urlscan.io logo urlscan.io
SecurityTrails logo

booking.enchantedfairies.com Open in urlscan Pro
2600:9000:237d:6000:1:433c:6c00:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://booking.enchantedfairies.com/
Submission: On February 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2600:9000:237d:6000:1:433c:6c00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is booking.enchantedfairies.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 21st 2023. Valid for: a year.
This is the only time booking.enchantedfairies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2600:9000:237... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
15 6
8    2600:9000:237d:6000:1:433c:6c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
booking.enchantedfairies.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:1344 (United States)

ASN13335 (CLOUDFLARENET, US)
geoip-js.com
2    2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
9346015.fs1.hubspotusercontent-na1.net
1    2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 enchantedfairies.com
booking.enchantedfairies.com
46 KB
2 hubspotusercontent-na1.net
9346015.fs1.hubspotusercontent-na1.net
6 KB
2 geoip-js.com
geoip-js.com — Cisco Umbrella Rank: 13092
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 gstatic.com
fonts.gstatic.com
13 KB
15 5
Domain Requested by
8 booking.enchantedfairies.com booking.enchantedfairies.com
2 9346015.fs1.hubspotusercontent-na1.net booking.enchantedfairies.com
2 geoip-js.com booking.enchantedfairies.com
geoip-js.com
2 fonts.googleapis.com booking.enchantedfairies.com
1 fonts.gstatic.com fonts.googleapis.com
15 5

This site contains no links.

Subject Issuer Validity Valid
booking.enchantedfairies.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-03-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
hubspotusercontent-na1.net
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.enchantedfairies.com/
Frame ID: EDB7AB318FF2782C68E6B8F43EDFD91C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Schedule Appointment with Enchanted Fairies

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

69 kB
Transfer

183 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
booking.enchantedfairies.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af84600b7d87f50c7fa8c9d41daf7035d6bfe6173d29048acdd562ccc7d1d363

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34213
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Tue, 21 Feb 2023 23:57:05 GMT
etag
W/"4923ed3d63acfa161ed35655222f792e"
last-modified
Sun, 19 Feb 2023 20:12:36 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
x-amz-cf-id
kFkEssCWCnnbeE2qRz9Jf0b3pQ9XR_VStXSYYixjrQw1IWfxYhTpBw==
x-amz-cf-pop
MUC50-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
css
fonts.googleapis.com/ 		2 KB
949 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:regular,400&display=swap
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 09:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 09:27:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 09:27:17 GMT
shop-locator.css
booking.enchantedfairies.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/shop-locator.css
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a77392791b1cc7e31d47701b4273e469260b449a06faa223dcc3ff654df64e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 23:57:05 GMT
content-encoding
br
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified
Sun, 19 Feb 2023 20:12:37 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
34213
etag
W/"fe4c38d4c68541e70bbcde340911d220"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Bd5iXtpATNVhrDf9hd5KU-REkKUVgtxNUx0nGCmwTicx_uGBLUMPUg==
geoip2.js
geoip-js.com/js/apis/geoip2/v2.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1344 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 09:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 21 Feb 2023 19:28:32 GMT
server
cloudflare
age
1542
etag
W/"63f51b60-da4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=43200
cf-ray
79d6af5dafde9034-FRA
expires
Wed, 22 Feb 2023 21:27:17 GMT
scheduler-shop-locations.js
booking.enchantedfairies.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/scheduler-shop-locations.js
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0251f3f446069a1caf13da20ff4104e5e83bcaaba00849f3344738b43d28868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 23:57:05 GMT
content-encoding
br
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified
Sun, 19 Feb 2023 20:12:37 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
34212
etag
W/"6592b8fe6da3372ec1eb6fbece600162"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JSMc5fHDG3zLL8ImqrEAnyAMVZvoZ8Vp1epJ-rWcaY0aOs48WxB8Pw==
shop-locator.js
booking.enchantedfairies.com/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/shop-locator.js
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a2ea48172b2d1b60608e2f898f284b32b1cf421fbc5cb857bdcd0bec65ea063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 23:57:05 GMT
content-encoding
br
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified
Sun, 19 Feb 2023 20:12:38 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
34213
etag
W/"be5ff4dd3600b9011aab9e1f214a8489"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
zBU2wAmMBcer1WRf1EQFIhLy54iIHdGn2dGl-Z8XmE5J2GlcsTLy-w==
index-edbd0eef.js
booking.enchantedfairies.com/ 		109 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/index-edbd0eef.js
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d045c166032b86c807e865be6b063d8b54a8b4a9156594f82a5837ad8bc73185

Request headers

Referer
https://booking.enchantedfairies.com/
Origin
https://booking.enchantedfairies.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 23:57:05 GMT
content-encoding
br
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified
Sun, 19 Feb 2023 20:12:35 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
34213
etag
W/"62deca3d761793a1ec5cc42029a725a8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jvCgmfgALL2Q9zNPXBRyKWUNy6-FnJIUE0xHOvLDk9MnL3nUwbZOrg==
index-49208506.css
booking.enchantedfairies.com/ 		15 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/index-49208506.css
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
492085064ff581a113fbb65ceb762618708056ce5b34393be312ad005c34a6ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 23:57:05 GMT
content-encoding
br
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified
Sun, 19 Feb 2023 20:12:34 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
34213
etag
W/"2cc1d52982c3332116fa4eb198ec00ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
f1sQJfCrcr5pmVqdgzjR_8VmYjOCKp-WM6gnb-1p6_3NwyWWagL4fw==
me
geoip-js.com/geoip/v2.1/city/ 		982 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-js.com/geoip/v2.1/city/me?referrer=https%3A%2F%2Fbooking.enchantedfairies.com
Requested by
Host: geoip-js.com
URL: https://geoip-js.com/js/apis/geoip2/v2.1/geoip2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1344 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59964982fcc03fe1d10ebba7d6a14dca40875052b24bed566cf5d2e962f25fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 09:27:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/vnd.maxmind.com-city+json; charset=UTF-8; version=2.1
access-control-allow-origin
*
cf-ray
79d6af5e6f792bb6-FRA
content-length
982
css2
fonts.googleapis.com/ 		3 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Josefin+Sans:wght@400;600;700&display=swap
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/index-49208506.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d60195ff84992b9a2cf0b27db590a38a97316fdeb3a527e1e655109c52762592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 09:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 08:53:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 09:27:17 GMT
LEFT_STARS_50x70.png
9346015.fs1.hubspotusercontent-na1.net/hubfs/9346015/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9346015.fs1.hubspotusercontent-na1.net/hubfs/9346015/LEFT_STARS_50x70.png
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/shop-locator.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000b34c35c2425f6d079068fa0ef28c0811428e248dc810e32e18552b94ae85a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-80794974247,P-9346015,FLS-ALL
age
27092
x-amz-request-id
2C2E9BMFDWBB285S
x-amz-server-side-encryption
AES256
edge-cache-tag
F-80794974247,P-9346015,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="LEFT_STARS_50x70.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
cf-bgj
imgq:85,h2pri
etag
"50ce58b37a32a166271dbc04a4ed64b9"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1659394080132
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 22 Feb 2023 09:27:17 GMT
via
1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
DOUo0ILs8WgHpA5LnU.7dNBRN9y70FwX
x-amz-cf-pop
DUS51-P2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=3014
x-cache
RefreshHit from cloudfront
cache-tag
F-80794974247,P-9346015,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
content-length
1624
x-amz-id-2
VKrdpzW3rJcyBdhivqyRalXmrMuhY9A8A0+rGC7PabqHgbRr9ixHRaJG2RGecSpx8Lcz3JFnodi8Ti11r/FZqg==
last-modified
Mon, 01 Aug 2022 22:48:01 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
79d6af5ee94e698b-FRA
x-amz-cf-id
g5M4giXwpTUZcaW9xiHDNYWk8lX74uij4qqWCChKZx0s4scXCo6ShA==
truncated
/ 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
528f9b1ce740f870fa5ec0d111789dddf29cd55b83b9f5eb06f20ebd11112b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		130 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16b197acafd5def671fbca9a314ae4eedfc92013e2898645ae6389bf5ccdfa14

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
RIGHT-STARS_50x70.png
9346015.fs1.hubspotusercontent-na1.net/hubfs/9346015/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://9346015.fs1.hubspotusercontent-na1.net/hubfs/9346015/RIGHT-STARS_50x70.png
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/shop-locator.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01a9a0d5a0f77c5ad47cab289c88b64f65b0a82f02fb809f541e771a8e8856b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://booking.enchantedfairies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-80798485576,P-9346015,FLS-ALL
x-amz-request-id
JXW2J7X87G9NV9W1
x-amz-server-side-encryption
AES256
edge-cache-tag
F-80798485576,P-9346015,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
"f515741573932c7f81b0da2034438e76"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1659399171828
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 22 Feb 2023 09:27:18 GMT
via
1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-version-id
dyipn26LWzY3ij5yzJNkqxiYL2TI8.1m
x-amz-cf-pop
FRA6-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-80798485576,P-9346015,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
content-length
2755
x-amz-id-2
T/2p2Sg1YFNRPqTaArsK1LUb84NMWngQ6xJ5glSw0Lz+2DkddL2EU7VEddHDxrCJgTAL1uflHHIO3nVAF4grdCo31pgrWjjP0bjOsVA410k=
last-modified
Tue, 02 Aug 2022 00:12:52 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
79d6af5ee951698b-FRA
x-amz-cf-id
SN9R-ox7pWqkQPx2Fti9oT3NggQPYrEa2uFMTE9sSilqel7LzhLKpQ==
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:regular,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://booking.enchantedfairies.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:02:03 GMT
x-content-type-options
nosniff
age
519914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 09:02:03 GMT
contact-info
booking.enchantedfairies.com/ 		243 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/contact-info?contactId=104812152
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/index-edbd0eef.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c522a7cd18850a80ad25507c5f415714c52b083629ef3864cb67159b8e5bc07e

Request headers

Accept
application/json
Referer
https://booking.enchantedfairies.com/?contactId=104812152&type=enchanted+fairies&location=aurora-il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 09:27:17 GMT
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
MUC50-P2
x-cache
Error from cloudfront
content-type
application/xml
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
48xXX74IhDNb-6y6sY6VQkiWIxjxcvwAlpEBc4zUOLNufu53wxlKmw==
appointments
booking.enchantedfairies.com/scheduler/ 		243 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://booking.enchantedfairies.com/scheduler/appointments?category=ENCHANTED+FAIRIES+%28AURORA%2C+IL%29
Requested by
Host: booking.enchantedfairies.com
URL: https://booking.enchantedfairies.com/index-edbd0eef.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:237d:6000:1:433c:6c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e79e5765213fe754d48d94f2be7d5eb5206d2cb97e4d50c7e07fc2a5666f201

Request headers

Accept
application/json
Referer
https://booking.enchantedfairies.com/?contactId=104812152&type=enchanted+fairies&location=aurora-il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 09:27:17 GMT
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
MUC50-P2
x-cache
Error from cloudfront
content-type
application/xml
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Z5aMQC-LMRzjoCT-iyBzhqB3y6gVMMZ28ZrtVAZfi6dsV5uYzVOr_g==

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| geoip2 object| SHOP_LOCATIONS function| getCurrentShopLocationObj function| subscribeShopLocationChange function| unsubscribeShopLocationChange

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://booking.enchantedfairies.com/contact-info?contactId=104812152
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://booking.enchantedfairies.com/scheduler/appointments?category=ENCHANTED+FAIRIES+%28AURORA%2C+IL%29
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9346015.fs1.hubspotusercontent-na1.net
booking.enchantedfairies.com
fonts.googleapis.com
fonts.gstatic.com
geoip-js.com
2600:9000:237d:6000:1:433c:6c00:93a1
2606:4700:4400::ac40:9ad8
2606:4700::6812:1344
2a00:1450:4001:808::200a
2a00:1450:400d:80d::2003
000b34c35c2425f6d079068fa0ef28c0811428e248dc810e32e18552b94ae85a
01a9a0d5a0f77c5ad47cab289c88b64f65b0a82f02fb809f541e771a8e8856b2
16b197acafd5def671fbca9a314ae4eedfc92013e2898645ae6389bf5ccdfa14
3a77392791b1cc7e31d47701b4273e469260b449a06faa223dcc3ff654df64e6
492085064ff581a113fbb65ceb762618708056ce5b34393be312ad005c34a6ea
4e79e5765213fe754d48d94f2be7d5eb5206d2cb97e4d50c7e07fc2a5666f201
528f9b1ce740f870fa5ec0d111789dddf29cd55b83b9f5eb06f20ebd11112b2f
59964982fcc03fe1d10ebba7d6a14dca40875052b24bed566cf5d2e962f25fc7
5a2ea48172b2d1b60608e2f898f284b32b1cf421fbc5cb857bdcd0bec65ea063
73c3d8c3e9a8def4e24d51f455de5362ad7553e2f3e36d25ba54fb960d588817
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
af84600b7d87f50c7fa8c9d41daf7035d6bfe6173d29048acdd562ccc7d1d363
c522a7cd18850a80ad25507c5f415714c52b083629ef3864cb67159b8e5bc07e
d045c166032b86c807e865be6b063d8b54a8b4a9156594f82a5837ad8bc73185
d60195ff84992b9a2cf0b27db590a38a97316fdeb3a527e1e655109c52762592
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
f0251f3f446069a1caf13da20ff4104e5e83bcaaba00849f3344738b43d28868