URL: https://bookings.creekandcountry.co.uk/
Submission: On December 01 via api from US — Scanned from US

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 22 HTTP transactions. The main IP is 54.189.34.167, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is bookings.creekandcountry.co.uk.
TLS certificate: Issued by R3 on December 1st 2023. Valid for: 3 months.
This is the only time bookings.creekandcountry.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
7 hostaway.com
api.hostaway.com — Cisco Umbrella Rank: 710361
platform.hostaway.com — Cisco Umbrella Rank: 752917
302 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
266 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
319 B
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1282
138 KB
1 cloudfront.net
d2q3n06xhbi0am.cloudfront.net
628 KB
1 amazonaws.com
hostaway-platform.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 585710
19 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 creekandcountry.co.uk
bookings.creekandcountry.co.uk
3 KB
22 10
Domain Requested by
6 api.hostaway.com d2q3n06xhbi0am.cloudfront.net
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com d2q3n06xhbi0am.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
2 js.stripe.com bookings.creekandcountry.co.uk
js.stripe.com
1 platform.hostaway.com bookings.creekandcountry.co.uk
1 www.gstatic.com www.google.com
1 d2q3n06xhbi0am.cloudfront.net bookings.creekandcountry.co.uk
1 hostaway-platform.s3.us-west-2.amazonaws.com bookings.creekandcountry.co.uk
1 www.google.com bookings.creekandcountry.co.uk
1 www.googletagmanager.com bookings.creekandcountry.co.uk
1 bookings.creekandcountry.co.uk
22 12

This site contains links to these domains. Also see Links.

Domain
75583_1.holidayfuture.com
Subject Issuer Validity Valid
bookings.creekandcountry.co.uk
R3
2023-12-01 -
2024-02-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-10-30 -
2024-01-25
3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-08-03
10 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
api.hostaway.com
Amazon RSA 2048 M02
2023-07-14 -
2024-08-11
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.hostaway.com
Amazon RSA 2048 M01
2023-07-28 -
2024-08-24
a year crt.sh

This page contains 2 frames:

Primary Page: https://bookings.creekandcountry.co.uk/
Frame ID: 8E57171B6728CE24FAAFBB99652D950B
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 158B6F6AA3F160E70DBFDE990D4851DF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Book Here

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

13
IPs

1
Countries

1451 kB
Transfer

4233 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
bookings.creekandcountry.co.uk/
4 KB
3 KB
Document
General
Full URL
https://bookings.creekandcountry.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
54.189.34.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-34-167.us-west-2.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ac87fafa5694b5bc73fc029b5d2c092b988aa7f7b2ee65e6bda11c7c2b4f907d
Security Headers
Name Value
Content-Security-Policy script-src 'self' https://* 'unsafe-inline' 'unsafe-eval';img-src 'self' https://* data:;media-src 'self' https://*;connect-src 'self' https://* wss://*;frame-src 'self' https://*;frame-ancestors 'self' https://* http://localhost:*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
script-src 'self' https://* 'unsafe-inline' 'unsafe-eval';img-src 'self' https://* data:;media-src 'self' https://*;connect-src 'self' https://* wss://*;frame-src 'self' https://*;frame-ancestors 'self' https://* http://localhost:*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
same-origin
Date
Fri, 01 Dec 2023 16:53:32 GMT
ETag
W/"ef7-LlsHqeCsck7X9zWDpl+YDtVJNj8"
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Server
nginx/1.14.0 (Ubuntu)
Strict-Transport-Security
max-age=15552000; includeSubDomains max-age=600
Transfer-Encoding
chunked
X-Booking-Engine
booking-engine-4
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
js
www.googletagmanager.com/gtag/
279 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DZF2BQ8W47
Requested by
Host: bookings.creekandcountry.co.uk
URL: https://bookings.creekandcountry.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cb23e3d09871d3911ef893b7a4526be610cc28daa934b69dab8c5c6122d4c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93144
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 16:53:32 GMT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bookings.creekandcountry.co.uk
URL: https://bookings.creekandcountry.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
68d6f5e6353b7af3f62a7458c547270de36d2f2a8af194f0337252513e518270
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 01 Dec 2023 16:53:32 GMT
/
js.stripe.com/v3/
560 KB
138 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: bookings.creekandcountry.co.uk
URL: https://bookings.creekandcountry.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-43.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
aa5b7d455b609e53a68508609259a6d20342b2ce20f47f4abee38e513060eefc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:52:42 GMT
content-encoding
br
via
1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
50
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
last-modified
Thu, 30 Nov 2023 22:48:03 GMT
server
Cloudfront
etag
W/"50e37c0acb791e8dd5bd945768f58f27"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
d6-ooWFzV1RSBP6K3oPjB0BHWPeE1Ge0S1hxhWSk3_XXOO6b0gvNog==
75583-IutGOmNrLbqfwbwysFNLmt65YEDoVkWMZir0AtpgBOo-6569c0b7d2bb4
hostaway-platform.s3.us-west-2.amazonaws.com/account/attachment/
18 KB
19 KB
Image
General
Full URL
https://hostaway-platform.s3.us-west-2.amazonaws.com/account/attachment/75583-IutGOmNrLbqfwbwysFNLmt65YEDoVkWMZir0AtpgBOo-6569c0b7d2bb4?rand=ucy76jkj0g
Requested by
Host: bookings.creekandcountry.co.uk
URL: https://bookings.creekandcountry.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.80.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ed12e36021dbb3bf34363a4903a5625a4a7e90c77adf9a55615114a584ab6fe6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 16:53:34 GMT
Last-Modified
Fri, 01 Dec 2023 11:17:12 GMT
Server
AmazonS3
x-amz-request-id
9VJXSX8C3DN9F489
ETag
"a88a29bfc3881c1eaef0a3952154dde1"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
18879
x-amz-id-2
G9750arusNTHWQTvZ3MbBPmYxAQY0KOBy6OxLqUFz9oSbvSZOmfMQc+lEjJ2VbRhwCmvcHvzLBskP4icecCgEQ==
bundle.js
d2q3n06xhbi0am.cloudfront.net/
2 MB
628 KB
Script
General
Full URL
https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Requested by
Host: bookings.creekandcountry.co.uk
URL: https://bookings.creekandcountry.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:2000:d:cb8c:3f80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4440b368a19fda7dd00e9b0d96f68192ab85c7f62f352350aa764990d5bf6e32

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
Qv9bE.4fsuQbcc0.CVYIV8KgQdViz5qf
content-encoding
gzip
via
1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
date
Fri, 01 Dec 2023 16:32:52 GMT
last-modified
Thu, 30 Nov 2023 16:32:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
age
1261
x-amz-server-side-encryption
AES256
etag
W/"d66f88afd29f9f6d050b0ed5bb155a49"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
uM5hRcZ-DhDjAjlGdOPVtEEIHDmM54QvAYkHpBLLw7jR2ZHl5XUmSA==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/
465 KB
187 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://bookings.creekandcountry.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 04:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Nov 2024 04:03:17 GMT
collect
www.google-analytics.com/g/
0
265 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DZF2BQ8W47&gtm=45je3bt0v878943392&_p=1701449612807&gcd=11l1l1l1l1&dma=0&cid=696209944.1701449613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701449613&sct=1&seg=0&dl=https%3A%2F%2Fbookings.creekandcountry.co.uk%2F&dt=Book%20Here&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1030
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DZF2BQ8W47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 16:53:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bookings.creekandcountry.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bookings.creekandcountry.co.uk
api.hostaway.com/bookingEngines/
6 KB
3 KB
Fetch
General
Full URL
https://api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.43.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-43-49.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
53617a35d3002d1a21e73b94931a0750e932af91ed5ae8f8a758a600117bfd60

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:33 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://bookings.creekandcountry.co.uk
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization, Content-Type, jwt, accountId, Content-Encoding, User-Agent, Cache-Control, Accept-Encoding, Cookie, Accept-Language, Accept, Accept-Charset, Content-Length, Content-MD5, From, Host, Referrer, Connection,
css2
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@700;800&family=Open+Sans:wght@400;600;700&display=swap
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d99df0f75e3b653861eafcb2333e2d8d2868f408966e5f722b3b13c1dd7f988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 16:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 16:53:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 16:53:33 GMT
languages
api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/
260 B
631 B
Fetch
General
Full URL
https://api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/languages
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.43.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-43-49.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0c13b933f69dd44d1ef4bccb2554f32055607deecf558fd40bfe0bb90ce87ad2

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:33 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://bookings.creekandcountry.co.uk
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization, Content-Type, jwt, accountId, Content-Encoding, User-Agent, Cache-Control, Accept-Encoding, Cookie, Accept-Language, Accept, Accept-Charset, Content-Length, Content-MD5, From, Host, Referrer, Connection,
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 158B
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-43.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1725
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 01 Dec 2023 16:24:49 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Thu, 16 Nov 2023 21:49:01 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront)
x-amz-cf-id
RaacsQABZKuKj31I3trqt3XdGClKJD0H-gNIne8HcsIk7oSORxgChw==
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
amenities
api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/
215 KB
12 KB
Fetch
General
Full URL
https://api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/amenities
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.43.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-43-49.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
41479f663830e8aa028efa24919d2d7dfb35625d343b9720a9283d696bd0def0

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://bookings.creekandcountry.co.uk
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization, Content-Type, jwt, accountId, Content-Encoding, User-Agent, Cache-Control, Accept-Encoding, Cookie, Accept-Language, Accept, Accept-Charset, Content-Length, Content-MD5, From, Host, Referrer, Connection,
categories
api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/
32 B
491 B
Fetch
General
Full URL
https://api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/categories
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.43.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-43-49.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c6a31b5cfc30f2f3eff6afe3fb518ae6792aeb03841447b3826f7cb568a28c53

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://bookings.creekandcountry.co.uk
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization, Content-Type, jwt, accountId, Content-Encoding, User-Agent, Cache-Control, Accept-Encoding, Cookie, Accept-Language, Accept, Accept-Charset, Content-Length, Content-MD5, From, Host, Referrer, Connection,
pages
api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/
18 KB
6 KB
Fetch
General
Full URL
https://api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/pages
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.43.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-43-49.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d5648f4b16ef9fd8e5478e2861284208cfcfa6bf79c367542254e5b1c5573a7e

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://bookings.creekandcountry.co.uk
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization, Content-Type, jwt, accountId, Content-Encoding, User-Agent, Cache-Control, Accept-Encoding, Cookie, Accept-Language, Accept, Accept-Charset, Content-Length, Content-MD5, From, Host, Referrer, Connection,
css2
fonts.googleapis.com/
3 KB
585 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Gloria+Hallelujah:wght@700;800&family=Gelasio:wght@400;600;700&display=swap
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69628eacbc3c58ee1f3fc3751910ab250c5cf7b912d50f700edbb6f2f6dd0526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 16:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 16:53:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 16:53:33 GMT
homePageBg.jpeg
platform.hostaway.com/img/bookingEngine/
278 KB
279 KB
Image
General
Full URL
https://platform.hostaway.com/img/bookingEngine/homePageBg.jpeg
Requested by
Host: bookings.creekandcountry.co.uk
URL: https://bookings.creekandcountry.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.164.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-164-235.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ae8c8ef8bb8acc60b9e6e8e6272afa93db43537933a3c8626117f694e5b8f834

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bookings.creekandcountry.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:34 GMT
last-modified
Fri, 03 Mar 2023 12:08:16 GMT
server
nginx
accept-ranges
bytes
etag
"6401e330-4597e"
content-length
285054
content-type
image/jpeg
cIf4MaFfvUQxTTqS_PGFdGYmnQ.woff2
fonts.gstatic.com/s/gelasio/v10/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/gelasio/v10/cIf4MaFfvUQxTTqS_PGFdGYmnQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gloria+Hallelujah:wght@700;800&family=Gelasio:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3f8e17c5c29024cf596e7b59da33da3440ef0c0fc7da3f6cff7e8dfe6bc782a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bookings.creekandcountry.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 18:02:07 GMT
x-content-type-options
nosniff
age
82287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27540
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 02:14:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 18:02:07 GMT
cIf9MaFfvUQxTTqS9C6hYQ.woff2
fonts.gstatic.com/s/gelasio/v10/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/gelasio/v10/cIf9MaFfvUQxTTqS9C6hYQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gloria+Hallelujah:wght@700;800&family=Gelasio:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37f43a2446a888561c181a97d0a7d95952ca67e4852ce7c1299ab103430f1dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bookings.creekandcountry.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:20:45 GMT
x-content-type-options
nosniff
age
70369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26580
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 02:15:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 21:20:45 GMT
cIf4MaFfvUQxTTqS_JWEdGYmnQ.woff2
fonts.gstatic.com/s/gelasio/v10/
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/gelasio/v10/cIf4MaFfvUQxTTqS_JWEdGYmnQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gloria+Hallelujah:wght@700;800&family=Gelasio:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc07999a53fc29fac6aea101ccc3d83e3a70d0fb8777541b0183e152d6b548b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bookings.creekandcountry.co.uk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:21:34 GMT
x-content-type-options
nosniff
age
70320
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26656
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 02:26:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 21:21:34 GMT
facets
api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/listing/
136 B
574 B
Fetch
General
Full URL
https://api.hostaway.com/bookingEngines/bookings.creekandcountry.co.uk/listing/facets
Requested by
Host: d2q3n06xhbi0am.cloudfront.net
URL: https://d2q3n06xhbi0am.cloudfront.net/bundle.js?1701361936
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.43.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-43-49.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b3e39039f7550cc04b796925d7d2ce978d727cc861ff200ea96d51d36101df8a

Request headers

Accept
application/json
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 16:53:34 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://bookings.creekandcountry.co.uk
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization, Content-Type, jwt, accountId, Content-Encoding, User-Agent, Cache-Control, Accept-Encoding, Cookie, Accept-Language, Accept, Accept-Charset, Content-Length, Content-MD5, From, Host, Referrer, Connection,
truncated
/
487 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
582f30417d2c8a65a3818f064f0b0ff01c296d14bf4a7827c9b0f8ea0a476945

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DZF2BQ8W47&gtm=45je3bt0v878943392&_p=1701449612807&gcd=11l1l1l1l1&dma=0&cid=696209944.1701449613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701449613&sct=1&seg=0&dl=https%3A%2F%2Fbookings.creekandcountry.co.uk%2F&dt=Book%20Here&en=scroll&epn.percent_scrolled=90&_et=14&tfd=6058
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DZF2BQ8W47
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 16:53:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bookings.creekandcountry.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| gtag1 object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| __REACT_ERROR_OVERLAY_GLOBAL_HOOK__ object| __SVG_SPRITE__ object| __SENTRY__ object| recaptcha object| webpackChunkStripeJSouter function| noop function| Stripe object| __sentry_instrumentation_handlers__

5 Cookies

Domain/Path Name / Value
.creekandcountry.co.uk/ Name: _ga
Value: GA1.1.696209944.1701449613
.creekandcountry.co.uk/ Name: _ga_DZF2BQ8W47
Value: GS1.1.1701449613.1.0.1701449613.0.0.0
m.stripe.com/ Name: m
Value: e2d72e03-eb63-4d85-b4e3-85f93e7c49023ec7ad
.bookings.creekandcountry.co.uk/ Name: __stripe_mid
Value: fce68cc9-10ea-4a8d-889e-a7e3400eb5e3bf9658
.bookings.creekandcountry.co.uk/ Name: __stripe_sid
Value: 633c2576-be1d-4b98-9d02-a303eeef6c17000418

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' https://* 'unsafe-inline' 'unsafe-eval';img-src 'self' https://* data:;media-src 'self' https://*;connect-src 'self' https://* wss://*;frame-src 'self' https://*;frame-ancestors 'self' https://* http://localhost:*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hostaway.com
bookings.creekandcountry.co.uk
d2q3n06xhbi0am.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hostaway-platform.s3.us-west-2.amazonaws.com
js.stripe.com
platform.hostaway.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.35.93.43
2600:9000:2140:2000:d:cb8c:3f80:21
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2008
3.5.80.177
52.88.43.49
54.186.164.235
54.189.34.167
0c13b933f69dd44d1ef4bccb2554f32055607deecf558fd40bfe0bb90ce87ad2
37f43a2446a888561c181a97d0a7d95952ca67e4852ce7c1299ab103430f1dc1
41479f663830e8aa028efa24919d2d7dfb35625d343b9720a9283d696bd0def0
4440b368a19fda7dd00e9b0d96f68192ab85c7f62f352350aa764990d5bf6e32
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
53617a35d3002d1a21e73b94931a0750e932af91ed5ae8f8a758a600117bfd60
582f30417d2c8a65a3818f064f0b0ff01c296d14bf4a7827c9b0f8ea0a476945
68d6f5e6353b7af3f62a7458c547270de36d2f2a8af194f0337252513e518270
69628eacbc3c58ee1f3fc3751910ab250c5cf7b912d50f700edbb6f2f6dd0526
6d99df0f75e3b653861eafcb2333e2d8d2868f408966e5f722b3b13c1dd7f988
9cb23e3d09871d3911ef893b7a4526be610cc28daa934b69dab8c5c6122d4c06
aa5b7d455b609e53a68508609259a6d20342b2ce20f47f4abee38e513060eefc
ac87fafa5694b5bc73fc029b5d2c092b988aa7f7b2ee65e6bda11c7c2b4f907d
adc07999a53fc29fac6aea101ccc3d83e3a70d0fb8777541b0183e152d6b548b
ae8c8ef8bb8acc60b9e6e8e6272afa93db43537933a3c8626117f694e5b8f834
b3e39039f7550cc04b796925d7d2ce978d727cc861ff200ea96d51d36101df8a
c6a31b5cfc30f2f3eff6afe3fb518ae6792aeb03841447b3826f7cb568a28c53
d3f8e17c5c29024cf596e7b59da33da3440ef0c0fc7da3f6cff7e8dfe6bc782a
d5648f4b16ef9fd8e5478e2861284208cfcfa6bf79c367542254e5b1c5573a7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed12e36021dbb3bf34363a4903a5625a4a7e90c77adf9a55615114a584ab6fe6