urlscan.io logo urlscan.io
SecurityTrails logo

hybird-booking.theboxhaven.com Open in urlscan Pro
2a01:4f8:271:16a1::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hybird-booking.theboxhaven.com/settings/menu-setting.php
Effective URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On April 20 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2a01:4f8:271:16a1::2, located in Ehingen, Germany and belongs to HETZNER-AS, DE. The main domain is hybird-booking.theboxhaven.com.
TLS certificate: Issued by R3 on April 20th 2024. Valid for: 3 months.
This is the only time hybird-booking.theboxhaven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a01:4f8:271:... 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 18.66.102.11 16509 (AMAZON-02)
4 13.32.121.120 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.192.176 54113 (FASTLY)
1 172.217.16.202 15169 (GOOGLE)
4 65.9.66.122 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 54.231.230.193 16509 (AMAZON-02)
1 13.32.27.54 16509 (AMAZON-02)
2 20.84.22.197 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
33 15
5    2a01:4f8:271:16a1::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
hybird-booking.theboxhaven.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
4    13.32.121.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-120.fra60.r.cloudfront.net
hybrid.booking.xeni.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f202.1e100.net
maps.googleapis.com
4    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
js.stripe.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.231.230.193 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
xeniapp-image-bucket-prod.s3.amazonaws.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
2    20.84.22.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
f.clarity.ms — Cisco Umbrella Rank: 6000
c.clarity.ms — Cisco Umbrella Rank: 1371
28 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
maps.googleapis.com — Cisco Umbrella Rank: 362
192 KB
5 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1162
167 KB
5 theboxhaven.com
hybird-booking.theboxhaven.com
20 KB
4 xeni.com
hybrid.booking.xeni.com
138 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 amazonaws.com
xeniapp-image-bucket-prod.s3.amazonaws.com
5 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 737
script.hotjar.com — Cisco Umbrella Rank: 933
60 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
762 B
0 azurewebsites.net Failed
cpaysdkservice.azurewebsites.net Failed
33 10
Domain Requested by
5 js.stripe.com hybird-booking.theboxhaven.com
js.stripe.com
5 hybird-booking.theboxhaven.com hybird-booking.theboxhaven.com
4 maps.googleapis.com hybird-booking.theboxhaven.com
maps.googleapis.com
4 hybrid.booking.xeni.com hybird-booking.theboxhaven.com
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 f.clarity.ms www.clarity.ms
2 xeniapp-image-bucket-prod.s3.amazonaws.com hybird-booking.theboxhaven.com
2 www.clarity.ms hybird-booking.theboxhaven.com
www.clarity.ms
2 fonts.googleapis.com hybird-booking.theboxhaven.com
1 c.bing.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com hybird-booking.theboxhaven.com
0 cpaysdkservice.azurewebsites.net Failed hybird-booking.theboxhaven.com
33 14

This site contains no links.

Subject Issuer Validity Valid
kitaabsafar.pk
R3		 2024-04-20 -
2024-07-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.booking.xeni.com
Amazon RSA 2048 M02		 2024-02-27 -
2025-03-27		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-27 -
2024-06-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh

This page contains 5 frames:

Primary Page: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Frame ID: E2DECAA42DB9CF1F99E661BBAAF16393
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 8D6B630F9C70ADCAE604D8C19DEDC147
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d20806fffd063fca1dcc480a8672e5bd.html
Frame ID: 9991A4B9F9E39C0A5A43C43C99B17BB1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-d20806fffd063fca1dcc480a8672e5bd.html
Frame ID: 4936541281BC046D72DB2D1C824D6782
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E0242AFD10A09399DF6B6628B7D6AD6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hybrid Travel Agency - Online Hotel, Flight, Car Booking Agency

Page URL History Show full URLs

  1. http://hybird-booking.theboxhaven.com/settings/menu-setting.php HTTP 307
    https://hybird-booking.theboxhaven.com/settings/menu-setting.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

33
Requests

94 %
HTTPS

40 %
IPv6

10
Domains

14
Subdomains

15
IPs

3
Countries

632 kB
Transfer

2625 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hybird-booking.theboxhaven.com/settings/menu-setting.php HTTP 307
    https://hybird-booking.theboxhaven.com/settings/menu-setting.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=40BA4A44ABF3496D8D7574F71898BB19&RedC=c.clarity.ms&MXFR=32645AC764FA6A3031254EA060FA64B0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=40BA4A44ABF3496D8D7574F71898BB19&MUID=21D18B0A41546252067C9F6D402363CA

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request menu-setting.php
hybird-booking.theboxhaven.com/settings/
Redirect Chain
  • http://hybird-booking.theboxhaven.com/settings/menu-setting.php
  • https://hybird-booking.theboxhaven.com/settings/menu-setting.php
149 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:271:16a1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache / PHP/8.1.27
Resource Hash
f025ad0f6ef92a516984108fd277343171500ce446bfa05dbf2dbae570a62daf

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20024
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Apr 2024 10:50:34 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/8.1.27

Redirect headers

Location
https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		110 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
431a6addf4717f52510a2c1d298838c084f08c675de3f292bf3ad9a501257c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Apr 2024 10:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Apr 2024 10:50:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Apr 2024 10:50:35 GMT
css2
fonts.googleapis.com/ 		2 KB
472 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comic+Neue:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b20779b904085ee7ffd912f27ef6534157113913fc5bf8fad5d86d19a8f64f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Apr 2024 10:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Apr 2024 10:50:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Apr 2024 10:50:35 GMT
connexpay.min.css
cpaysdkservice.azurewebsites.net/sdks/sdk.v1/css/ 		0
0
bj9y8wquzq
www.clarity.ms/tag/ 		685 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/bj9y8wquzq
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a7eacc1828b1e62078802d9c0500b463c495137e09077f5ecec0ab475983826

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Sat, 20 Apr 2024 10:50:36 GMT
x-azure-ref
20240420T105036Z-1679546b657c97mk14cmv9w73c00000000k000000000r7u6
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
685
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
hotjar-3345652.js
static.hotjar.com/c/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3345652.js?sv=6
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
5b12fe31e32026484ae237d2950d02d85cbaf2f1a95bd7165e75a1721760b336
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 10:50:36 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/4282f3523dc42845184f88e0d52d62b0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DX2d3MgImOW_NfnjMXeeE6T62kd9KnV6oUkHDzSofsvxLaBUE_7mdQ==
vendor.a0794f016084d6a692aa.js
hybird-booking.theboxhaven.com/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hybird-booking.theboxhaven.com/assets/vendor.a0794f016084d6a692aa.js
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:271:16a1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 10:50:36 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
app.a0794f016084d6a692aa.js
hybird-booking.theboxhaven.com/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hybird-booking.theboxhaven.com/assets/app.a0794f016084d6a692aa.js
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:271:16a1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 10:50:36 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
vendor.min.css
hybrid.booking.xeni.com/assets/ 		107 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hybrid.booking.xeni.com/assets/vendor.min.css
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa85109ea313cf12bec05ab6684ba39cb9245635e9f02d6eb434fb2b7a76579c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bVQV_injHySaLpoHvJf3YO_LM0qSY4cK
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
date
Sat, 20 Apr 2024 10:50:36 GMT
last-modified
Tue, 09 Apr 2024 07:30:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"b7a6b4ce08560b85a188e730541411bb"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
-WkcxPHCIeeYOE7mOC0QweTPucZnyfN5qk3sM1wrbUcePPppQHROig==
app.min.css
hybrid.booking.xeni.com/assets/ 		993 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hybrid.booking.xeni.com/assets/app.min.css
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
058ceb0c9a91ab9e4f14dec5171e9d13a02ee34be4a434ac0e4837a598e49e03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
lA90trAkpebHinyJ9hMSqJGZiUnfKJQH
date
Sat, 20 Apr 2024 10:50:36 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified
Tue, 09 Apr 2024 07:30:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
"a1ce0323b711247e648d2dbf33d58f19"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
content-length
993
x-amz-cf-id
VtUia3lsEKdEiI4oIBl9hzvJCT8bLAD935sSjl-Axm4OZJ7ppTrS1g==
theme.min.css
hybrid.booking.xeni.com/assets/ 		582 KB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hybrid.booking.xeni.com/assets/theme.min.css
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44034eab2cfba5ef7f503d0fc4d9e72a671463f43081cfc3d0315a2697ccf873

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
U2yU24vgYmF6wSxNcaPeW4dr6Ao4zGL3
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
date
Sat, 20 Apr 2024 10:50:36 GMT
last-modified
Tue, 09 Apr 2024 07:30:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"d41e85c2682456a6b8944044a625e55b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
KyhdIlbe-cy40aSPBbfGBzTzQE_uJLQBZajRzdMyo-FZkIHeAjA2nw==
user.min.css
hybrid.booking.xeni.com/assets/ 		85 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hybrid.booking.xeni.com/assets/user.min.css
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec4e824c74662bb9eac2c1a853bbfece67fae972e3df955aa91bf18d82ade7e5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
o.DE4xCDtSoNyt5qtdqrnutamhQmfy89
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
date
Sat, 20 Apr 2024 10:50:36 GMT
last-modified
Tue, 09 Apr 2024 07:30:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"9966d07180ba5ed369a36dc856a5c218"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
sZ4Fjiyb12QtO3zUxJEwawMn4XgrhHNA0QqxbUX1gLbGRTTz7coEzg==
js
maps.googleapis.com/maps/api/ 		235 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCGW3SeJuRcdUFEwcVSWv4O9y0QWCqv2SA&libraries=places
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
7ba67ac8e98f54e89cc2e73137ca07c28f47f786e4883bc137ca94cefd3e1f45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 10:50:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78230
x-xss-protection
0
common.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 		256 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 03:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
27799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57512
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Apr 2025 03:07:16 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/55/4/util.js
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 06:21:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
16119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55175
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:55:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Apr 2025 06:21:56 GMT
874.min.css
hybird-booking.theboxhaven.com/assets/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hybird-booking.theboxhaven.com/assets/874.min.css
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:271:16a1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 10:50:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
9550.min.css
hybird-booking.theboxhaven.com/assets/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hybird-booking.theboxhaven.com/assets/9550.min.css
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:271:16a1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 10:50:35 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
v3
js.stripe.com/ 		604 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a0b5e6ff7d5850a9ca96b8f86298b8b75e194e6904b289517208f1701d1ab2af
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 20 Apr 2024 10:50:35 GMT
via
1.1 varnish
age
25
x-cache
HIT
content-length
170400
x-request-id
5fe3d55e-9ee3-4fd5-8448-9d84b71634bb
x-served-by
cache-mxp6960-MXP
last-modified
Fri, 19 Apr 2024 21:28:14 GMT
server
Fastly
etag
"9da8ff7a51979cbce3c7c2acae197be9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCGW3SeJuRcdUFEwcVSWv4O9y0QWCqv2SA&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 10:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hybird-booking.theboxhaven.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 8D6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://hybird-booking.theboxhaven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3001
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 20 Apr 2024 10:01:57 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Wed, 20 Dec 2023 18:28:32 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
CtiNdIZLIjh_lxFLQIAGcSM6zWwvRQdJbTQ_uowJXSUUZOo9noV6VA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-d20806fffd063fca1dcc480a8672e5bd.html
js.stripe.com/v3/ Frame 9991 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-d20806fffd063fca1dcc480a8672e5bd.html
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://hybird-booking.theboxhaven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 20 Apr 2024 10:50:37 GMT
etag
"d20806fffd063fca1dcc480a8672e5bd"
last-modified
Tue, 12 Dec 2023 19:57:29 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
35jVjwpYgjiefP-KtuKJuty72vnzkSn46xjvgCfzHNGiEtZCOn8HOA==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
controller-d20806fffd063fca1dcc480a8672e5bd.html
js.stripe.com/v3/ Frame 4936 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-d20806fffd063fca1dcc480a8672e5bd.html
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://hybird-booking.theboxhaven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 20 Apr 2024 10:50:37 GMT
etag
"d20806fffd063fca1dcc480a8672e5bd"
last-modified
Tue, 12 Dec 2023 19:57:29 GMT
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
35jVjwpYgjiefP-KtuKJuty72vnzkSn46xjvgCfzHNGiEtZCOn8HOA==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
truncated
/ 		267 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e17040b405237c81e687f435442dd56ac9fdafe8e3c8857a63976e6fe6192d7

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		184 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea61c34d6077a9d776ad291e06a9983414c2af2f7a35567f9a6d36c0bccc1769

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://hybird-booking.theboxhaven.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 10:56:42 GMT
x-content-type-options
nosniff
age
604434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 10:56:42 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://hybird-booking.theboxhaven.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 01:05:01 GMT
x-content-type-options
nosniff
age
467135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 01:05:01 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://hybird-booking.theboxhaven.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 07:42:03 GMT
x-content-type-options
nosniff
age
11313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 07:42:03 GMT
64c3bcd31e6644ee2f2e9977-logo.jpg
xeniapp-image-bucket-prod.s3.amazonaws.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xeniapp-image-bucket-prod.s3.amazonaws.com/64c3bcd31e6644ee2f2e9977-logo.jpg?1690550887045
Requested by
Host: hybird-booking.theboxhaven.com
URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.230.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3b40c1e675be1dce227a51a78cd33169164cc01122646544662beb048223791b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 10:50:37 GMT
Last-Modified
Fri, 28 Jul 2023 13:28:08 GMT
Server
AmazonS3
x-amz-request-id
Q6GDDBKZB387QM1J
ETag
"a0632f062120a8c812e83851d336a3f2"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3328
x-amz-id-2
1XCaCvnh9rL8vJryDxxemlJ4WGTPhoid7jSNuwE7XxTHfctr7vlZutwdCqwUD03nhPt4hxni6WQ=
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame E024 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://hybird-booking.theboxhaven.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
274
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 20 Apr 2024 10:46:56 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 11 Apr 2024 18:53:56 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-id
BmYL-qzPLDjPjlHFIj2ahGeuq68mzCNUBjK1MY7-RIx9QSECgTrztA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
modules.9c3b50ddbc74247d2ae3.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9c3b50ddbc74247d2ae3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3345652.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 17:11:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
322770
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55691
last-modified
Tue, 16 Apr 2024 17:10:18 GMT
etag
"cb9e8e6a84fdeebfc271614ce016b88e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
rnEgHe6__tA0HgUPdPsg9HXPCMEneOXMtD5KX-Dy604RlxSOpRDrew==
clarity.js
www.clarity.ms/s/0.7.31/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.31/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/bj9y8wquzq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 10:50:36 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 10:16:12 GMT
etag
W/"0x8DC5F909305D519"
vary
Accept-Encoding
x-azure-ref
20240420T105036Z-1679546b657c97mk14cmv9w73c00000000k000000000r7ug
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0cfd1b7c-701e-0001-767d-927107000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
f.clarity.ms/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.31/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://hybird-booking.theboxhaven.com
Date
Sat, 20 Apr 2024 10:50:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=40BA4A44ABF3496D8D7574F71898BB19&RedC=c.clarity.ms&MXFR=32645AC764FA6A3031254EA060FA64B0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=40BA4A44ABF3496D8D7574F71898BB19&MUID=21D18B0A41546252067C9F6D402363CA
42 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=40BA4A44ABF3496D8D7574F71898BB19&MUID=21D18B0A41546252067C9F6D402363CA
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://hybird-booking.theboxhaven.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 10:50:38 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 20 Apr 2024 10:50:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 07F2C94747F14CA4866E52D6491CFC68 Ref B: MIL30EDGE1521 Ref C: 2024-04-20T10:50:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=40BA4A44ABF3496D8D7574F71898BB19&MUID=21D18B0A41546252067C9F6D402363CA
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
64c3bcd31e6644ee2f2e9977-favicon-icon.jpg
xeniapp-image-bucket-prod.s3.amazonaws.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xeniapp-image-bucket-prod.s3.amazonaws.com/64c3bcd31e6644ee2f2e9977-favicon-icon.jpg?1690551060098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.230.193 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
14971244038acbc83daf168b08e7cda2b8b5d4f665ae438dced0708df2210524

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 10:50:39 GMT
Last-Modified
Fri, 28 Jul 2023 13:31:01 GMT
Server
AmazonS3
x-amz-request-id
J32FG51RAP01VB8Q
ETag
"06cb35962e60f1f72f43d2e9ccd71e68"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1138
x-amz-id-2
3djxlG9JViIzk0ED+rEfiTL1QcXz6Z7T97GzuZvldCYrc/7KkNaNDgUD13sNSPHW+42SWW2GCWo=
collect
f.clarity.ms/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.31/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://hybird-booking.theboxhaven.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://hybird-booking.theboxhaven.com
Date
Sat, 20 Apr 2024 10:50:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cpaysdkservice.azurewebsites.net
URL
https://cpaysdkservice.azurewebsites.net/sdks/sdk.v1/css/connexpay.min.css

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| clarity function| hj object| _hjSettings undefined| gtag object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| webpackChunkStripeJSouter function| noop function| Stripe object| fwSettings function| FreshworksWidget object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled

15 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: aa0f9a9aec7741f3ae60a1429d8b7e4a.20240420.20250420
.theboxhaven.com/ Name: _clck
Value: 10xf3mt%7C2%7Cfl3%7C0%7C1571
.theboxhaven.com/ Name: _hjSessionUser_3345652
Value: eyJpZCI6ImI0YmRjNTYxLWIxZjItNWQ0ZC04OTg2LWY2ZmU3YTVmNTA1NSIsImNyZWF0ZWQiOjE3MTM2MTAyMzY1MTMsImV4aXN0aW5nIjpmYWxzZX0=
.theboxhaven.com/ Name: _hjSession_3345652
Value: eyJpZCI6ImQ2ZjIzNThhLTU4NzYtNDkyMS1hYTIxLTI4YmMzNTFlNGIwMSIsImMiOjE3MTM2MTAyMzY1MTQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.theboxhaven.com/ Name: _clsk
Value: 1sjbqbe%7C1713610237069%7C1%7C1%7Cf.clarity.ms%2Fcollect
.hybird-booking.theboxhaven.com/ Name: __stripe_mid
Value: 26e1ea3f-9a89-42e9-b8d1-8d97b808ba7d1d8d5f
.hybird-booking.theboxhaven.com/ Name: __stripe_sid
Value: 4c304df5-49be-4ecc-9b16-2ec04c149c0a44bf6b
m.stripe.com/ Name: m
Value: a85c1135-bc6f-4601-9de3-27d48687961f249e71
.bing.com/ Name: MUID
Value: 21D18B0A41546252067C9F6D402363CA
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 21D18B0A41546252067C9F6D402363CA
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 21D18B0A41546252067C9F6D402363CA
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

21 Console Messages

Source Level URL
Text
network error URL: https://cpaysdkservice.azurewebsites.net/sdks/sdk.v1/css/connexpay.min.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://hybird-booking.theboxhaven.com/assets/874.min.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://hybird-booking.theboxhaven.com/assets/9550.min.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://hybird-booking.theboxhaven.com/assets/vendor.a0794f016084d6a692aa.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://hybird-booking.theboxhaven.com/assets/app.a0794f016084d6a692aa.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hybird-booking.theboxhaven.com/settings/menu-setting.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cpaysdkservice.azurewebsites.net
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
hybird-booking.theboxhaven.com
hybrid.booking.xeni.com
js.stripe.com
maps.googleapis.com
script.hotjar.com
static.hotjar.com
www.clarity.ms
xeniapp-image-bucket-prod.s3.amazonaws.com
cpaysdkservice.azurewebsites.net
13.32.121.120
13.32.27.54
151.101.192.176
172.217.16.202
18.66.102.11
20.84.22.197
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:80b::200a
2a00:1450:4001:811::200a
2a00:1450:4001:831::2003
2a01:4f8:271:16a1::2
54.231.230.193
65.9.66.122
68.219.88.97
058ceb0c9a91ab9e4f14dec5171e9d13a02ee34be4a434ac0e4837a598e49e03
14971244038acbc83daf168b08e7cda2b8b5d4f665ae438dced0708df2210524
2e17040b405237c81e687f435442dd56ac9fdafe8e3c8857a63976e6fe6192d7
3a7eacc1828b1e62078802d9c0500b463c495137e09077f5ecec0ab475983826
3b40c1e675be1dce227a51a78cd33169164cc01122646544662beb048223791b
431a6addf4717f52510a2c1d298838c084f08c675de3f292bf3ad9a501257c16
44034eab2cfba5ef7f503d0fc4d9e72a671463f43081cfc3d0315a2697ccf873
5b12fe31e32026484ae237d2950d02d85cbaf2f1a95bd7165e75a1721760b336
7ba67ac8e98f54e89cc2e73137ca07c28f47f786e4883bc137ca94cefd3e1f45
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
84abbb88240359c728c738ec4acb83fc354afd75d7470279f1fe01f9841e5f4b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0b5e6ff7d5850a9ca96b8f86298b8b75e194e6904b289517208f1701d1ab2af
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b20779b904085ee7ffd912f27ef6534157113913fc5bf8fad5d86d19a8f64f
e759dc710ec6d9f9438d5a77f834b247254512fb90cf520764ab591db32cf5cb
ea61c34d6077a9d776ad291e06a9983414c2af2f7a35567f9a6d36c0bccc1769
ec4e824c74662bb9eac2c1a853bbfece67fae972e3df955aa91bf18d82ade7e5
f025ad0f6ef92a516984108fd277343171500ce446bfa05dbf2dbae570a62daf
fa85109ea313cf12bec05ab6684ba39cb9245635e9f02d6eb434fb2b7a76579c