stays.mixandmatch.co.nz Open in urlscan Pro
54.76.90.228  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response stays.mixandmatch.co.nz/	345 KB 103 KB	1419ms 653ms	Document text/html	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash 28729971baa83767a83002dcb6cb63113674fa8f74978b65269080a628d3a3a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-cache content-encoding gzip content-length 105048 content-type text/html; charset=UTF-8 date Thu, 05 Dec 2024 02:49:16 GMT expires -1 pragma no-cache strict-transport-security max-age=31536000; includeSubDomains trace-id 675114ac0000000058fab5b09d1e3380 vary Accept-Encoding
GET H2	200	js Show response maps.googleapis.com/maps/api/	320 KB 105 KB	444ms 211ms	Script text/javascript	2404:6800:4006:814::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?v=3.57&libraries=places%2Cgeometry&key=AIzaSyCSoK4c1Hy3MEqcwNYvvAnH0hOBDCWO8Kw&language=en&callback=Function.prototype Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:814::200a Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 5a8d151c79a7cebfd0988ddf60258ceaac382a33b2a4e5e0bc80c6bc44308ffa Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers cache-control public, max-age=1800, stale-while-revalidate=3600 timing-allow-origin * content-encoding gzip etag 5f69ea65 cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 106832 date Thu, 05 Dec 2024 02:49:17 GMT x-xss-protection 0 content-type text/javascript; charset=UTF-8 vary Origin, X-Origin, Referer server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	293ms 65ms	Script text/javascript	2404:6800:4006:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers content-encoding gzip age 5601 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Thu, 05 Dec 2024 03:15:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 01:15:56 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
GET H2	200	0d1331336c572ff29f6f1ad489599b4a-iframeResizer.contentWindow.min.js Show response assets.tripbuilder.app/assets/javascripts/plugins/iframeResizer/	13 KB 6 KB	966ms 622ms	Script application/javascript	99.84.238.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.tripbuilder.app/assets/javascripts/plugins/iframeResizer/0d1331336c572ff29f6f1ad489599b4a-iframeResizer.contentWindow.min.js Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.238.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-238-141.sfo5.r.cloudfront.net Software / Resource Hash 3ed6c82bd76be870c61220920e9d5a7b73be263acb1e78800449d89c029c262c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "d3e8cac014b0a8597c5ef22f65e5bcd26cf06d17" trace-id 675114ad000000004a00ff73abd0f561 via 1.1 457f6aac6043da8b82d532af40ff19c2.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront content-length 5180 x-amz-cf-id yoPxXfcnLnDJL9qzPsVC-nyGMcg4f7UAs4XT-BNd7iZe6AlyoGZ58g== date Thu, 05 Dec 2024 02:49:17 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 01 Jan 2010 00:00:00 GMT vary Origin,Accept-Encoding x-amz-cf-pop SFO5-C3
GET H2	200	e1cf20073d6237e25d7b38899d8aae4f-vendor.js Show response assets.tripbuilder.app/assets/embercli/explore/assets/	3 MB 828 KB	966ms 622ms	Script application/javascript	99.84.238.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.tripbuilder.app/assets/embercli/explore/assets/e1cf20073d6237e25d7b38899d8aae4f-vendor.js Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.238.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-238-141.sfo5.r.cloudfront.net Software / Resource Hash 735ddcfb6b2786c99c74ac05ba793b94d83694530219464bd7e104d97d0f90ac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "92133db41a323e5d43bcd5bf0cf2e70c175ef8e5" trace-id 675114ad0000000019e175d595d2668d via 1.1 457f6aac6043da8b82d532af40ff19c2.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront x-amz-cf-id IIryOX2dGGbHtvGYXWeRlonrJKqycrx1WOLFZHLzAaQsMSX7IdtX_A== date Thu, 05 Dec 2024 02:49:17 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 01 Jan 2010 00:00:00 GMT vary Origin,Accept-Encoding x-amz-cf-pop SFO5-C3
GET H2	200	7c4b754d29491cb16658c9ef76184c77-en.js Show response assets.tripbuilder.app/assets/embercli/explore/locales/	464 KB 110 KB	965ms 621ms	Script application/javascript	99.84.238.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.tripbuilder.app/assets/embercli/explore/locales/7c4b754d29491cb16658c9ef76184c77-en.js Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.238.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-238-141.sfo5.r.cloudfront.net Software / Resource Hash 1c83077bfe11460303089e94a906d41a6427177f75e72d22e969ccfb38d482ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "b1e67bd04bb34e861425fabf98a4cf3e34909b33" trace-id 675114ad00000000278eacc8ea3f045a via 1.1 457f6aac6043da8b82d532af40ff19c2.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront x-amz-cf-id eyxlWQwKbqifQuriw1zgIEWnjz3LXw4eZqQLpd6oCGNsfOqhTwGDqQ== date Thu, 05 Dec 2024 02:49:17 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 01 Jan 2010 00:00:00 GMT vary Origin,Accept-Encoding x-amz-cf-pop SFO5-C3
GET H2	200	d4fd4bd2947a3a783ffe856c0d70a522-explore.js Show response assets.tripbuilder.app/assets/embercli/explore/assets/	959 KB 140 KB	1100ms 756ms	Script application/javascript	99.84.238.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.tripbuilder.app/assets/embercli/explore/assets/d4fd4bd2947a3a783ffe856c0d70a522-explore.js Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.238.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-238-141.sfo5.r.cloudfront.net Software / Resource Hash 9905d48422b9c094db08e9198a9136c57a6bd93d319ef356a84c6f63bdc52398 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "eb526037fc02802f6bdff9a4661eb939f74e8c8c" trace-id 675114ad0000000036f5ad620a8a5c5f via 1.1 457f6aac6043da8b82d532af40ff19c2.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront x-amz-cf-id Mr6tMj3aq3EPr9ZUVdREg2m-X4O9YU8mZuE1aB32QJnWtGCWBBzDAw== date Thu, 05 Dec 2024 02:49:17 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 01 Jan 2010 00:00:00 GMT vary Origin,Accept-Encoding x-amz-cf-pop SFO5-C3
GET H2	200	77538787959c379a70efdc031121d9b4-vendor.css assets.tripbuilder.app/assets/embercli/explore/assets/	54 KB 8 KB	1005ms 637ms	Stylesheet text/css	99.84.238.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.tripbuilder.app/assets/embercli/explore/assets/77538787959c379a70efdc031121d9b4-vendor.css Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.238.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-238-141.sfo5.r.cloudfront.net Software / Resource Hash b183ac78526399121928fcb3d9c22d2e04d3cfdd901f642d6fddce2de1edf554 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "d48f1a3983d4a350b8443ace5b5a10014656b74b" trace-id 675114ad000000007475253af7e74e19 via 1.1 457f6aac6043da8b82d532af40ff19c2.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront content-length 8058 x-amz-cf-id XaYSODWJmAbD25dmDE-1WqYnMyRjimXu932R1kXtINCaeSPKP5Q-gA== date Thu, 05 Dec 2024 02:49:17 GMT content-type text/css; charset=UTF-8 last-modified Fri, 01 Jan 2010 00:00:00 GMT vary Origin,Accept-Encoding x-amz-cf-pop SFO5-C3
GET H2	200	45085573ed2d985122ccb95e2330541f-theme-neutral.css assets.tripbuilder.app/assets/embercli/explore/assets/	447 KB 68 KB	1004ms 637ms	Stylesheet text/css	99.84.238.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.tripbuilder.app/assets/embercli/explore/assets/45085573ed2d985122ccb95e2330541f-theme-neutral.css Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.238.141 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-238-141.sfo5.r.cloudfront.net Software / Resource Hash 23182aee5fd5fd720028e542c62afd1b69161462a60274aa4192c848e7bd79dd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "24e3ce1250c3f708ac4b130ab867fd2a430a882d" trace-id 675114ad000000004da1abc022f03205 via 1.1 457f6aac6043da8b82d532af40ff19c2.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront x-amz-cf-id wIVt1wrH5OdZ7P7DT0alPgPia_RGgrZTco48KTlMiU3L5MhF0OgInw== date Thu, 05 Dec 2024 02:49:17 GMT content-type text/css; charset=UTF-8 last-modified Fri, 01 Jan 2010 00:00:00 GMT vary Origin,Accept-Encoding x-amz-cf-pop SFO5-C3
GET H2	200	gtm.js Show response www.googletagmanager.com/	224 KB 79 KB	433ms 206ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WMR4BL4 Requested by Host: stays.mixandmatch.co.nz URL: https://stays.mixandmatch.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 44e42119b1cf47c98c067df9dc513c5581b0d023ac77fd6cd8a5ab095fabd3de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Thu, 05 Dec 2024 02:49:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 02:49:17 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Thu, 05 Dec 2024 00:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 79788 x-xss-protection 0 server Google Tag Manager
GET H2	200	js Show response www.googletagmanager.com/gtag/	308 KB 105 KB	188ms 186ms	Script application/javascript	2404:6800:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-4TGC9RZKJ0&l=dataLayer&cx=c&gtm=45He4c30v889755049za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WMR4BL4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3025c182c7fdcc03788095a9a6b7ce4c0beaa2922400f28488c26571f11044dd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 05 Dec 2024 02:49:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 02:49:17 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106727 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect www.google-analytics.com/g/	0 0	162ms 162ms	Fetch text/plain	2404:6800:4006:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-4TGC9RZKJ0&gtm=45je4c30v889765752z8889755049za200zb889755049&_p=1733366956910&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=765147172.1733366957&ul=en-nz&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&uid=&sid=1733366957&sct=1&seg=0&dl=https%3A%2F%2Fstays.mixandmatch.co.nz%2F&dt=&en=page_view&_fv=1&_ss=1&ep.nz_distribution_channel=mixandmatchhotel&ep.nz_tour_operator=mixandmatch&tfd=2528 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4TGC9RZKJ0&l=dataLayer&cx=c&gtm=45He4c30v889755049za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://stays.mixandmatch.co.nz cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 02:49:18 GMT content-type text/plain server Golfe2
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	402ms 166ms	Stylesheet text/css	2404:6800:4006:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Mulish:400,700,900 Requested by Host: assets.tripbuilder.app URL: https://assets.tripbuilder.app/assets/embercli/explore/assets/45085573ed2d985122ccb95e2330541f-theme-neutral.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4006:811::200a Sydney, Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 46bf83fe90586f387a202f8d77d54491b0be5fe001c960db15508ad68a678d10 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://assets.tripbuilder.app/ Response headers content-encoding gzip x-content-type-options nosniff expires Thu, 05 Dec 2024 02:49:18 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 02:49:18 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Thu, 05 Dec 2024 02:49:18 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 44 B	414ms 243ms	XHR application/json	172.217.167.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?v=3.57&libraries=places%2Cgeometry&key=AIzaSyCSoK4c1Hy3MEqcwNYvvAnH0hOBDCWO8Kw&language=en&callback=Function.prototype Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.167.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f10.1e100.net Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length content-encoding gzip x-content-type-options nosniff access-control-allow-origin https://stays.mixandmatch.co.nz alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 date Thu, 05 Dec 2024 02:49:19 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 vary Origin, X-Origin, Referer server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN
GET H2	200	view-contexts Show response stays.mixandmatch.co.nz/api2/	8 KB 3 KB	344ms 343ms	XHR application/json	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/api2/view-contexts?_=382835&current=true Requested by Host: assets.tripbuilder.app URL: https://assets.tripbuilder.app/assets/embercli/explore/assets/e1cf20073d6237e25d7b38899d8aae4f-vendor.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash 878560ee8069609cd46060215d4ba72f989932138ba4d04c630b1b89af520802 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://stays.mixandmatch.co.nz/travel/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/vnd.api+json Csrf-Token 672bd447159e00a52cbb3db2c9da53a77c319525-1733366956400-a229b703833287d62b384efd Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache content-encoding gzip pragma no-cache trace-id 675114af0000000032d7ed37452396ee expires -1 content-length 2858 date Thu, 05 Dec 2024 02:49:19 GMT content-type application/json vary Accept-Encoding
GET H2	200	users Show response stays.mixandmatch.co.nz/api2/	11 B 462 B	331ms 331ms	XHR text/plain	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/api2/users?_=383280000019073536&me=true Requested by Host: assets.tripbuilder.app URL: https://assets.tripbuilder.app/assets/embercli/explore/assets/e1cf20073d6237e25d7b38899d8aae4f-vendor.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash 8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://stays.mixandmatch.co.nz/travel/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Csrf-Token 672bd447159e00a52cbb3db2c9da53a77c319525-1733366956400-a229b703833287d62b384efd Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache content-encoding gzip pragma no-cache trace-id 675114af0000000074c2fc8fe9a2be86 expires -1 content-length 37 date Thu, 05 Dec 2024 02:49:19 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding
GET H2	200	trips Show response stays.mixandmatch.co.nz/discovery/v1.0/	20 KB 5 KB	608ms 607ms	XHR application/json	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/discovery/v1.0/trips?modelPath=controller.routes&nz-currency=NZD&page%5Bnumber%5D=1&page%5Bsize%5D=10 Requested by Host: assets.tripbuilder.app URL: https://assets.tripbuilder.app/assets/embercli/explore/assets/e1cf20073d6237e25d7b38899d8aae4f-vendor.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash 9d9e424a126ddbdc2ef71c9d3a1d3ecdbe7ba329230f3b112905153543efd1d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://stays.mixandmatch.co.nz/travel/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/vnd.api+json Csrf-Token 672bd447159e00a52cbb3db2c9da53a77c319525-1733366956400-a229b703833287d62b384efd Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache content-encoding gzip pragma no-cache trace-id 675114af00000000145d0ce49c05436f expires -1 content-length 4239 date Thu, 05 Dec 2024 02:49:19 GMT content-type application/json vary Accept-Encoding
GET H2	200	country-code Show response stays.mixandmatch.co.nz/discovery/v1.0/filters/	342 B 617 B	338ms 338ms	XHR application/json	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/discovery/v1.0/filters/country-code Requested by Host: assets.tripbuilder.app URL: https://assets.tripbuilder.app/assets/embercli/explore/assets/e1cf20073d6237e25d7b38899d8aae4f-vendor.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash 723620247a83194dac98a9e26bc4ba7dd8fda5958910f310262f005acf0ec69a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://stays.mixandmatch.co.nz/travel/routes X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/vnd.api+json Csrf-Token 672bd447159e00a52cbb3db2c9da53a77c319525-1733366956400-a229b703833287d62b384efd Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache content-encoding gzip pragma no-cache trace-id 675114af0000000016a480d8de0f31f5 expires -1 content-length 199 date Thu, 05 Dec 2024 02:49:19 GMT content-type application/json vary Accept-Encoding
GET H3	200	1Ptvg83HX_SGhgqk3wot.woff2 fonts.gstatic.com/s/mulish/v13/	29 KB 29 KB	233ms 69ms	Font font/woff2	142.250.67.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Mulish:400,700,900 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s16-in-f3.1e100.net Software sffe / Resource Hash 7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://stays.mixandmatch.co.nz Referer https://fonts.googleapis.com/ Response headers age 378816 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 30 Nov 2025 17:35:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 17:35:43 GMT last-modified Wed, 13 Sep 2023 23:18:56 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 30096 x-xss-protection 0 server sffe
GET H2	200	glyphicons-halflings-regular.woff2 d37n8u6pdy8r2z.cloudfront.net/assets/fonts/	18 KB 18 KB	1060ms 909ms	Font application/font-woff	18.67.95.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d37n8u6pdy8r2z.cloudfront.net/assets/fonts/glyphicons-halflings-regular.woff2 Requested by Host: assets.tripbuilder.app URL: https://assets.tripbuilder.app/assets/embercli/explore/assets/45085573ed2d985122ccb95e2330541f-theme-neutral.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.95.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-95-4.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://stays.mixandmatch.co.nz Referer https://assets.tripbuilder.app/ Response headers access-control-max-age 2592000 content-encoding gzip etag "313e04da7b353e0abf28ff3581e49943" access-control-allow-methods GET, HEAD x-cache Miss from cloudfront x-amz-cf-id 8yyYQAnUsDRihrOk1Ob_p49NNk_nHSHJb1oV-7-crSTuTLCm9mRmLA== date Thu, 05 Dec 2024 02:49:21 GMT content-type application/font-woff last-modified Tue, 01 Dec 2015 12:36:16 GMT vary Origin cache-control public, max-age=1209600 via 1.1 bac8af6ab43417aff0768ef23a8c05de.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 18091 x-amz-cf-pop SYD62-P1 server AmazonS3
GET H2	200	nezasa_logo_red_white.png stays.mixandmatch.co.nz/assets/images/company-icons/	485 B 1012 B	332ms 331ms	Other image/png	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/assets/images/company-icons/nezasa_logo_red_white.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash bf34aa4a79a7e741148107e6121f54aca57baa920a5ba3c3c334d0d1f4225a3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/travel/routes Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "8361de11970f9086c5a7192ea8b59179a25fbbfc" trace-id 675114af000000000abc565e3e7a7f4c accept-ranges bytes content-length 521 date Thu, 05 Dec 2024 02:49:19 GMT content-type image/png vary Origin,Accept-Encoding last-modified Fri, 01 Jan 2010 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	3 B 26 B	166ms 165ms	XHR text/plain	142.251.221.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=759881565&t=pageview&_s=1&dl=https%3A%2F%2Fstays.mixandmatch.co.nz%2F&dp=%2Ftravel%2Froutes&ul=en-nz&de=UTF-8&dt=travel%2Froutes.index&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACACI~&jid=753817491&gjid=2073086271&cid=765147172.1733366957&tid=UA-34067742-2&_gid=776083402.1733366957&_r=1&_slc=1&cd1=no&cd2=337&cd3=integration&cd4=mixandmatch&cd5=Advanced&cd7=Unknown&cd8=mixandmatchhotel&z=2075337222 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f14.1e100.net Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://stays.mixandmatch.co.nz/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 02:49:19 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://stays.mixandmatch.co.nz cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 3 server Golfe2
GET H2	200	nezasa_logo_red_white.png stays.mixandmatch.co.nz/assets/images/company-icons/	485 B 1013 B	652ms 333ms	Other image/png	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/assets/images/company-icons/nezasa_logo_red_white.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash bf34aa4a79a7e741148107e6121f54aca57baa920a5ba3c3c334d0d1f4225a3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/travel/routes Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "8361de11970f9086c5a7192ea8b59179a25fbbfc" trace-id 675114af0000000045a9bb47fb8b48f9 accept-ranges bytes content-length 521 date Thu, 05 Dec 2024 02:49:19 GMT content-type image/png vary Origin,Accept-Encoding last-modified Fri, 01 Jan 2010 00:00:00 GMT
GET H2	200	nezasa_logo_red_white.png stays.mixandmatch.co.nz/assets/images/company-icons/	485 B 1012 B	984ms 331ms	Other image/png	54.76.90.228 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stays.mixandmatch.co.nz/assets/images/company-icons/nezasa_logo_red_white.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.90.228 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-90-228.eu-west-1.compute.amazonaws.com Software / Resource Hash bf34aa4a79a7e741148107e6121f54aca57baa920a5ba3c3c334d0d1f4225a3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/travel/routes Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control public, max-age=3600 content-encoding gzip etag "8361de11970f9086c5a7192ea8b59179a25fbbfc" trace-id 675114b0000000002bb7df6e1cab0d72 accept-ranges bytes content-length 521 date Thu, 05 Dec 2024 02:49:20 GMT content-type image/png vary Origin,Accept-Encoding last-modified Fri, 01 Jan 2010 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 58 B	74ms 74ms	Image image/gif	142.251.221.78 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=759881565&t=timing&_s=2&dl=https%3A%2F%2Fstays.mixandmatch.co.nz%2F&ul=en-nz&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3709&pdt=656&dns=108&rrt=0&srt=654&tcp=657&dit=3444&clt=3708&_gst=1451&_gbt=1746&_u=aEBAAEABAAAAACACI~&jid=&gjid=&cid=765147172.1733366957&tid=UA-34067742-2&_gid=776083402.1733366957&cd1=no&cd2=337&cd3=integration&cd4=mixandmatch&cd5=Advanced&cd7=Unknown&cd8=mixandmatchhotel&z=866457418 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers age 37198 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],} x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 16:29:21 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 server Golfe2
GET H2	200	tw_xw7jmcnl07cl.jpg pictures.tripbuilder.app/pictures/	80 KB 81 KB	1702ms 1348ms	Image image/jpeg	2600:9000:2804:ec00:14:7ed0:c880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pictures.tripbuilder.app/pictures/tw_xw7jmcnl07cl.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2804:ec00:14:7ed0:c880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0d4b5ea557d70eaa5fe5a7a4adc134cd89e656954ebb63f9b427b4fd2e7ca52 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers x-amz-replication-status COMPLETED cache-control public, max-age=31104000 etag "3bfd89fbc5252e0cc7d2d5c4e86622be-1" x-amz-version-id 90RFnvD8uqbrjouObY0VuSK6oQvZdQpd via 1.1 aca15f619b62bab5e6bee4e1e6b03b38.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront content-length 82095 x-amz-cf-id nKV8nM6aemHDAMKd3X7rVNyCD0LsiCGn0J58A8X83zdQ1MdAvJH_Nw== date Thu, 05 Dec 2024 02:49:21 GMT content-type image/jpeg last-modified Mon, 25 Mar 2024 02:45:02 GMT server AmazonS3 x-amz-cf-pop SFO5-P3 x-amz-server-side-encryption AES256
GET H2	200	tw_gwfrybkqqikw.jpg pictures.tripbuilder.app/pictures/	46 KB 46 KB	1690ms 1337ms	Image image/jpeg	2600:9000:2804:ec00:14:7ed0:c880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pictures.tripbuilder.app/pictures/tw_gwfrybkqqikw.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2804:ec00:14:7ed0:c880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01c4bac8986843084c5adfb59023836a73154ce66e305caf3b807df779e5ab74 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers x-amz-replication-status COMPLETED cache-control public, max-age=31104000 etag "26328d400a246b91d4dde3405f6aa08f-1" x-amz-version-id vyMdVGcPrPqFPEXCavwVX3jrpGHZMXB3 via 1.1 aca15f619b62bab5e6bee4e1e6b03b38.cloudfront.net (CloudFront) accept-ranges bytes x-cache Miss from cloudfront content-length 46963 x-amz-cf-id YZAEb_0E00THRwD95lMW99Z5AMzF7GoRotD0EBE8-_9DFQKWUxAZlg== date Thu, 05 Dec 2024 02:49:21 GMT content-type image/jpeg last-modified Tue, 07 May 2024 01:23:46 GMT server AmazonS3 x-amz-cf-pop SFO5-P3 x-amz-server-side-encryption AES256
GET H2	200	tw_hfzf0yivz3kf.png pictures.tripbuilder.app/pictures/	367 KB 368 KB	1088ms 735ms	Image image/png	2600:9000:2804:ec00:14:7ed0:c880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pictures.tripbuilder.app/pictures/tw_hfzf0yivz3kf.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2804:ec00:14:7ed0:c880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7e532c97e952f8dc26ea297e20e020ac723fd23075c200400106f156ab74c436 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers x-amz-version-id n13A4y5cHr2Xno8xTSnexLkBuonomGDc etag "a415c8a8166e681f815268eeac1c3682-1" x-cache RefreshHit from cloudfront x-amz-cf-id OWttfq6czJ1yeVc-qxDUv1ce4OGNv-XsgKVOF2I_HM24yVzZVf1VIQ== date Thu, 05 Dec 2024 02:49:21 GMT content-type image/png vary accept-encoding last-modified Thu, 09 May 2024 03:27:08 GMT x-amz-replication-status COMPLETED cache-control public, max-age=31104000 via 1.1 aca15f619b62bab5e6bee4e1e6b03b38.cloudfront.net (CloudFront) accept-ranges bytes content-length 376168 x-amz-cf-pop SFO5-P3 server AmazonS3 x-amz-server-side-encryption AES256
POST H3	204	collect www.google-analytics.com/g/	0 0	164ms 162ms	Fetch text/plain	142.251.221.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-4TGC9RZKJ0&gtm=45je4c30v889765752za200zb889755049&_p=1733366956910&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=765147172.1733366957&ul=en-nz&are=1&frm=0&pscdl=noapi&_eu=AEA&_geo=1&_rdi=1&uid=&sid=1733366957&sct=1&seg=0&dl=https%3A%2F%2Fstays.mixandmatch.co.nz%2F&dt=&_s=2&tfd=7537 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4TGC9RZKJ0&l=dataLayer&cx=c&gtm=45He4c30v889755049za200 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f14.1e100.net Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://stays.mixandmatch.co.nz/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://stays.mixandmatch.co.nz cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 02:49:23 GMT content-type text/plain server Golfe2
GET H3	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/57/13/	294 KB 64 KB	179ms 178ms	Script text/javascript	172.217.167.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/57/13/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?v=3.57&libraries=places%2Cgeometry&key=AIzaSyCSoK4c1Hy3MEqcwNYvvAnH0hOBDCWO8Kw&language=en&callback=Function.prototype Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.167.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f10.1e100.net Software sffe / Resource Hash 22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers content-encoding br age 378874 report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} x-content-type-options nosniff expires Sun, 30 Nov 2025 17:34:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 17:34:50 GMT last-modified Tue, 06 Aug 2024 18:37:16 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="maps-api-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js accept-ranges bytes content-length 65163 x-xss-protection 0 server sffe
GET H3	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/57/13/	180 KB 55 KB	167ms 167ms	Script text/javascript	172.217.167.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/57/13/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?v=3.57&libraries=places%2Cgeometry&key=AIzaSyCSoK4c1Hy3MEqcwNYvvAnH0hOBDCWO8Kw&language=en&callback=Function.prototype Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.167.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f10.1e100.net Software sffe / Resource Hash fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://stays.mixandmatch.co.nz/ Response headers content-encoding br age 389620 report-to {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]} x-content-type-options nosniff expires Sun, 30 Nov 2025 14:35:44 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 30 Nov 2024 14:35:44 GMT last-modified Tue, 06 Aug 2024 18:37:16 GMT content-type text/javascript vary Accept-Encoding, Origin cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="maps-api-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js accept-ranges bytes content-length 56099 x-xss-protection 0 server sffe

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google function| ga object| iFrameResizer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady function| displayIEWarning object| env object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$poly$polylineCodec object| loader function| define function| requireModule function| require function| requirejs function| createDeprecatedModule function| RichMarker object| RichMarkerPosition function| _typeof object| EmberENV function| moment object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Ember object| Em function| Popper function| PhotoSwipe function| PhotoSwipeUI_Default function| GMaps object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic function| requestTimeout object| global object| log

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			stays.mixandmatch.co.nz/	1970-01-21 04:22:14	Name: PLAY_SESSION Value: 5bd19681c43489f7b53b134d4958e8ec25ef3f31-NZ-CSRF-TOKEN=672bd447159e00a52cbb3db2c9da53a77c319525-1733366956400-a229b703833287d62b384efd
			.mixandmatch.co.nz/	1970-01-21 01:30:53	Name: _gid Value: GA1.3.776083402.1733366957
			.mixandmatch.co.nz/	1970-01-21 11:05:26	Name: _ga Value: GA1.1.765147172.1733366957
			.mixandmatch.co.nz/	1970-01-21 01:29:27	Name: _gat Value: 1
			.mixandmatch.co.nz/	1970-01-21 11:05:26	Name: _ga_4TGC9RZKJ0 Value: GS1.1.1733366957.1.1.1733366960.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.tripbuilder.app
d37n8u6pdy8r2z.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
pictures.tripbuilder.app
stays.mixandmatch.co.nz
www.google-analytics.com
www.googletagmanager.com
142.250.67.3
142.251.221.78
172.217.167.74
18.67.95.4
2404:6800:4006:809::200e
2404:6800:4006:80a::2008
2404:6800:4006:811::200a
2404:6800:4006:814::200a
2600:9000:2804:ec00:14:7ed0:c880:93a1
54.76.90.228
99.84.238.141
01c4bac8986843084c5adfb59023836a73154ce66e305caf3b807df779e5ab74
1c83077bfe11460303089e94a906d41a6427177f75e72d22e969ccfb38d482ad
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22d7b487c7ed16b6db70ae6aad638e15244b54cdf550ad8f0add612fcf1b1c69
23182aee5fd5fd720028e542c62afd1b69161462a60274aa4192c848e7bd79dd
28729971baa83767a83002dcb6cb63113674fa8f74978b65269080a628d3a3a9
3025c182c7fdcc03788095a9a6b7ce4c0beaa2922400f28488c26571f11044dd
3ed6c82bd76be870c61220920e9d5a7b73be263acb1e78800449d89c029c262c
44e42119b1cf47c98c067df9dc513c5581b0d023ac77fd6cd8a5ab095fabd3de
46bf83fe90586f387a202f8d77d54491b0be5fe001c960db15508ad68a678d10
5a8d151c79a7cebfd0988ddf60258ceaac382a33b2a4e5e0bc80c6bc44308ffa
723620247a83194dac98a9e26bc4ba7dd8fda5958910f310262f005acf0ec69a
735ddcfb6b2786c99c74ac05ba793b94d83694530219464bd7e104d97d0f90ac
7e532c97e952f8dc26ea297e20e020ac723fd23075c200400106f156ab74c436
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
878560ee8069609cd46060215d4ba72f989932138ba4d04c630b1b89af520802
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
9905d48422b9c094db08e9198a9136c57a6bd93d319ef356a84c6f63bdc52398
9d9e424a126ddbdc2ef71c9d3a1d3ecdbe7ba329230f3b112905153543efd1d1
b183ac78526399121928fcb3d9c22d2e04d3cfdd901f642d6fddce2de1edf554
bf34aa4a79a7e741148107e6121f54aca57baa920a5ba3c3c334d0d1f4225a3e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
f0d4b5ea557d70eaa5fe5a7a4adc134cd89e656954ebb63f9b427b4fd2e7ca52
fb4171324646676906d68d37fc0e678aaf5655e0a910d565cbca48771b727506
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c