urlscan.io logo urlscan.io
SecurityTrails logo

shop-serenbe.guestmanager.com Open in urlscan Pro
18.205.222.128  Public Scan

Go To Rescan Add Verdict Report
URL: https://shop-serenbe.guestmanager.com/viewer/tickets/5e6YtmTzUDEqXwL5CrGK56JJ
Submission Tags: falconsandbox
Submission: On October 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 11 HTTP transactions. The main IP is 18.205.222.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is shop-serenbe.guestmanager.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 28th 2024. Valid for: a year.
This is the only time shop-serenbe.guestmanager.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 18.205.222.128 14618 (AMAZON-AES)
1 99.86.4.104 16509 (AMAZON-02)
1 99.86.4.91 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
1 52.216.215.65 16509 (AMAZON-02)
11 10
2    18.205.222.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-222-128.compute-1.amazonaws.com
shop-serenbe.guestmanager.com
1    99.86.4.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-104.fra6.r.cloudfront.net
cdn2.guestmanager.com
1    99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net
cdn0.guestmanager.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
1    52.216.215.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gm-production-uploads.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
4 guestmanager.com
shop-serenbe.guestmanager.com
cdn2.guestmanager.com
cdn0.guestmanager.com
347 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 923
88 B
1 amazonaws.com
gm-production-uploads.s3.amazonaws.com
3 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
563 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
96 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
11 8
Domain Requested by
2 sessions.bugsnag.com cdn0.guestmanager.com
2 shop-serenbe.guestmanager.com 1 redirects
1 gm-production-uploads.s3.amazonaws.com
1 www.google.de shop-serenbe.guestmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com cdn0.guestmanager.com
1 www.googletagmanager.com shop-serenbe.guestmanager.com
1 fonts.googleapis.com shop-serenbe.guestmanager.com
1 cdn0.guestmanager.com
1 cdn2.guestmanager.com
11 10

This site contains links to these domains. Also see Links.

Domain
www.guestmanager.com
Subject Issuer Validity Valid
guestmanager.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-28 -
2025-03-29		 a year crt.sh
*.guestmanager.com
Amazon RSA 2048 M03		 2023-11-15 -
2024-12-13		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-20 -
2025-04-15		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.de
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shop-serenbe.guestmanager.com/viewer/tickets/5e6YtmTzUDEqXwL5CrGK56JJ
Frame ID: AE24E04E5A6384D1EB141A0FACF7263A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

- Shop Serenbe

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

447 kB
Transfer

1735 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://shop-serenbe.guestmanager.com/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6OTAsInB1ciI6ImJsb2JfaWQifX0=--3c06c458c7a26faab78295b7b9a6cbe5885d803f/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJwbmciLCJyZXNpemVfdG9fZml0IjpbMzIsMzJdfSwicHVyIjoidmFyaWF0aW9uIn19--cae84dab525e919a18837ff1b29f37273d5b7245/iTunesArtwork.png HTTP 302
  • https://gm-production-uploads.s3.amazonaws.com/jop9m6w87ddydm62rkwvpqrcyk7p?response-content-disposition=inline%3B%20filename%3D%22iTunesArtwork.png%22%3B%20filename%2A%3DUTF-8%27%27iTunesArtwork.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA4RDKUTQD3I2XRVZO%2F20241023%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241023T101546Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a627008a99f2be6bdbbf4e5b26f39bf611d1c4ab81dd0aac895e82e8dbce954a

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5e6YtmTzUDEqXwL5CrGK56JJ
shop-serenbe.guestmanager.com/viewer/tickets/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shop-serenbe.guestmanager.com/viewer/tickets/5e6YtmTzUDEqXwL5CrGK56JJ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.205.222.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-222-128.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6a8e2319bad6cd7bc141483ebf504a0f866bcaf569bd93130db9ef8955271545
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Oct 2024 10:15:46 GMT
Etag
W/"6a8e2319bad6cd7bc141483ebf504a0f"
Link
<https://cdn2.guestmanager.com/packs/css/frontend-d906fe24.css>; rel=preload; as=style; nopush,<https://cdn0.guestmanager.com/packs/js/frontend-ad7e24dc17c5a2bcc4fc.js>; rel=preload; as=script; nopush
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729678546&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JmtVeFiJNa%2B7W%2Buo8JVDqskFrDNNFm76gqfk7CkToz0%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1729678546&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JmtVeFiJNa%2B7W%2Buo8JVDqskFrDNNFm76gqfk7CkToz0%3D
Server
Cowboy
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
5acd8b89-90f3-4910-bf31-92e028196ddc
X-Runtime
0.044391
X-Xss-Protection
0
frontend-d906fe24.css
cdn2.guestmanager.com/packs/css/ 		299 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.guestmanager.com/packs/css/frontend-d906fe24.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-104.fra6.r.cloudfront.net
Software
Cowboy /
Resource Hash
730767fb21d5cffd9f0ada3de6f0493d72801773cffe01db4deecefcb8d6b1ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

Content-Encoding
gzip
Age
26405
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729652141&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pcYuplF%2BuxyVopyh79arqk5dQHVJxm3HJHtFOpKCc4s%3D"}]}
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
mo_U0SX6KXJVnxhtnEFF31lo-cfMVy0Trb2d3noGX21XIegKRQya_g==
Date
Wed, 23 Oct 2024 02:55:41 GMT
Content-Type
text/css
Last-Modified
Wed, 23 Oct 2024 02:48:48 GMT
Vary
accept-encoding,Origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1729652141&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pcYuplF%2BuxyVopyh79arqk5dQHVJxm3HJHtFOpKCc4s%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control
public, max-age=31536000, s-maxage=31536000
Connection
keep-alive
Via
1.1 vegur, 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
Content-Length
58536
X-Amz-Cf-Pop
FRA6-C1
Server
Cowboy
frontend-ad7e24dc17c5a2bcc4fc.js
cdn0.guestmanager.com/packs/js/ 		1 MB
283 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn0.guestmanager.com/packs/js/frontend-ad7e24dc17c5a2bcc4fc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-91.fra6.r.cloudfront.net
Software
Cowboy /
Resource Hash
8b41c6f687dc82d0c144ba3fdf846b8ff532c849a3060498c6c91790625100e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

Content-Encoding
gzip
Age
26405
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729652141&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pcYuplF%2BuxyVopyh79arqk5dQHVJxm3HJHtFOpKCc4s%3D"}]}
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
z-dFEL8fmV6iNp7fvKnEAaueGjBSwiiI0EIGA1cyubgVIFtXw9ZpRw==
Date
Wed, 23 Oct 2024 02:55:40 GMT
Content-Type
text/javascript
Last-Modified
Wed, 23 Oct 2024 02:48:48 GMT
Vary
accept-encoding,Origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1729652141&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=pcYuplF%2BuxyVopyh79arqk5dQHVJxm3HJHtFOpKCc4s%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Cache-Control
public, max-age=31536000, s-maxage=31536000
Connection
keep-alive
Via
1.1 vegur, 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
Content-Length
288855
X-Amz-Cf-Pop
FRA6-C1
Server
Cowboy
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,600
Requested by
Host: shop-serenbe.guestmanager.com
URL: https://shop-serenbe.guestmanager.com/viewer/tickets/5e6YtmTzUDEqXwL5CrGK56JJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 10:15:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:15:46 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 23 Oct 2024 10:11:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		271 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GT0BQNN6RV
Requested by
Host: shop-serenbe.guestmanager.com
URL: https://shop-serenbe.guestmanager.com/viewer/tickets/5e6YtmTzUDEqXwL5CrGK56JJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
675cb32df552527a6ce6ad316520b8fc927bfb1ab27f51df0df7a693dbbd648e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 23 Oct 2024 10:15:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:15:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97325
x-xss-protection
0
server
Google Tag Manager
/
sessions.bugsnag.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://shop-serenbe.guestmanager.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At, Bugsnag-Integrity
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 23 Oct 2024 10:15:46 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: cdn0.guestmanager.com
URL: https://cdn0.guestmanager.com/packs/js/frontend-ad7e24dc17c5a2bcc4fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Bugsnag-Api-Key
9afd673d4f4ca1d0d877ddc2a6fc8359
Referer
https://shop-serenbe.guestmanager.com/
Bugsnag-Sent-At
2024-10-23T10:15:46.591Z
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
date
Wed, 23 Oct 2024 10:15:46 GMT
content-type
application/json
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GT0BQNN6RV&gtm=45je4al0h2v9126723055za200&_p=1729678546611&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101823848&cid=268220045.1729678547&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729678546&sct=1&seg=0&dl=https%3A%2F%2Fshop-serenbe.guestmanager.com%2Fviewer%2Ftickets%2F5e6YtmTzUDEqXwL5CrGK56JJ&dt=-%20Shop%20Serenbe&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=683
Requested by
Host: cdn0.guestmanager.com
URL: https://cdn0.guestmanager.com/packs/js/frontend-ad7e24dc17c5a2bcc4fc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://shop-serenbe.guestmanager.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:15:46 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
563 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GT0BQNN6RV&cid=268220045.1729678547&gtm=45je4al0h2v9126723055za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GT0BQNN6RV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://shop-serenbe.guestmanager.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 10:15:46 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GT0BQNN6RV&cid=268220045.1729678547&gtm=45je4al0h2v9126723055za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685~101823848&tag_exp=101686685~101823848&z=1459904199
Requested by
Host: shop-serenbe.guestmanager.com
URL: https://shop-serenbe.guestmanager.com/viewer/tickets/5e6YtmTzUDEqXwL5CrGK56JJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 23 Oct 2024 10:15:46 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jop9m6w87ddydm62rkwvpqrcyk7p
gm-production-uploads.s3.amazonaws.com/
Redirect Chain
  • https://shop-serenbe.guestmanager.com/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsiZGF0YSI6OTAsInB1ciI6ImJsb2JfaWQifX0=--3c06c458c7a26faab78295b7b9a6cbe5885d803f/eyJfcmFpbHMiOnsiZG...
  • https://gm-production-uploads.s3.amazonaws.com/jop9m6w87ddydm62rkwvpqrcyk7p?response-content-disposition=inline%3B%20filename%3D%22iTunesArtwork.png%22%3B%20filename%2A%3DUTF-8%27%27iTunesArtwork.p...
3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gm-production-uploads.s3.amazonaws.com/jop9m6w87ddydm62rkwvpqrcyk7p?response-content-disposition=inline%3B%20filename%3D%22iTunesArtwork.png%22%3B%20filename%2A%3DUTF-8%27%27iTunesArtwork.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA4RDKUTQD3I2XRVZO%2F20241023%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241023T101546Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a627008a99f2be6bdbbf4e5b26f39bf611d1c4ab81dd0aac895e82e8dbce954a
Protocol
HTTP/1.1
Server
52.216.215.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
959e11e0c6bc476d025738e6cd3b20203e2ab98fa354aa97982f11a3df5009f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://shop-serenbe.guestmanager.com/

Response headers

x-amz-replication-status
COMPLETED
ETag
"b607594c0ba89087d274cd5e6d105d6d"
x-amz-version-id
pS_AzmgITN_xnpwDfd8aFZ8Qg9qfExkw
x-amz-request-id
YQWH1P7ZG4SDVA1H
Accept-Ranges
bytes
Content-Length
2906
Date
Wed, 23 Oct 2024 10:15:48 GMT
Last-Modified
Fri, 11 Dec 2020 22:09:28 GMT
Content-Disposition
inline; filename="iTunesArtwork.png"; filename*=UTF-8''iTunesArtwork.png
Server
AmazonS3
Content-Type
image/png
x-amz-id-2
HH0vDr/yRhg+nWDRDAmiiAi/P5U7EeS3Czy4TjWzZg0tkZZd60Kd0yGHvIOcXrcqDcOygmQ1nag=

Redirect headers

X-Request-Id
22a5274a-049a-4d0e-a9cb-95570841bcdd
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1729678546&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JmtVeFiJNa%2B7W%2Buo8JVDqskFrDNNFm76gqfk7CkToz0%3D"}]}
X-Content-Type-Options
nosniff
Date
Wed, 23 Oct 2024 10:15:46 GMT
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding, Origin
X-Runtime
0.008116
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1729678546&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=JmtVeFiJNa%2B7W%2Buo8JVDqskFrDNNFm76gqfk7CkToz0%3D
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Location
https://gm-production-uploads.s3.amazonaws.com/jop9m6w87ddydm62rkwvpqrcyk7p?response-content-disposition=inline%3B%20filename%3D%22iTunesArtwork.png%22%3B%20filename%2A%3DUTF-8%27%27iTunesArtwork.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA4RDKUTQD3I2XRVZO%2F20241023%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241023T101546Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a627008a99f2be6bdbbf4e5b26f39bf611d1c4ab81dd0aac895e82e8dbce954a
Cache-Control
max-age=300, private
Connection
keep-alive
Referrer-Policy
strict-origin-when-cross-origin
Via
1.1 vegur
X-Xss-Protection
0
Server
Cowboy

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| user function| $ function| jQuery boolean| _rails_loaded object| ParsleyConfig object| ParsleyExtend object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| FullCalendarVDom object| intlTelInputGlobals function| rebuild_parsley function| add_selectize_fields function| init_phones function| handle_ajax_error function| notify function| facebook_share function| facebook_logged_in function| facebook_check_state function| facebook_login_event function| facebook_login function| add_card_data_to_form string| api_token function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal

4 Cookies

Domain/Path Name / Value
shop-serenbe.guestmanager.com/ Name: tpt
Value: set
shop-serenbe.guestmanager.com/ Name: _guest_manager_session
Value: 8QNJ1tHQ%2FU9GMZsjs1FnrGOHhhQzPcdJ47mIbwlEWVQvxTJbrjMLCzeXbIz93%2BU1XiD6Go%2FWDH4itqqgkb07JpZcaTdMFaY%2BO3gUjpYJ8NZMOH83zX3oL7wqrWNJ1FJ1qiN%2F1jEp0hYSkdXPki%2FucsDuFGyLpPUxCZGuu4TeeD2JdEtZRZR5yveOVZ2wg%2FFRmivoO2sEtYGxACzaS050pOf%2FpysiPnhEidb4%2F7thCRLTKlhGOE3oHo46BKxmnPzk6EIY%2BVwtr9qPVFqFFKxB1TVSgPpRigPLqxowB%2Foc--wl%2BFS9pFqiFkUh0%2F--C8GcEZZM1XdEoqxtoJI%2BoQ%3D%3D
.guestmanager.com/ Name: _ga_GT0BQNN6RV
Value: GS1.1.1729678546.1.0.1729678546.60.0.0
.guestmanager.com/ Name: _ga
Value: GA1.1.268220045.1729678547

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0