urlscan.io logo urlscan.io
SecurityTrails logo

stay.guestjoy.com Open in urlscan Pro
54.154.243.69  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://stay.guestjoy.com/t/t-6022f28d97f4710006abfd61/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Effective URL: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Submission: On January 30 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 54.154.243.69, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is stay.guestjoy.com.
TLS certificate: Issued by Amazon on March 6th 2022. Valid for: a year.
This is the only time stay.guestjoy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 54.154.243.69 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 54.72.207.8 16509 (AMAZON-02)
5 151.101.0.176 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 54.187.119.242 16509 (AMAZON-02)
1 54.68.14.134 16509 (AMAZON-02)
21 9
5    54.154.243.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-243-69.eu-west-1.compute.amazonaws.com
stay.guestjoy.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2606:4700:e4::ac40:a816 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    54.72.207.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-207-8.eu-west-1.compute.amazonaws.com
api-hotels.guestjoy.com
5    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
1    54.68.14.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-14-134.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
9 guestjoy.com
stay.guestjoy.com
api-hotels.guestjoy.com
661 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1059
q.stripe.com — Cisco Umbrella Rank: 6022
m.stripe.com — Cisco Umbrella Rank: 1046
106 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1153
17 KB
2 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1468
ka-f.fontawesome.com — Cisco Umbrella Rank: 2791
430 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1 KB
21 6
Domain Requested by
5 stay.guestjoy.com 1 redirects stay.guestjoy.com
4 api-hotels.guestjoy.com stay.guestjoy.com
3 q.stripe.com stay.guestjoy.com
3 js.stripe.com stay.guestjoy.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com stay.guestjoy.com
1 ka-f.fontawesome.com kit.fontawesome.com
1 kit.fontawesome.com stay.guestjoy.com
21 10

This site contains no links.

Subject Issuer Validity Valid
*.guestjoy.com
Amazon		 2022-03-06 -
2023-04-03		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-12 -
2023-08-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-01-10 -
2023-05-10		 4 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-08 -
2023-04-08		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Frame ID: AA52501F912F195DC8C011B89B7BC32C
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: C6D5E26033BD1972DA7C76A9C21219CA
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 36CA297989829591B6293F723E38A624
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Concierge | GuestJoy

Page URL History Show full URLs

  1. https://stay.guestjoy.com/t/t-6022f28d97f4710006abfd61/g/vHb5zDY8Ta3NCLwFT/profile/notifications HTTP 302
    https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

21
Requests

100 %
HTTPS

44 %
IPv6

6
Domains

10
Subdomains

9
IPs

3
Countries

1252 kB
Transfer

3922 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stay.guestjoy.com/t/t-6022f28d97f4710006abfd61/g/vHb5zDY8Ta3NCLwFT/profile/notifications HTTP 302
    https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request notifications
stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/
Redirect Chain
  • https://stay.guestjoy.com/t/t-6022f28d97f4710006abfd61/g/vHb5zDY8Ta3NCLwFT/profile/notifications
  • https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
1005 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.243.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-243-69.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
1c7b07263e72edd08ae7254f58f0767b016dfdd9c72b06cb967e3442040108d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 10:06:17 GMT
expires
Mon, 30 Jan 2023 10:06:17 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
PHP/7.4.25
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 10:06:16 GMT
expires
Mon, 30 Jan 2023 10:06:16 GMT
location
https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
server
nginx
x-content-type-options
nosniff
x-powered-by
PHP/7.4.25
x-xss-protection
1; mode=block
app.js
stay.guestjoy.com/js/ 		2 MB
517 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stay.guestjoy.com/js/app.js?id=a1998ff2f5d6c25de00cec904cab9db1
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.243.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-243-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
61fdd135721aa0d2e82d2601205b12da7e680349096e0aafd3741615d6c02390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Jan 2023 10:09:19 GMT
server
nginx
etag
W/"63be8acf-1b0344"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Tue, 30 Jan 2024 10:06:17 GMT
0d117e2a03.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0d117e2a03.js
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6e3a198d107a28cf025e058547a23034fa14f9ed356e4ec92eaff7aff6ea39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://stay.guestjoy.com/
Origin
https://stay.guestjoy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:06:17 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
791964deb86e9bac-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FtS5aDawPd0ex3aIolXC
app.css
stay.guestjoy.com/css/ 		370 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stay.guestjoy.com/css/app.css?id=6366c43485f4d1b14292d92af7cb30a5
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.243.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-243-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9b2f9ec104e8e2171bac680c9214fab812a63219846749e28374b04111981e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Jan 2023 10:09:19 GMT
server
nginx
etag
W/"63be8acf-5c7f0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
x-xss-protection
1; mode=block
expires
Tue, 30 Jan 2024 10:06:17 GMT
free.min.js
ka-f.fontawesome.com/releases/v5.15.4/js/ 		1 MB
426 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/js/free.min.js?token=0d117e2a03
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0d117e2a03.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa86f69ce9347b3e57d75b59267733c91edd31e175305d37f0f55c2633bb5a07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stay.guestjoy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:06:17 GMT
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P2
age
7757254
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"736ac10fbfffa53b1fb75fbebdd7ff88"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZgg3UnBNbFnnmifp1wNsTXVdTkaUpf5viL6wEYEwLz31nc8QwAgqF2nG%2BPvFyZlMe7EYnTd9o8fy2PlTgqg08gvP5VipePuaAgsdO46NNpDAYrYH6K2NznKLROrxaU29f1XauVuc4X77aTDYrD%2B951ODw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
791964df4d429156-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
TGONIpuWzdDzzTJOk8bAnXpTIEtQ6Kzm_J7xNOi24R2de68amQd_IA==
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:300,400,500,600,700&display=swap
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/css/app.css?id=6366c43485f4d1b14292d92af7cb30a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7d27c8ab7e8071771e28d1ee6bc3cf0fb9845b7f38e22a7e1b08cbd6669900a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stay.guestjoy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Jan 2023 10:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 08:51:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Jan 2023 10:06:17 GMT
vHb5zDY8Ta3NCLwFT
api-hotels.guestjoy.com/v2/guests/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-hotels.guestjoy.com/v2/guests/vHb5zDY8Ta3NCLwFT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.207.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-207-8.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.16
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
baggage,sentry-trace,x-requested-with
Access-Control-Request-Method
GET
Origin
https://stay.guestjoy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
baggage,sentry-trace,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
0
cache-control
max-age=0
date
Mon, 30 Jan 2023 10:06:18 GMT
expires
Mon, 30 Jan 2023 10:06:18 GMT
server
nginx
vary
Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.0.16
x-xss-protection
1; mode=block
rooms
api-hotels.guestjoy.com/v2/guests/vHb5zDY8Ta3NCLwFT/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-hotels.guestjoy.com/v2/guests/vHb5zDY8Ta3NCLwFT/rooms
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.207.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-207-8.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.16
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
baggage,sentry-trace,x-requested-with
Access-Control-Request-Method
GET
Origin
https://stay.guestjoy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
baggage,sentry-trace,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
0
cache-control
max-age=0
date
Mon, 30 Jan 2023 10:06:18 GMT
expires
Mon, 30 Jan 2023 10:06:18 GMT
server
nginx
vary
Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.0.16
x-xss-protection
1; mode=block
v3
js.stripe.com/ 		428 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/js/app.js?id=a1998ff2f5d6c25de00cec904cab9db1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b3041fff1e6598ff16e3bf6624e09c0ae81c4b8beddb53a3d5cba818601344a6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stay.guestjoy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 30 Jan 2023 10:06:17 GMT
via
1.1 varnish
age
39
x-cache
HIT
content-length
104804
x-request-id
5eb92934-db94-4d84-9483-20d8a44fddc9
x-served-by
cache-hhn-etou8220052-HHN
last-modified
Fri, 27 Jan 2023 18:33:57 GMT
server
Fastly
etag
"84b0eede224735da61e59f61888b10ca"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
36
vHb5zDY8Ta3NCLwFT
api-hotels.guestjoy.com/v2/guests/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-hotels.guestjoy.com/v2/guests/vHb5zDY8Ta3NCLwFT
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/js/app.js?id=a1998ff2f5d6c25de00cec904cab9db1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.207.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-207-8.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.16
Resource Hash
7bc9728506130b9978e2dca90bb6efb3d20cd5266053af5275be95ba424445af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stay.guestjoy.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
baggage
sentry-transaction=profile.notifications,sentry-public_key=1d2e60012b5f4f49bb4c8fe9716a2285,sentry-trace_id=89eab26c8a074d239bd46aa138568438,sentry-sample_rate=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
sentry-trace
89eab26c8a074d239bd46aa138568438-9fac4159cf34e7dd-0

Response headers

date
Mon, 30 Jan 2023 10:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
PHP/8.0.16
x-guestjoy-request-id
HBvY9eJJfO0ZbL8llpGVhzHWrpSOnjBA
x-xss-protection
1; mode=block
x-guestjoy-trace-id
HBvY9eJJfO0ZbL8llpGVhzHWrpSOnjBA
server
nginx
vary
Accept-Encoding
x-ratelimit-remaining
179
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
x-ratelimit-limit
180
x-frame-options
SAMEORIGIN
expires
Mon, 30 Jan 2023 10:06:18 GMT
rooms
api-hotels.guestjoy.com/v2/guests/vHb5zDY8Ta3NCLwFT/ 		11 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-hotels.guestjoy.com/v2/guests/vHb5zDY8Ta3NCLwFT/rooms
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/js/app.js?id=a1998ff2f5d6c25de00cec904cab9db1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.207.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-207-8.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/8.0.16
Resource Hash
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://stay.guestjoy.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
baggage
sentry-transaction=profile.notifications,sentry-public_key=1d2e60012b5f4f49bb4c8fe9716a2285,sentry-trace_id=89eab26c8a074d239bd46aa138568438,sentry-sample_rate=0.01
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
sentry-trace
89eab26c8a074d239bd46aa138568438-9b55c217d552f917-0

Response headers

date
Mon, 30 Jan 2023 10:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
PHP/8.0.16
x-guestjoy-request-id
m5gmetP3w0dVYKu6MKhYYGTBVL19getR
x-xss-protection
1; mode=block
x-guestjoy-trace-id
m5gmetP3w0dVYKu6MKhYYGTBVL19getR
server
nginx
vary
Accept-Encoding
x-ratelimit-remaining
178
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
x-ratelimit-limit
180
x-frame-options
SAMEORIGIN
expires
Mon, 30 Jan 2023 10:06:18 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300,400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://stay.guestjoy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:44:51 GMT
x-content-type-options
nosniff
age
217286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:44:51 GMT
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame C6D5 		200 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stay.guestjoy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4608074
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 10:06:17 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 07 Dec 2022 23:30:12 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
286003
x-content-type-options
nosniff
x-request-id
83ca79fe-76a7-4f5c-ac23-ecb09dbcf579
x-served-by
cache-hhn-etou8220052-HHN
csp-report
q.stripe.com/ Frame C6D5 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 30 Jan 2023 10:06:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame C6D5 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 30 Jan 2023 10:06:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame C6D5 		631 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 30 Jan 2023 10:06:18 GMT
via
1.1 varnish
age
4608074
x-cache
HIT
content-length
332
x-request-id
0f3d58ec-6fec-429a-8b9c-bace94481638
x-served-by
cache-hhn-etou8220052-HHN
last-modified
Wed, 07 Dec 2022 23:30:11 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
253316
inner.html
m.stripe.network/ Frame 36CA 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
269
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 10:06:18 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
399
x-content-type-options
nosniff
x-request-id
75ca8bc9-4dde-4844-89e6-3850690ebc6d
x-served-by
cache-hhn-etou8220052-HHN
x-timer
S1675073178.051543,VS0,VE0
csp-report
q.stripe.com/ Frame 36CA 		0
375 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/g/vHb5zDY8Ta3NCLwFT/profile/notifications
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
green
pragma
no-cache
date
Mon, 30 Jan 2023 10:06:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 36CA 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 30 Jan 2023 10:06:18 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
3
x-cache
HIT
content-length
16031
x-request-id
77862356-c769-43e0-a368-9711f6125731
x-served-by
cache-hhn-etou8220052-HHN
server
Fastly
x-timer
S1675073178.065508,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
7
6
m.stripe.com/ Frame 36CA 		156 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.14.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-14-134.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a5774c96fbbc6c697e7fadce7838b1db3d487eee0aad4559997254e3d78cd300
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 30 Jan 2023 10:06:18 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
around-icons.ttf
stay.guestjoy.com/fonts/around-icons/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stay.guestjoy.com/fonts/around-icons/around-icons.ttf?enmnv5
Requested by
Host: stay.guestjoy.com
URL: https://stay.guestjoy.com/css/app.css?id=6366c43485f4d1b14292d92af7cb30a5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.243.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-243-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ac079262cd640ed984c09b6e5d7f56493dd0553b7c3bffa06d502db45f558f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stay.guestjoy.com/css/app.css?id=6366c43485f4d1b14292d92af7cb30a5
Origin
https://stay.guestjoy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:06:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Jan 2023 10:09:19 GMT
server
nginx
etag
"63be8acf-12314"
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
content-length
74516
x-xss-protection
1; mode=block
expires
Wed, 01 Mar 2023 10:06:18 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| FontAwesomeKitConfig object| GuestJoy object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| webpackChunk boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ function| _ object| __framePainter object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| Color object| utils object| lgData object| lgModules function| lightGallery function| axios object| mixpanel function| trackMixpanelEvent function| dayjs boolean| __VUE__ object| webpackChunkStripeJSouter function| noop function| Stripe

7 Cookies

Domain/Path Name / Value
stay.guestjoy.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik93bDJ6RGJyRC9xRUdlNWVwNUpFdEE9PSIsInZhbHVlIjoiOGd6c0E5dlZiN3c3M1Z6OEZEMU5Ha29qQTR1OGxGVlhYMWFpUFNkV1kybVZRbld5eUxwa3NTTmloSFBtbncyOW1Fb3JYZ3FTTFRLRFZYLzRjRElIRTJESENKQ1ZqNEtaQUphdHVCTzBzNHM0RytqWE56VkRlS1dSekxIbWtyQWQiLCJtYWMiOiI4YmYzZWJjNTk5M2I4NmNlMDBmZjE3NmUxZjE5NTdhZTM5YmY0NGMwODJkNzIwNTk0YmY4YWVlNWJhOGRiMWMwIiwidGFnIjoiIn0%3D
stay.guestjoy.com/ Name: concierge_session
Value: eyJpdiI6IkN1MEpMa2xKVzRGSnF6emU5dGgxbGc9PSIsInZhbHVlIjoieXM4a3BDWEtHaDFHc3VXQVA5Y0dXeTd5ZC8vdjI1cGJlU1VjOGhKUTF4YXlCS0FQK0VtbERkRzBuZEtvZk9OSFJCYXNtbWppRXpPYkdXZkJKNUN6NEtkWlRKRytKT3FGTmVrQzdKblVIaXRsQzFuS0h6bmpRWlVHTFhyV2psVVkiLCJtYWMiOiI2MjRhZGU2MTRhY2NhOGJlMGEwNTFkM2I5OTM4YTVlZGFiYzM5OTM4YWJlNTI3NmVkMGY4OTY1NzgyNjlhMjc4IiwidGFnIjoiIn0%3D
stay.guestjoy.com/ Name: remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d
Value: eyJpdiI6IkxWY2ZWM2dnM01RUndiZ0Zvbld0WEE9PSIsInZhbHVlIjoiazVUeU5rbWJHSXVJaGV4bnRxMlJrYk15S1JQOVFERXRDVmJWcTcrTU9xM0YyN2VLdDlYT3E3QTdpV2tOWlIzZjVOWlhwOEdvY01jaUtrb3JDbVNGQUtIQnpRVzROT2ViTTc0bmhVN3ByVlFncWxRM0NaN2JjUnM2WDhKVFVva1o2TUdSbzhIeEdEcmRsc00xKzBJa0RMaU56ZnJtaWppazM5NXNPNUxZS0JZPSIsIm1hYyI6Ijc4MjM3ZDQ0MmMzNDY1ZTQ5ZWQ0MjdjZTcyNzc4NjE3MzA4NzZjOTZiZDE2MGJmZWFjM2E2ODA1MGFjOWVkYjYiLCJ0YWciOiIifQ%3D%3D
.guestjoy.com/ Name: mp_edad9eb3353d512321ceddc8613d12a8_mixpanel
Value: %7B%22distinct_id%22%3A%20%22186022448f75ac-0c89a8284291b6-60325d57-1d4c00-186022448f8c5f%22%2C%22%24device_id%22%3A%20%22186022448f75ac-0c89a8284291b6-60325d57-1d4c00-186022448f8c5f%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
m.stripe.com/ Name: m
Value: 35478911-7afd-4a83-b2cd-10427e99b9ed11058d
.stay.guestjoy.com/ Name: __stripe_mid
Value: 21a884e9-6e56-404f-84d7-71f9f4437a8450cc25
.stay.guestjoy.com/ Name: __stripe_sid
Value: 03fe5f4b-1885-4578-a932-3e3fa02ff89755e24a

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-hotels.guestjoy.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
ka-f.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
q.stripe.com
stay.guestjoy.com
151.101.0.176
2606:4700::6812:1734
2606:4700:e4::ac40:a816
2a00:1450:4001:829::2003
2a00:1450:4001:831::200a
54.154.243.69
54.187.119.242
54.68.14.134
54.72.207.8
1ac079262cd640ed984c09b6e5d7f56493dd0553b7c3bffa06d502db45f558f8
1c7b07263e72edd08ae7254f58f0767b016dfdd9c72b06cb967e3442040108d1
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
61fdd135721aa0d2e82d2601205b12da7e680349096e0aafd3741615d6c02390
7bc9728506130b9978e2dca90bb6efb3d20cd5266053af5275be95ba424445af
7d27c8ab7e8071771e28d1ee6bc3cf0fb9845b7f38e22a7e1b08cbd6669900a4
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
9b2f9ec104e8e2171bac680c9214fab812a63219846749e28374b04111981e7e
a5774c96fbbc6c697e7fadce7838b1db3d487eee0aad4559997254e3d78cd300
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
aa86f69ce9347b3e57d75b59267733c91edd31e175305d37f0f55c2633bb5a07
b3041fff1e6598ff16e3bf6624e09c0ae81c4b8beddb53a3d5cba818601344a6
bf6e3a198d107a28cf025e058547a23034fa14f9ed356e4ec92eaff7aff6ea39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083