URL: https://concierge.staging01.stay-app.systems/
Submission: On December 16 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 172.67.4.40, located in United States and belongs to CLOUDFLARENET, US. The main domain is concierge.staging01.stay-app.systems.
TLS certificate: Issued by WE1 on October 22nd 2024. Valid for: 3 months.
This is the only time concierge.staging01.stay-app.systems was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.67.4.40 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
19 5
Apex Domain
Subdomains
Transfer
14 stay-app.systems
concierge.staging01.stay-app.systems
955 KB
1 sentry.io
o4506699496226816.ingest.us.sentry.io — Cisco Umbrella Rank: 884857
297 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
988 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
13 KB
19 4
Domain Requested by
14 concierge.staging01.stay-app.systems concierge.staging01.stay-app.systems
1 o4506699496226816.ingest.us.sentry.io concierge.staging01.stay-app.systems
1 fonts.googleapis.com concierge.staging01.stay-app.systems
1 cdn.jsdelivr.net concierge.staging01.stay-app.systems
19 4

This site contains no links.

Subject Issuer Validity Valid
staging01.stay-app.systems
WE1
2024-10-22 -
2025-01-20
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-10-03 -
2025-07-29
10 months crt.sh

This page contains 1 frames:

Primary Page: https://concierge.staging01.stay-app.systems/
Frame ID: 901CDF6CA876EFACACC7FB61FE4F3AFB
Requests: 18 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

89 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

970 kB
Transfer

3303 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
concierge.staging01.stay-app.systems/
5 KB
3 KB
Document
General
Full URL
https://concierge.staging01.stay-app.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
60de3298ac2c758e9d16cd1119792fa17b4c3fcbd1925d2895cac42d893dfda2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, no-store
cf-cache-status
HIT
cf-ray
8f2d6e2789144d3a-FRA
content-encoding
br
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=U4hCwEz2rzhtPkAi5N5RHo_MDVEyEX3ByOnQTIYvsRY-1734339073-1.0.1.1-sbatRyo7s4.fHHDNsj6SFrrNKlsX9vaW93J8JUuJ5BVCFj2wpEZY8Tz8AP7B.OGCJ5sfjdCIuLxffju4xfwdvIkfnUC66fRobMr_NXPyrMNcTcilnT9SPUjkYD4vRbpAEEMDrByUv74oT85LNQl6aEuLu9ZoDhVSj6iJV2l2VHRjwXKGaAj4joUz_61fMUxG; report-to cf-csp-endpoint
content-type
text/html; charset=UTF-8
date
Mon, 16 Dec 2024 08:51:13 GMT
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=U4hCwEz2rzhtPkAi5N5RHo_MDVEyEX3ByOnQTIYvsRY-1734339073-1.0.1.1-sbatRyo7s4.fHHDNsj6SFrrNKlsX9vaW93J8JUuJ5BVCFj2wpEZY8Tz8AP7B.OGCJ5sfjdCIuLxffju4xfwdvIkfnUC66fRobMr_NXPyrMNcTcilnT9SPUjkYD4vRbpAEEMDrByUv74oT85LNQl6aEuLu9ZoDhVSj6iJV2l2VHRjwXKGaAj4joUz_61fMUxG"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
x-envoy-upstream-service-time
12
x-powered-by
Lightning-bolt
velocity.min.js
cdn.jsdelivr.net/velocity/1.2.1/
34 KB
13 KB
Script
General
Full URL
https://cdn.jsdelivr.net/velocity/1.2.1/velocity.min.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
211393b09ab7fdfba9ddb5f6135625e6674613fd89b872d258ab535a348d2adb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://concierge.staging01.stay-app.systems/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"8821-9tLIonO1YncYXZgD+0fa5JpObng"
age
4655586
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Mon, 16 Dec 2024 08:51:13 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220056-FRA, cache-mad2200140-MAD
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
13129
index-BfvoAZoS.js
concierge.staging01.stay-app.systems/assets/
767 KB
387 KB
Script
General
Full URL
https://concierge.staging01.stay-app.systems/assets/index-BfvoAZoS.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
2c6cc5b3fa0ad5595c62a95f4568b4dc8c93bf4e1ae8bad2745a5f2b9b32d6e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"bfafd-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
8
cf-ray
8f2d6e2829a94d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
Frontpages-BgGZEDZ3.js
concierge.staging01.stay-app.systems/assets/
2 MB
324 KB
Script
General
Full URL
https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
145f55cb9fac1d7e59a9ac8dbd8574d259e568bd48a45b34df2e09c29cfb269c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"19ae70-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
382
cf-ray
8f2d6e2829ad4d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
WidgetsFrontpageChunk-BXrNbp1L.js
concierge.staging01.stay-app.systems/assets/
500 KB
142 KB
Script
General
Full URL
https://concierge.staging01.stay-app.systems/assets/WidgetsFrontpageChunk-BXrNbp1L.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
be40d58583d55e7d49a4cbfdbc6b297ddd99d014088f3a2688a2457544b5299e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"7ce64-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
9
cf-ray
8f2d6e2829ae4d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
Frontpages-ByT9sF_i.css
concierge.staging01.stay-app.systems/assets/
153 KB
47 KB
Stylesheet
General
Full URL
https://concierge.staging01.stay-app.systems/assets/Frontpages-ByT9sF_i.css
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
e719d0384b3bafeea2d9a52e43b52331c1c324c8524d88f1f50473c30c727214

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"26300-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:13 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
309
cf-ray
8f2d6e2829b04d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
WidgetsFrontpageChunk-DXyaFCiY.css
concierge.staging01.stay-app.systems/assets/
63 KB
9 KB
Stylesheet
General
Full URL
https://concierge.staging01.stay-app.systems/assets/WidgetsFrontpageChunk-DXyaFCiY.css
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
c9f1cc8bde0744c7fea693b47bf62f90956abcd82f7a1a378686dfbf8abb3919

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"fd69-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:13 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
65
cf-ray
8f2d6e2829b24d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
index-BaKXsFkR.css
concierge.staging01.stay-app.systems/assets/
95 KB
25 KB
Stylesheet
General
Full URL
https://concierge.staging01.stay-app.systems/assets/index-BaKXsFkR.css
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
1e1537894961327b7353e6f555f88c334ebab31fffb4da1a1b4d041a271ec06f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"17d30-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:13 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
391
cf-ray
8f2d6e2829b54d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
customFont.css
concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/
0
0

css
fonts.googleapis.com/
5 KB
988 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,700,800&display=swap
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/assets/index-BaKXsFkR.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bde554d786ca7b671d95fec52ef28a04c68510383c790b6dbc562ef0913a5f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 08:51:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:51:13 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 16 Dec 2024 08:33:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
46875039-1760-4a4b-a813-56b7656a8d0a
https://concierge.staging01.stay-app.systems/
0
0

/
o4506699496226816.ingest.us.sentry.io/api/4506902775332864/envelope/
2 B
297 B
Fetch
General
Full URL
https://o4506699496226816.ingest.us.sentry.io/api/4506902775332864/envelope/?sentry_key=985ab954329c889a22f8ff1a26c9c980&sentry_version=7&sentry_client=sentry.javascript.vue%2F8.34.0
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://concierge.staging01.stay-app.systems/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 08:51:14 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
PromotionsScreen-C9h7aghc.js
concierge.staging01.stay-app.systems/assets/
2 KB
1 KB
Script
General
Full URL
https://concierge.staging01.stay-app.systems/assets/PromotionsScreen-C9h7aghc.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
f5b63d70673effa3b307ca8a92a92efca71dabeb39ea0cca761efeb70a4eadf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"7be-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
2
cf-ray
8f2d6e306a8d4d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
TVFrontpageFactory-1WWLgydF.js
concierge.staging01.stay-app.systems/assets/
9 KB
4 KB
Script
General
Full URL
https://concierge.staging01.stay-app.systems/assets/TVFrontpageFactory-1WWLgydF.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
4307138c651a3c5571d62f1172ccbc51a4c13312323dd123096c2de923373ca6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"2475-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
4
cf-ray
8f2d6e307aa84d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
browser-BAfbCHbB.js
concierge.staging01.stay-app.systems/assets/
24 KB
10 KB
Script
General
Full URL
https://concierge.staging01.stay-app.systems/assets/browser-BAfbCHbB.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
2e81b9a426dee2dc3405da54c9a9dbca7d7ee4e7ded02d3926657bfc4983d012

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"5f99-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
127
cf-ray
8f2d6e307aa94d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
stay-logo@2x-B8BoJrUr.js
concierge.staging01.stay-app.systems/assets/
423 B
724 B
Script
General
Full URL
https://concierge.staging01.stay-app.systems/assets/stay-logo@2x-B8BoJrUr.js
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
a5b92112f030d82338e59e4b0a6940fb5b2cc58bfa0eea02d4a61f2590c13e8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"1a7-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
2
cf-ray
8f2d6e307aab4d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
TVFrontpageFactory-DYH9lqzt.css
concierge.staging01.stay-app.systems/assets/
2 KB
1 KB
Stylesheet
General
Full URL
https://concierge.staging01.stay-app.systems/assets/TVFrontpageFactory-DYH9lqzt.css
Requested by
Host: concierge.staging01.stay-app.systems
URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
5504fdfcfa3b80069a9e3d25c8b1808db36605c10e8f322ca2cc11c1bd7fc397

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://concierge.staging01.stay-app.systems
Referer
https://concierge.staging01.stay-app.systems/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"7eb-1930b264248"
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:14 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
last-modified
Fri, 08 Nov 2024 09:41:17 GMT
cache-control
public, max-age=3600
x-envoy-upstream-service-time
105
cf-ray
8f2d6e307aad4d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
icon-192.png
concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/icons/
202 B
537 B
Other
General
Full URL
https://concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/icons/icon-192.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
8ed0d9b0a4e7d512e195dd477994217026fa694ed6d19fed9d4eba5dab6b090d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://concierge.staging01.stay-app.systems/desktop/

Response headers

content-encoding
br
cf-cache-status
MISS
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:15 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
content-security-policy
default-src 'none'
cache-control
max-age=3600
x-envoy-upstream-service-time
10
cf-ray
8f2d6e322cb34d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare
icon-192.png
concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/icons/
202 B
0
Other
General
Full URL
https://concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/icons/icon-192.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.4.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Lightning-bolt
Resource Hash
8ed0d9b0a4e7d512e195dd477994217026fa694ed6d19fed9d4eba5dab6b090d
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://concierge.staging01.stay-app.systems/desktop/

Response headers

content-encoding
br
cf-cache-status
MISS
access-control-allow-methods
HEAD, OPTIONS, GET, POST, DELETE, PUT, PATCH
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 08:51:15 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Language, Accept-Encoding, Stay-CmsVersion, Stay-Establishment, Stay-Language, Cache-Control
content-security-policy
default-src 'none'
cache-control
max-age=3600
x-envoy-upstream-service-time
10
cf-ray
8f2d6e322cb34d3a-FRA
access-control-allow-origin
*
x-powered-by
Lightning-bolt
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
concierge.staging01.stay-app.systems
URL
https://concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/customFont.css
Domain
concierge.staging01.stay-app.systems
URL
blob:https://concierge.staging01.stay-app.systems/46875039-1760-4a4b-a813-56b7656a8d0a

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| url_string object| url string| host string| subdomain string| baseUrl string| iosTitleContent string| iosIcon string| customFontCss string| subdomainTitle string| subdomainTitleCapitalized object| link object| scriptCss object| iosTitleLink object| iosIconLink object| iconLink function| Velocity object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| __SENTRY__ boolean| __VUE__ object| analyticsConnectorInstances

1 Cookies

Domain/Path Name / Value
.stay-app.systems/ Name: AMP_374873cecc
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjI1ODI1ODlkZi1iNWQ3LTQ0ZDgtODFhYy0zZmMwN2ViNzQ3NjIlMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzM0MzM5MDc0NjUwJTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJwYWdlQ291bnRlciUyMiUzQTAlN0Q=

16 Console Messages

Source Level URL
Text
security error URL: https://concierge.staging01.stay-app.systems/
Message:
[Report Only] Refused to load the script 'https://cdn.jsdelivr.net/velocity/1.2.1/velocity.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/(Line 20)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-reD6LrQDkPZGjlxLcbL8lADtRkJzAPkX6CdiMnWcozg='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://concierge.staging01.stay-app.systems/
Message:
[Report Only] Refused to load the script 'https://concierge.staging01.stay-app.systems/assets/index-BfvoAZoS.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/(Line 145)
Message:
[Report Only] Refused to load the script 'https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/(Line 146)
Message:
[Report Only] Refused to load the script 'https://concierge.staging01.stay-app.systems/assets/WidgetsFrontpageChunk-BXrNbp1L.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/
Message:
Refused to apply style from 'https://concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/customFont.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 39)
Message:
[Report Only] Refused to create a worker from 'blob:https://concierge.staging01.stay-app.systems/46875039-1760-4a4b-a813-56b7656a8d0a' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 37)
Message:
[Report Only] Refused to connect to 'https://o4506699496226816.ingest.us.sentry.io/api/4506902775332864/envelope/?sentry_key=985ab954329c889a22f8ff1a26c9c980&sentry_version=7&sentry_client=sentry.javascript.vue%2F8.34.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 37)
Message:
[Report Only] Refused to connect to 'https://o4506699496226816.ingest.us.sentry.io/api/4506902775332864/envelope/?sentry_key=985ab954329c889a22f8ff1a26c9c980&sentry_version=7&sentry_client=sentry.javascript.vue%2F8.34.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 48)
Message:
[Report Only] Refused to load the script 'https://concierge.staging01.stay-app.systems/assets/PromotionsScreen-C9h7aghc.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 48)
Message:
[Report Only] Refused to load the script 'https://concierge.staging01.stay-app.systems/assets/TVFrontpageFactory-1WWLgydF.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 48)
Message:
[Report Only] Refused to load the script 'https://concierge.staging01.stay-app.systems/assets/browser-BAfbCHbB.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 48)
Message:
[Report Only] Refused to load the script 'https://concierge.staging01.stay-app.systems/assets/stay-logo@2x-B8BoJrUr.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://concierge.staging01.stay-app.systems/assets/Frontpages-BgGZEDZ3.js(Line 107)
Message:
[Report Only] Refused to create a worker from 'https://concierge.staging01.stay-app.systems/public/sw.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'worker-src' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/icons/icon-192.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://concierge.staging01.stay-app.systems/domains/concierge.staging01.stay-app.systems/icons/icon-192.png
Message:
Failed to load resource: the server responded with a status of 404 ()