419 bookingenginecdn.hostaway.com/account/attachment/	5 KB 6 KB	772ms 669ms	Image image/webp	2600:9000:275d:3600:f:ee57:1600:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bookingenginecdn.hostaway.com/account/attachment/67143-lzdjY-yzOTdiK32j6G317caIHByyTo1fVgHQpxHngGU-65671a25e8419?format=webp&width=300&quality=70 Requested by Host: bookings.mafadiair.co.za URL: https://bookings.mafadiair.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:275d:3600:f:ee57:1600:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ee5bee14befb045977d343445330dfe361f22026af78a0c612025e55b296afcc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 23:11:50 GMT x-amz-meta-cache-control max-age=31622400 via 1.1 b166ca183629eada7c88ffe6bf8562a2.cloudfront.net (CloudFront) last-modified Tue, 11 Jun 2024 09:06:23 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 etag "a41743ae3705852572c8e66fab263b50" x-amz-server-side-encryption AES256 vary accept, Origin x-cache Miss from cloudfront content-type image/webp x-aws-image-optimization v1.0 accept-ranges bytes content-length 5232 x-amz-cf-id OXtq8tE1fbxblT7OZUXOLdlJegen4wsfVYwcAKlz4u53wjsD2stQzw==
GET H2	200	67143-logoUrl-yQrimzPpHSM8DRB8Le1077gxnumpBPW8WypozZOIeAU-655b6185ead3e.jpg bookingenginecdn-2.hostaway.com/	184 KB 185 KB	2102ms 1993ms	Image image/webp	2600:9000:20eb:7a00:13:25e3:d980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bookingenginecdn-2.hostaway.com/67143-logoUrl-yQrimzPpHSM8DRB8Le1077gxnumpBPW8WypozZOIeAU-655b6185ead3e.jpg?format=webp&width=1280&quality=70 Requested by Host: bookings.mafadiair.co.za URL: https://bookings.mafadiair.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:7a00:13:25e3:d980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 0f67bfbc1a4a699715d9077a09a4227bf289d11789f6dbafd421807a1a1afc5d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 23:11:50 GMT via 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-amzn-requestid 9351edb2-99b4-45f8-a881-f8717ecbe76d x-amzn-trace-id root=1-667608b5-04af66db004df6836deec55d;parent=2f4792c38e2ef1ac;sampled=0;lineage=0dd1ee8d:0 vary accept, Origin x-cache Miss from cloudfront content-type image/webp cache-control max-age=31622400 x-aws-image-optimization v1.0 server-timing img-download;dur=168,img-transform;dur=293,img-upload;dur=148 content-length 188918 x-amz-cf-id HRVKoRhLLemxBMJt__uhJPaPoM7a1dSeAy7ugdULrHpA-DW825AbFQ==
GET H2	200	leaflet.js Show response unpkg.com/leaflet@1.9.4/dist/	144 KB 62 KB	113ms 47ms	Script application/javascript	2606:4700::6811:f8cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/leaflet@1.9.4/dist/leaflet.js Requested by Host: bookings.mafadiair.co.za URL: https://bookings.mafadiair.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 23:11:48 GMT content-encoding gzip via 1.1 fly.io cf-cache-status HIT x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 8653828 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HRWM61M4EYGENSR1F09MC2BS-fra server cloudflare etag "24060-WmQP+GPnkCqMrCzmujfIezBnd2E" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 8977ae08cd301e6e-FRA
GET H2	200	bundle.js Show response d2q3n06xhbi0am.cloudfront.net/	2 MB 447 KB	133ms 43ms	Script application/javascript	2600:9000:2724:a400:d:cb8c:3f80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Requested by Host: bookings.mafadiair.co.za URL: https://bookings.mafadiair.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2724:a400:d:cb8c:3f80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a4ca0320b2c109b4cb2cceb3e89662d41da76c57615867faff1088dd1becffe5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id CYyfnvQr5rDJ9F1I6kmYDaZpqNRc3uYr content-encoding gzip via 1.1 ee047aee7532c119ede08bf41f5f0762.cloudfront.net (CloudFront) date Fri, 21 Jun 2024 08:25:24 GMT last-modified Thu, 20 Jun 2024 08:24:37 GMT server AmazonS3 x-amz-cf-pop FRA56-P12 age 53218 x-amz-server-side-encryption AES256 etag W/"6142419771f74b640fb487029af3409b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id YZ82p2kAmiQ5g9mNmsW_rLKaIEc4LyiIHRt4Xm86QSuv_SnjlpdqRA==
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/	518 KB 207 KB	127ms 39ms	Script text/javascript	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://bookings.mafadiair.co.za Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 11:34:00 GMT content-encoding gzip x-content-type-options nosniff age 128268 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 210814 x-xss-protection 0 last-modified Sat, 15 Jun 2024 04:02:13 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 20 Jun 2025 11:34:00 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	134ms 44ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DZF2BQ8W47&gtm=45je46j0v878943392za200&_p=1719011508515&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=990303279.1719011509&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719011508&sct=1&seg=0&dl=https%3A%2F%2Fbookings.mafadiair.co.za%2F&dt=Home%20%E2%80%94%20Mafadi%20Air%20-%20Airbnb%20Management&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=967&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DZF2BQ8W47 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 23:11:48 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bookings.mafadiair.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response sentry.hostaway.eu/api/6/envelope/	2 B 317 B	641ms 205ms	Fetch application/json	35.160.183.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sentry.hostaway.eu/api/6/envelope/?sentry_key=119dc6692f8e50e8d2e40fb28227c1bc&sentry_version=7&sentry_client=sentry.javascript.react%2F8.9.2 Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.160.183.15 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-183-15.us-west-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security “max-age=31536000” Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://bookings.mafadiair.co.za/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 21 Jun 2024 23:11:49 GMT strict-transport-security “max-age=31536000” server nginx/1.18.0 (Ubuntu) vary origin, access-control-request-method, access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin content-length 2
GET H2	200	v3 Show response js.stripe.com/	613 KB 169 KB	242ms 46ms	Script text/javascript	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash 3bbc3ed8c3e0ade40c32df9a535a9aa56449c2eaab6062267cf632a2ff80fc14 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 23:11:18 GMT content-encoding gzip via 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 31 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 21 Jun 2024 22:04:32 GMT server Cloudfront etag W/"66131a05a9266eddfd27a97a73047348" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id n_-NQA-oq62yGqsosWOG2jo5Msj0EMCfJN_utLAFWp0pCgVrFXP4tA==
GET H2	200	languages Show response booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/	136 B 287 B	681ms 221ms	Fetch application/json	44.241.13.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/languages Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.13.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-13-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b12c429f0c83b63993a2b0b8e1cf7661f41f1291b0bca5e17317be483593e2c2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 21 Jun 2024 23:11:49 GMT cache-control no-cache, private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	bookings.mafadiair.co.za Show response booking-engine.hostaway.com/bookingEngines/	5 KB 2 KB	652ms 207ms	Fetch application/json	44.241.13.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.13.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-13-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 077962a43e531af54cf482547e5c5813b5eb697c32e32b9a3e3148c37cb82802 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 21 Jun 2024 23:11:49 GMT cache-control no-cache, private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	css2 fonts.googleapis.com/	21 KB 2 KB	167ms 51ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@700;800&family=Open+Sans:wght@400;600;700&display=swap Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 11f001c298228beee3352c841664099bf6132bf13d509d30721b70753163a527 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 21 Jun 2024 23:11:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Jun 2024 23:11:49 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Jun 2024 23:11:49 GMT
GET H2	200	amenities Show response booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/	20 KB 4 KB	210ms 209ms	Fetch application/json	44.241.13.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/amenities Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.13.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-13-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash cfe4c68dd4a343d00d3fe163897c2089830378ce85a2857dae141dfd13c13dac Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 21 Jun 2024 23:11:49 GMT cache-control no-cache, private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	home Show response booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/listings/	30 KB 8 KB	410ms 409ms	Fetch application/json	44.241.13.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/listings/home Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.13.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-13-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 7a3967500b5bbfdb9cda62fd8bb36e3d397f6900535d45c9efbce5fd496d7f70 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 21 Jun 2024 23:11:50 GMT cache-control no-cache, private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	categories Show response booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/	3 KB 736 B	211ms 210ms	Fetch application/json	44.241.13.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/categories Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.13.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-13-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash ef75b9e259b840bda63c01e945c0dea557c47c99b945b03184969356cc30b5e9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 21 Jun 2024 23:11:49 GMT cache-control no-cache, private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	pages Show response booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/	29 KB 7 KB	212ms 210ms	Fetch application/json	44.241.13.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/pages Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.13.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-13-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 12cd2cbda5e0cef7bf7f9f58a7f5676dae5ae8d8437f5f7c154720dc602ee1d9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 21 Jun 2024 23:11:49 GMT cache-control no-cache, private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	css2 fonts.googleapis.com/	2 KB 513 B	48ms 46ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Titillium+Web:wght@700;800&family=Titillium+Web:wght@400;600;700&display=swap Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 21 Jun 2024 23:11:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Jun 2024 23:11:49 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Jun 2024 23:11:49 GMT
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	122ms 37ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@700;800&family=Titillium+Web:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://bookings.mafadiair.co.za Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 15:27:48 GMT x-content-type-options nosniff age 287041 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11796 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:48:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 15:27:48 GMT
GET H2	200	NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	130ms 46ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@700;800&family=Titillium+Web:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://bookings.mafadiair.co.za Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:57:46 GMT x-content-type-options nosniff age 288843 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12372 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:30:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:57:46 GMT
GET DATA	200 OK	truncated /	487 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 582f30417d2c8a65a3818f064f0b0ff01c296d14bf4a7827c9b0f8ea0a476945 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	facets Show response booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/listing/	164 B 308 B	352ms 352ms	Fetch application/json	44.241.13.131 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://booking-engine.hostaway.com/bookingEngines/bookings.mafadiair.co.za/listing/facets Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.241.13.131 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-241-13-131.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 871f73189c639c753aea57c42eb0527db61cf8e806c20cb5d894db65b69ab111 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Fri, 21 Jun 2024 23:11:50 GMT cache-control no-cache, private content-encoding gzip server nginx vary Accept-Encoding content-type application/json
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	40ms 38ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700;800&family=Open+Sans:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://bookings.mafadiair.co.za Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:53:43 GMT x-content-type-options nosniff age 289087 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:53:43 GMT
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	64ms 64ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@700;800&family=Titillium+Web:wght@400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://bookings.mafadiair.co.za Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:53:58 GMT x-content-type-options nosniff age 289072 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12136 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:07:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:53:58 GMT
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame 0E1F	0 0	122ms 41ms	Document text/html	99.86.4.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-122.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 3232 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 21 Jun 2024 22:18:02 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Thu, 30 May 2024 20:04:59 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront) x-amz-cf-id NdGFlj8UCHwqOf4iDOOAvlfwjaDywlGYffWSPOe_2-pbdctwAQiKUQ== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
GET H/1.1	200 OK	67143-bKH9u-dXu5Y0rRAPvmIf20QCj4CwcQxld--Nt7s5QOsY-655b618832b9c hostaway-platform.s3.us-west-2.amazonaws.com/account/attachment/	92 KB 92 KB	732ms 299ms	Other image/png	3.5.87.195 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hostaway-platform.s3.us-west-2.amazonaws.com/account/attachment/67143-bKH9u-dXu5Y0rRAPvmIf20QCj4CwcQxld--Nt7s5QOsY-655b618832b9c?rand=pc6y0xx9w9b Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.87.195 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-r-w.amazonaws.com Software AmazonS3 / Resource Hash ac411e99787eda204e54eb3c7b73387e05d8fe1871b8be747d287c8b009de4c2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 21 Jun 2024 23:11:52 GMT Last-Modified Mon, 20 Nov 2023 13:39:21 GMT Server AmazonS3 x-amz-request-id GP7QPDB38XNH1QYJ ETag "e2cac4da3c1a76378e9095c61f5f985d" x-amz-server-side-encryption AES256 Content-Type image/png x-amz-storage-class REDUCED_REDUNDANCY Accept-Ranges bytes Content-Length 93764 x-amz-id-2 mSyD/wR8PAZKPi0YquqWOf8uGVIKE7lIxJouqYphWAF0xS8ad7J+W6GDQb4UqQI1ozJ/M5C36IpAYXDvoFONog==
POST H2	204	collect region1.google-analytics.com/g/	0 0	46ms 45ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DZF2BQ8W47&gtm=45je46j0v878943392za200&_p=1719011508515&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=990303279.1719011509&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719011508&sct=1&seg=0&dl=https%3A%2F%2Fbookings.mafadiair.co.za%2F&dt=Home%20%E2%80%94%20Mafadi%20Air%20-%20Airbnb%20Management&en=scroll&epn.percent_scrolled=90&_et=8&tfd=5983&_z=fetch Requested by Host: d2q3n06xhbi0am.cloudfront.net URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1718871875 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 23:11:53 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bookings.mafadiair.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| gtag1 object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| leaflet object| L object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| __SENTRY__ object| recaptcha object| webpackChunkStripeJSouter function| noop function| Stripe object| __sentry_instrumentation_handlers__

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mafadiair.co.za/	1970-01-21 07:06:11	Name: _ga Value: GA1.1.990303279.1719011509
			.mafadiair.co.za/	1970-01-21 07:06:11	Name: _ga_DZF2BQ8W47 Value: GS1.1.1719011508.1.0.1719011508.0.0.0
			m.stripe.com/	1970-01-21 07:06:11	Name: m Value: 4b761c43-a9a5-43d8-a212-cf32e47d41018242c4
			.bookings.mafadiair.co.za/	1970-01-21 06:15:47	Name: __stripe_mid Value: 5b5d15af-1e7d-4a8f-97cb-7f208c921a34739f7d
			.bookings.mafadiair.co.za/	1970-01-20 21:30:13	Name: __stripe_sid Value: 0429b682-f265-4eb0-beff-1a25c3be90b56ae8dd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' https://* 'unsafe-inline' 'unsafe-eval';style-src 'self' https://* blob: 'unsafe-inline';img-src 'self' https://* data:;media-src 'self' https://*;connect-src 'self' https://* wss://*;frame-src 'self' https://*;frame-ancestors 'self' https://* http://localhost:*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking-engine.hostaway.com
bookingenginecdn-2.hostaway.com
bookingenginecdn.hostaway.com
bookings.mafadiair.co.za
d2q3n06xhbi0am.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hostaway-platform.s3.us-west-2.amazonaws.com
js.stripe.com
region1.google-analytics.com
sentry.hostaway.eu
unpkg.com
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.186.100
2001:4860:4802:32::36
2600:9000:20eb:7a00:13:25e3:d980:93a1
2600:9000:2724:a400:d:cb8c:3f80:21
2600:9000:275d:3600:f:ee57:1600:93a1
2606:4700::6811:f8cb
2a00:1450:4001:80e::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::200a
3.5.87.195
35.160.183.15
44.241.13.131
54.189.34.167
99.86.4.122
99.86.4.9
077962a43e531af54cf482547e5c5813b5eb697c32e32b9a3e3148c37cb82802
0f67bfbc1a4a699715d9077a09a4227bf289d11789f6dbafd421807a1a1afc5d
11f001c298228beee3352c841664099bf6132bf13d509d30721b70753163a527
12cd2cbda5e0cef7bf7f9f58a7f5676dae5ae8d8437f5f7c154720dc602ee1d9
2cb3f55c7c3ad8d7cdcb3bbcea9ff3c1e66ab2daa4638bc52ec6b08eccfb0b19
3bbc3ed8c3e0ade40c32df9a535a9aa56449c2eaab6062267cf632a2ff80fc14
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
481b470d3cea57e795f5f1a73cdf6311de51b3720f7ecaa506650eaeea278b19
509c7900ef956b123d271a705bec498f6613f5e4431421b92d766544ac5b1fe9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
582f30417d2c8a65a3818f064f0b0ff01c296d14bf4a7827c9b0f8ea0a476945
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
6884674b81f68b9f37fc3c18cfaf83441f7f12b7789ee690b8762ba23689dea6
7a3967500b5bbfdb9cda62fd8bb36e3d397f6900535d45c9efbce5fd496d7f70
871f73189c639c753aea57c42eb0527db61cf8e806c20cb5d894db65b69ab111
a4ca0320b2c109b4cb2cceb3e89662d41da76c57615867faff1088dd1becffe5
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
ac411e99787eda204e54eb3c7b73387e05d8fe1871b8be747d287c8b009de4c2
b12c429f0c83b63993a2b0b8e1cf7661f41f1291b0bca5e17317be483593e2c2
cfe4c68dd4a343d00d3fe163897c2089830378ce85a2857dae141dfd13c13dac
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
db49d009c841f5ca34a888c96511ae936fd9f5533e90d8b2c4d57596f4e5641a
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
ee5bee14befb045977d343445330dfe361f22026af78a0c612025e55b296afcc
ef75b9e259b840bda63c01e945c0dea557c47c99b945b03184969356cc30b5e9