booking.stage.guestline.app Open in urlscan Pro
2606:4700:4400::ac40:93e6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.stage.guestline.app/
Submission: On November 18 via api (November 18th 2024, 2:39:51 pm UTC) from US — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2606:4700:4400::ac40:93e6, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking.stage.guestline.app.
TLS certificate: Issued by WE1 on October 19th 2024. Valid for: 3 months.

This is the only time booking.stage.guestline.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:440... 2606:4700:4400::ac40:93e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	13.32.121.24 13.32.121.24	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	18.235.46.245 18.235.46.245	14618 (AMAZON-AES) (AMAZON-AES)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
2	172.175.234.12 172.175.234.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
27	9

6 2606:4700:4400::ac40:93e6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

booking.stage.guestline.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gxp-dbm-stage-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gxp-configs-stage-cdn-ep.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-24.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.46.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-46-245.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	azureedge.net gxp-dbm-stage-cdn.azureedge.net gxp-configs-stage-cdn-ep.azureedge.net	679 KB
6	guestline.app 1 redirects booking.stage.guestline.app	17 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 625 n.clarity.ms — Cisco Umbrella Rank: 8169	29 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	61 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 867 heapanalytics.com — Cisco Umbrella Rank: 683	38 KB
1	gstatic.com fonts.gstatic.com	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
27	7

	Domain	Requested by
10	gxp-dbm-stage-cdn.azureedge.net	booking.stage.guestline.app gxp-dbm-stage-cdn.azureedge.net
6	booking.stage.guestline.app	1 redirects booking.stage.guestline.app gxp-dbm-stage-cdn.azureedge.net
2	n.clarity.ms	gxp-dbm-stage-cdn.azureedge.net
2	www.clarity.ms	booking.stage.guestline.app www.clarity.ms
2	gxp-configs-stage-cdn-ep.azureedge.net	gxp-dbm-stage-cdn.azureedge.net
1	script.hotjar.com	static.hotjar.com
1	heapanalytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	booking.stage.guestline.app
1	cdn.heapanalytics.com	booking.stage.guestline.app
1	fonts.googleapis.com	gxp-dbm-stage-cdn.azureedge.net
27	11

This site contains no links.

Subject Issuer	Validity	Valid
booking.stage.guestline.app WE1	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 04	`2024-09-19` - `2025-09-14`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M03	`2024-10-10` - `2025-11-08`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://booking.stage.guestline.app/
Frame ID: 456C61C9CB6C4B8985D9C187659578E5
Requests: 24 HTTP requests in this frame

Frame: https://booking.stage.guestline.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 75C29AEB035B2EA14D346F6A62F44E2D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

27
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

843 kB
Transfer

2249 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://booking.stage.guestline.app/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://booking.stage.guestline.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
booking.stage.guestline.app/ 18 KB
6 KB 287ms
121ms Document
text/html 2606:4700:4400::ac40:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.stage.guestline.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:93e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b76564edd3e9925de60965ff5d3e690441a9ffab508f91bd32dfa6b345032a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin
cache-control: no-cache, must-revalidate, no-store
cf-cache-status: DYNAMIC
cf-ray: 8e48b6360ebc973b-FRA
content-encoding: gzip
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-18f74be34ee5cb2c2282d961b73662a7' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
content-type: text/html
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 18 Nov 2024 14:39:45 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 6
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-ratelimit-limit: 200
x-ratelimit-remaining: 199
x-ratelimit-reset: 60

GET
H2 200 index-ueMu0TTR.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 2 MB
619 KB 465ms
172ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Requested by

Host: booking.stage.guestline.app
URL: https://booking.stage.guestline.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6bf8ffa9b8634d5ff8f6dc4a5c1e1acc21aa3319e4331679c5b83f6ab2eef882

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"19af3a-193307fad00"
age: 37918
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:44:54 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 7
x-ratelimit-reset: 59
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 77136198
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-f3a8690469dee2f281ebc29d0273d24f' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 198
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b6392cc96710-AMS
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fse8

GET
H2 200 index-Dg-eE-h9.css
gxp-dbm-stage-cdn.azureedge.net/static/ 20 KB
6 KB 423ms
129ms Stylesheet
text/css 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/index-Dg-eE-h9.css

Requested by

Host: booking.stage.guestline.app
URL: https://booking.stage.guestline.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5571b628f6a6def61fcc0877abc0737957cf0c2827625c4224450ba571d4712a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4f7f-193307fad00"
age: 37918
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: text/css; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:44:54 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 19
x-ratelimit-reset: 59
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 0
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-e3162e5f7496b2ed0dce43ee0da57814' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 194
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b6391cf98b44-AMS
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fse7

GET
H2

200

main.js Show response
booking.stage.guestline.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 75C2
Redirect Chain

https://booking.stage.guestline.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://booking.stage.guestline.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

47ms
47ms

Script
application/javascript

2606:4700:4400::ac40:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.stage.guestline.app/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Protocol

Server

2606:4700:4400::ac40:93e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4fcd76116315d39f780dc9225ac7764cdcdeba70f4bd4a671822a4d76267a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8e48b63dbf48973b-FRA
date: Mon, 18 Nov 2024 14:39:46 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray: 8e48b63d6f0b973b-FRA
access-control-allow-origin: *
content-length: 0
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 countries-CUhPtVK4.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 8 KB
5 KB 135ms
134ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/countries-CUhPtVK4.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4d3e3a4ab634d1fc58aaacef189c8ba0eabb338f3389433136dfafbb731e6df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"1e23-193307facac"
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:44:53 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 21
x-ratelimit-reset: 58
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 0
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-549aaf40334ff54277795687fae1ef2c' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 198
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b63dcbf49f8e-AMS
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshc

GET
H2 200 currencies-DQhxrQTD.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 718 B
2 KB 163ms
162ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/currencies-DQhxrQTD.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

be29da5f5422ea54b48891c359992948d42ad56d05f34e6641bb993435fa3d7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

cf-cache-status: MISS
etag: W/"2ce-193307e54fa"
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:43:25 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 10
x-ratelimit-reset: 58
referrer-policy: no-referrer
accept-ranges: bytes
content-length: 718
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 77136198
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-9e6e1189b953e986749de82db85e5981' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
cf-ray: 8e48b63dcdd90ea9-AMS
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
cross-origin-embedder-policy: unsafe-none
x-ratelimit-remaining: 195
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshd

GET
H2 200 main-hAIySMGG.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 40 KB
18 KB 421ms
420ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/main-hAIySMGG.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

38d55bb13e367a1f1cc9973b2da612402d0932c18d3f94f9947ebd4118d48806

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"a190-193307facb0"
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:44:53 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 8
x-ratelimit-reset: 58
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 77136198
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:47 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-ec4c800afaa6e7b251e34c74d0702fc9' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 194
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b63ddb877742-AMS
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshe

GET
H2 200 states-BeEwU_NQ.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 1 KB
2 KB 150ms
149ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/states-BeEwU_NQ.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d02ae15ee612d56ccbfb26e6e083983172ed9a6e0fc89e1b918a3c7301fb317d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"58e-193307e54ee"
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:43:25 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 9
x-ratelimit-reset: 58
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 0
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-5dab7065bbadcb48c28eca8111c8dc6c' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 196
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b63dc930d6de-CDG
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshf

GET
H2 200 countries-BfMBmc0t.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 8 KB
5 KB 130ms
129ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/countries-BfMBmc0t.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a93bed27bc06405f010d736ab543d69cf4f4fb23a6aebd755b4925c5d047bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1eb9-193307faca0"
age: 37918
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:44:53 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 11
x-ratelimit-reset: 59
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 0
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-88959d24ee3ef40feccb749235de9338' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 194
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b63ddb07b8ba-AMS
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshg

GET
H2 200 currencies-CGYwzbaD.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 668 B
2 KB 140ms
139ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/currencies-CGYwzbaD.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18bb60cf716c52ead0a8e639a778a7aa0041cb0fe2dc6fd831cdb553fe9fd88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

cf-cache-status: HIT
etag: W/"29c-193307faca0"
age: 37918
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:44:53 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 12
x-ratelimit-reset: 59
referrer-policy: no-referrer
accept-ranges: bytes
content-length: 668
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 0
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-3a4c46b55e555b5b9eb357c215e9c364' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
cf-ray: 8e48b63ddc33b74e-AMS
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
cross-origin-embedder-policy: unsafe-none
x-ratelimit-remaining: 193
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshh

GET
H2 200 main-D30927Lg.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 38 KB
17 KB 118ms
118ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/main-D30927Lg.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

414d18031208e873c7638fcef06c3f6cbb75b7604c2da7e224225348769bfa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"98af-193307fad38"
age: 37918
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:44:54 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 9
x-ratelimit-reset: 59
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 77136198
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-8f3f5995be55f69b16712a50be415e6c' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 192
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b63dd8e51c84-AMS
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshk

GET
H2 200 states-DRQr4Ynh.js Show response
gxp-dbm-stage-cdn.azureedge.net/static/ 1 KB
2 KB 117ms
117ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://gxp-dbm-stage-cdn.azureedge.net/static/states-DRQr4Ynh.js

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85529b7e7a24baf55d32934b9cf28e69c54555235e6931b7e1ac8b52474ddd5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"58d-193307e556a"
age: 37918
x-content-type-options: nosniff
x-cache: TCP_MISS
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 15 Nov 2024 15:43:26 GMT
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 13
x-ratelimit-reset: 59
referrer-policy: no-referrer
origin-agent-cluster: ?1
x-fd-int-roxy-purgeid: 0
x-permitted-cross-domain-policies: none
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
expires: Tue, 19 Nov 2024 14:39:46 GMT
date: Mon, 18 Nov 2024 14:39:46 GMT
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-4bf825326f920fa8d0509a31f3a991e4' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
x-download-options: noopen
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 195
cross-origin-embedder-policy: unsafe-none
cf-ray: 8e48b63dd93db8f1-AMS
access-control-allow-origin: *
x-ratelimit-limit: 200
x-azure-ref: 20241118T143946Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fshm

GET
H2 200 favicon.ico
booking.stage.guestline.app/ 17 KB
5 KB 151ms
151ms Other
text/html 2606:4700:4400::ac40:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.stage.guestline.app/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:93e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43efa26a32a094d4f06652f00f149a708b7f361d2c37df2cf1ad5e3c66868d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
date: Mon, 18 Nov 2024 14:39:46 GMT
content-type: text/html
vary: Origin, Accept-Encoding
last-modified: Mon, 18 Nov 2024 14:39:46 GMT
x-frame-options: SAMEORIGIN
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: no-cache, must-revalidate, no-store
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
x-envoy-upstream-service-time: 13
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: no-referrer
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-05050e903089366b5a4fde8a210a5865' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 197
x-download-options: noopen
x-ratelimit-reset: 58
access-control-allow-origin
cf-ray: 8e48b63daf3a973b-FRA
x-ratelimit-limit: 200
origin-agent-cluster: ?1
server: cloudflare

POST
H2 200 8e48b6360ebc973b Show response
booking.stage.guestline.app/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 75C2 0
638 B 94ms
90ms XHR
text/plain 2606:4700:4400::ac40:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.stage.guestline.app/cdn-cgi/challenge-platform/h/b/jsd/r/8e48b6360ebc973b
Requested by: Host: booking.stage.guestline.app
URL: https://booking.stage.guestline.app/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8e48b63e6ff5973b-FRA
content-length: 0
date: Mon, 18 Nov 2024 14:39:46 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

OPTIONS
H2 200 configs
gxp-configs-stage-cdn-ep.azureedge.net/api/collections// Frame 0
0 204ms
78ms Preflight
text/html 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-configs-stage-cdn-ep.azureedge.net/api/collections//configs?sections[]=analytics
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-ai-data
Access-Control-Request-Method: GET
Origin: https://booking.stage.guestline.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: *
allow: GET,HEAD,POST,DELETE
content-length: 20
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2024 14:39:47 GMT
etag: W/"14-vijJQh7oOiFe5LbBdIG6HXxCVYM"
request-context: appId=cid-v1:
vary: Accept-Encoding
x-azure-ref: 20241118T143947Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fsmt
x-cache: TCP_MISS
x-envoy-upstream-service-time: 5
x-powered-by: Express

GET
H2 404 configs Show response
gxp-configs-stage-cdn-ep.azureedge.net/api/collections// 60 B
524 B 208ms
207ms Fetch
text/html 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gxp-configs-stage-cdn-ep.azureedge.net/api/collections//configs?sections[]=analytics
Requested by: Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: ffc9e7dfd3191abe586d46022e7deecd4be635d118a6c90b990f39d243be6766

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Client-Ai-Data: {"userId":"Xm6hKHwAm2yOgiVd+Dn3Oi","sessionId":"9soOOir+LsjnPsvsPRu1p5"}
Referer

Response headers

etag: W/"3c-ZIzTtnDDsw//l1MeSP8jC3pQVA4"
x-envoy-upstream-service-time: 126
x-fd-int-roxy-purgeid: 0
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
request-context: appId=cid-v1:
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 60
date: Mon, 18 Nov 2024 14:39:47 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
x-azure-ref: 20241118T143947Z-15f56cb949c4zq57hC1FRAdy8400000002mg00000000fsn2
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, client-ai-data

GET
H2 404 / Show response
booking.stage.guestline.app/api/session/ 2 B
755 B 79ms
79ms Fetch
application/json 2606:4700:4400::ac40:93e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.stage.guestline.app/api/session/

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:93e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |cd0c3b62655b43aa86fceb2f740cab47.acf25b3f5a4946a3
traceparent: 00-cd0c3b62655b43aa86fceb2f740cab47-acf25b3f5a4946a3-01
client-ai-data: {"userId":"Xm6hKHwAm2yOgiVd+Dn3Oi","sessionId":"9soOOir+LsjnPsvsPRu1p5"}
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray: 8e48b640aa77973b-FRA
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
date: Mon, 18 Nov 2024 14:39:47 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
access-control-allow-headers: Request-Id, Request-Context, Origin, X-Requested-With, Content-Type, Accept, Cache-Control
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
cross-origin-opener-policy: same-origin
x-envoy-upstream-service-time: 7
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'strict-dynamic' 'unsafe-eval' http: https: 'nonce-6cd633b381347c1b33e3829adea60cdf' 'unsafe-inline';object-src 'none';base-uri 'none';report-uri /api/csp-report
referrer-policy: no-referrer
request-context: appId=cid-v1:3b6f38ac-15fe-471b-97e3-350f86a29161
x-ratelimit-remaining: 193
x-download-options: noopen
x-ratelimit-reset: 58
access-control-allow-origin
content-length: 2
x-ratelimit-limit: 200
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 156ms
53ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99d5ff73dc0c4a20e773fc6ebb7cf0c06e108564bf1d9695d26391fcc9b1c6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 14:39:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 14:39:47 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 18 Nov 2024 13:19:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 heap-2665089796.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 162ms
48ms Script
application/javascript 13.32.121.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2665089796.js

Requested by

Host: booking.stage.guestline.app
URL: https://booking.stage.guestline.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-24.fra60.r.cloudfront.net

Software

nginx / Express

Resource Hash

6432bea1d11b09e1a84e01b788624b91741505b97138ba35a9c21e496910bb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: W/"1d4bc-T+5BDr4bvVBJG1GRVkvUzXL1zaQ"
age: 11
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FvI_-CmhuS-xC5Tpmqw0VLJZ1pT8sGB-WqNufAziiomYfXyMvIQNLg==
date: Mon, 18 Nov 2024 14:39:35 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
cross-origin-resource-policy: cross-origin
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-powered-by: Express
server: nginx

GET
H2 200 hotjar-1856906.js Show response
static.hotjar.com/c/ 13 KB
6 KB 197ms
70ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1856906.js?sv=6

Requested by

Host: booking.stage.guestline.app
URL: https://booking.stage.guestline.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

d4134f4e85de5b63b55332a26bf690c0ad9c9318664c1214357164587f9ac33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/ed9cbad2975ef62f9aa7c0a87f4a2cd1
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: _NlgBAQe_ZXRFYgzntEr-HTF-PQ8sjTr87nU8vd_54_ImYA6zb4TFA==
date: Mon, 18 Nov 2024 14:39:47 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 kh5562uybv Show response
www.clarity.ms/tag/ 565 B
822 B 291ms
139ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kh5562uybv
Requested by: Host: booking.stage.guestline.app
URL: https://booking.stage.guestline.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 646d52446fb6e0a3bf851c38ecee14a1d1eff00559baa5af3c83f5d37a28c538

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 565
date: Mon, 18 Nov 2024 14:39:47 GMT
content-type: application/x-javascript
x-azure-ref: 20241118T143947Z-15f56cb949ch99krhC1FRArrvc00000002vg00000001fe52

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 96ms
42ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://booking.stage.guestline.app
Referer: https://fonts.googleapis.com/

Response headers

age: 429584
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:20:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:20:03 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 h
heapanalytics.com/ 37 B
379 B 506ms
123ms Image
image/gif 18.235.46.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2665089796&u=6431141120590676&v=466735866731678&s=7842126630039994&b=web&tv=4.0&z=0&h=%2F&d=booking.stage.guestline.app&ts=1731940787510&sch=1200&scw=1600&st=1731940787513&lv=4.23.4&ld=cdn.heapanalytics.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.235.46.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-235-46-245.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Mon, 18 Nov 2024 14:39:47 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 modules.6f60e575cf8ad7cb10f7.js Show response
script.hotjar.com/ 222 KB
55 KB 460ms
85ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6f60e575cf8ad7cb10f7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1856906.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag: none
content-encoding: br
etag: "56b1b49a4bdc4c874445907df778d045"
age: 1210789
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ifEsrZ_RFcJiP-tL7hb7EPW4IbVPKf65Q79EsYrl4wgc4_Cw5hkdTw==
date: Mon, 04 Nov 2024 14:19:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 Nov 2024 14:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56128
x-amz-cf-pop: FRA60-P9

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 110ms
110ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kh5562uybv
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-azure-ref: 20241118T143947Z-15f56cb949ch99krhC1FRArrvc00000002vg00000001fe5n
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 5f251d8f-501e-0016-6366-38d80c000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Mon, 18 Nov 2024 14:39:47 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
291 B 417ms
145ms XHR
text/plain 172.175.234.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer

Response headers

Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin: https://booking.stage.guestline.app
Date: Mon, 18 Nov 2024 14:39:48 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
291 B 126ms
126ms XHR
text/plain 172.175.234.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: gxp-dbm-stage-cdn.azureedge.net
URL: https://gxp-dbm-stage-cdn.azureedge.net/static/index-ueMu0TTR.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer

Response headers

Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin: https://booking.stage.guestline.app
Date: Mon, 18 Nov 2024 14:39:49 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
booking.stage.guestline.app/	1970-01-21 09:51:16	Name: ai_user Value: Xm6hKHwAm2yOgiVd+Dn3Oi\|2024-11-18T14:39:46.762Z
booking.stage.guestline.app/	1970-01-21 01:05:42	Name: ai_session Value: 9soOOir+LsjnPsvsPRu1p5\|1731940786765\|1731940786765
booking.stage.guestline.app/	1969-12-31 23:59:59	Name: i18next Value: de-DE
.booking.stage.guestline.app/	1970-01-21 09:51:16	Name: cf_clearance Value: r1x5q8iwOxlXVmMmJqryoP9uZMTUATFL0gO1mUJ5vCE-1731940786-1.2.1.1-HX7yqo1HRtxNZAx0iFJw3dC8zow1r3IZ0R9RfCXqYq_6IdJbd.qeWrjZHQNhTZ7tdz2A76MYU.x2esuFqbjDFPNkav20PXUgsUxYY_hg7MxD3O9KaZ41Sq5OWWOYZ8BmFnRN_CyoA6.wSQKwuxDM7oh6lq32YfTPszESsL2GfXycIyR2pfx3yzwNrXKBW_1HLqnykoHQYgd34V9mJPOOc9RSce8GHZNazlcJlG5_GA7aM8l.IM2rhAyzQFMU58azf1htX93On2_.J6Cv6u3qv0BRQZz86JTR.QlEhT464G_I5mHVyUctRP2jHB.cKS.FvJaUy9Mdd4Z8x79zus2OrRC7DXxu2XEFa8Tk2UCAeQ0RPDWj7fhmyrNMgxMthzmx
.guestline.app/	1970-01-21 10:33:38	Name: _hp2_id.2665089796 Value: %7B%22userId%22%3A%226431141120590676%22%2C%22pageviewId%22%3A%22466735866731678%22%2C%22sessionId%22%3A%227842126630039994%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.guestline.app/	1970-01-21 09:51:16	Name: _hjSessionUser_1856906 Value: eyJpZCI6IjJjZDNhZTA5LTNmOWEtNTA3Ni1hZDg5LWM5NGI2ZGEzZDY2ZCIsImNyZWF0ZWQiOjE3MzE5NDA3ODgwMTUsImV4aXN0aW5nIjpmYWxzZX0=
.guestline.app/	1970-01-21 01:05:42	Name: _hjSession_1856906 Value: eyJpZCI6Ijg5YTA3M2M2LTA5ZWYtNDAzOS1iNDkwLTkwYTg0YmI5YmMwMCIsImMiOjE3MzE5NDA3ODgwMTUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.guestline.app/	1970-01-21 01:05:42	Name: _hp2_ses_props.2665089796 Value: %7B%22ts%22%3A1731940787510%2C%22d%22%3A%22booking.stage.guestline.app%22%2C%22h%22%3A%22%2F%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://booking.stage.guestline.app/api/session/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gxp-configs-stage-cdn-ep.azureedge.net/api/collections//configs?sections[]=analytics Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.stage.guestline.app
cdn.heapanalytics.com
fonts.googleapis.com
fonts.gstatic.com
gxp-configs-stage-cdn-ep.azureedge.net
gxp-dbm-stage-cdn.azureedge.net
heapanalytics.com
n.clarity.ms
script.hotjar.com
static.hotjar.com
www.clarity.ms
13.32.121.24
13.33.187.74
142.250.186.99
172.175.234.12
18.235.46.245
18.66.102.53
2606:4700:4400::ac40:93e6
2620:1ec:bdf::45
2a00:1450:4001:831::200a
18bb60cf716c52ead0a8e639a778a7aa0041cb0fe2dc6fd831cdb553fe9fd88c
38d55bb13e367a1f1cc9973b2da612402d0932c18d3f94f9947ebd4118d48806
414d18031208e873c7638fcef06c3f6cbb75b7604c2da7e224225348769bfa28
43efa26a32a094d4f06652f00f149a708b7f361d2c37df2cf1ad5e3c66868d85
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d3e3a4ab634d1fc58aaacef189c8ba0eabb338f3389433136dfafbb731e6df7
5571b628f6a6def61fcc0877abc0737957cf0c2827625c4224450ba571d4712a
6432bea1d11b09e1a84e01b788624b91741505b97138ba35a9c21e496910bb03
646d52446fb6e0a3bf851c38ecee14a1d1eff00559baa5af3c83f5d37a28c538
6bf8ffa9b8634d5ff8f6dc4a5c1e1acc21aa3319e4331679c5b83f6ab2eef882
73b76564edd3e9925de60965ff5d3e690441a9ffab508f91bd32dfa6b345032a
85529b7e7a24baf55d32934b9cf28e69c54555235e6931b7e1ac8b52474ddd5b
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a93bed27bc06405f010d736ab543d69cf4f4fb23a6aebd755b4925c5d047bcc
99d5ff73dc0c4a20e773fc6ebb7cf0c06e108564bf1d9695d26391fcc9b1c6b8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be29da5f5422ea54b48891c359992948d42ad56d05f34e6641bb993435fa3d7c
d02ae15ee612d56ccbfb26e6e083983172ed9a6e0fc89e1b918a3c7301fb317d
d4134f4e85de5b63b55332a26bf690c0ad9c9318664c1214357164587f9ac33e
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fcd76116315d39f780dc9225ac7764cdcdeba70f4bd4a671822a4d76267a9e
f0a9b19d1615e0e2afdca507d4c7cbe384b0bdfad5cbaf63c14a386df33a62d7
ffc9e7dfd3191abe586d46022e7deecd4be635d118a6c90b990f39d243be6766

booking.stage.guestline.app Open in urlscan Pro 2606:4700:4400::ac40:93e6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

96 %HTTPS

33 %IPv6

7 Domains

11 Subdomains

9 IPs

2 Countries

843 kBTransfer

2249 kBSize

8 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

8 Cookies

2 Console Messages

Security Headers

booking.stage.guestline.app Open in urlscan Pro
2606:4700:4400::ac40:93e6 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

96 %
HTTPS

33 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

843 kB
Transfer

2249 kB
Size

8
Cookies

27 HTTP transactions
0 data transactions