bookings.hertslynx.co.uk Open in urlscan Pro
2600:9000:223c:7c00:13:1cd6:aec0:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bookings.hertslynx.co.uk/	2 KB 1 KB	301ms 258ms	Document text/html	2600:9000:223c:7c00:13:1cd6:aec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.hertslynx.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:7c00:13:1cd6:aec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 712be3d49baba97f46a8333f64807ca7d108cc221ba801e4e71ac5223f2fe247 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Fri, 24 Feb 2023 08:59:32 GMT etag W/"97c062f51a0a45129ae9061acb8cf184" last-modified Tue, 21 Dec 2021 15:01:40 GMT server AmazonS3 vary Accept-Encoding via 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront) x-amz-cf-id Hx-BdmIjxTy-z-g5Dis02f_BW6yOYCEExLdYpHEwSdM_oO80dn2Lkw== x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-amz-version-id sI2c5mowW50nP1l1U0nmXUby7VMAHp58 x-cache Error from cloudfront
GET H/1.1	200 OK	material-icons.css s3-eu-west-1.amazonaws.com/prod-bookingzone/master/vendors/material-design-icons/iconfont/	953 B 910 B	131ms 50ms	Stylesheet text/css	52.218.65.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/vendors/material-design-icons/iconfont/material-icons.css Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.65.20 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash e3dcde5c977dd5f39f418d71ea77c98924cf85dbcaef2f60d89a83e9d81c3d93 Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 24 Feb 2023 08:59:33 GMT Content-Encoding gzip x-amz-version-id nOmdJ_Aljht5ZhY0D6q5p6w7HNT_ArDR Last-Modified Thu, 09 Feb 2023 16:47:23 GMT Server AmazonS3 x-amz-request-id 6H20FK5Q9RTQBTF9 ETag "8f3ab5ea60d983abb163af894c41d282" x-amz-server-side-encryption AES256 Content-Type text/css Accept-Ranges bytes Content-Length 441 x-amz-id-2 fZeFjq5mhR1cl5s95F0Q82hguLGWqp2kRCQB14+pkOg03sDuP2UvXzrGGx3OlCxt1WTGyBEXW34=
GET H2	200	leaflet.css cdnjs.cloudflare.com/ajax/libs/leaflet/1.3.1/	14 KB 3 KB	38ms 18ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/leaflet/1.3.1/leaflet.css Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8985209ab6a97c31af06b78f24facc59064370e6dd01c4ad281a633f7033fb7b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 08:59:31 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3075243 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2729 last-modified Mon, 04 May 2020 16:12:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed0-3776" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbzj1lSs0Lhr7DvxY3Bhza9ZYZ6jxpUS9hEC%2F%2BOfF4DFGgVfRcEHIj2xF2pxiMwwTfTR9nnENR%2BngzRFRfnKp1J%2F8hoBenSfBRml7FLkiGvDYmGrmvUaiRIVSACTP5ThMs6SnvTRUdDvnWjVxn%2FaUYD7"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 79e70174dbd7915c-FRA expires Wed, 14 Feb 2024 08:59:31 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/	171 KB 56 KB	165ms 77ms	Script text/javascript	2a00:1450:400d:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?key=AIzaSyDW8OqfdkU7WZXo1KZcuA7E0rUnMyT1mCw&libraries=places Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 0c27e3c41b0eff5f66b76de025a3f736a90ed78404fc35767f560a2f325c9d24 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 08:59:32 GMT content-encoding gzip server mafe vary Accept-Language x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control public, max-age=1800 cross-origin-resource-policy cross-origin server-timing gfet4t7; dur=45 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57398 x-xss-protection 0 expires Fri, 24 Feb 2023 09:29:32 GMT
GET H/1.1	200 OK	app.min.js Show response s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/	2 MB 647 KB	132ms 52ms	Script text/javascript	52.218.65.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.65.20 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash 00d40841cc7bc9a2623a3e130952a6c2631f94e7210b392a0b61e824dc0e508c Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 24 Feb 2023 08:59:33 GMT Content-Encoding gzip x-amz-version-id XThbCntc9IIgzJTEC8vfKFXpleHLfNrn Last-Modified Thu, 09 Feb 2023 16:47:23 GMT Server AmazonS3 x-amz-request-id 6H29Q2G74T9RG338 ETag "41df716c11228313d18a55342d0aa055" x-amz-server-side-encryption AES256 Content-Type text/javascript Accept-Ranges bytes Content-Length 661783 x-amz-id-2 944u085novAkdnkoABKAGbhMs1pnwscoFOzqSZshYjRJ1KewMVpJ9CphtglIq2nhHC9InMcviPA=
GET H2	200	/ Show response js.stripe.com/v3/	437 KB 118 KB	39ms 8ms	Script text/javascript	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 36649694206e2f41b4b3eaf731e21b544825f3cb7b69069b9b001ef9ce62140e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Fri, 24 Feb 2023 08:59:31 GMT via 1.1 varnish age 37 x-cache HIT content-length 119977 x-request-id 7aca548c-ada3-4b61-81e6-0d00e12b3d1e x-served-by cache-hhn-etou8220025-HHN last-modified Thu, 23 Feb 2023 21:19:33 GMT server Fastly etag "75b0765cb21c3edb63b7bc89d3e972e4" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 13
GET H3	200	gen_204 Show response maps.googleapis.com/maps/api/mapsjs/	3 B 45 B	127ms 61ms	XHR application/json	2a00:1450:400d:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDW8OqfdkU7WZXo1KZcuA7E0rUnMyT1mCw&libraries=places Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 08:59:32 GMT content-encoding gzip x-content-type-options nosniff server scaffolding on HTTPServer2 vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://bookings.hertslynx.co.uk access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23 x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/	5 KB 993 B	75ms 27ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0168735fcd21636bde8fbdfb1545519372f351e41659c146c78fafb9bba598ed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 24 Feb 2023 08:59:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 24 Feb 2023 06:59:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 Feb 2023 08:59:32 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 708 B	83ms 35ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 24 Feb 2023 08:59:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 24 Feb 2023 08:47:08 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 Feb 2023 08:59:32 GMT
POST H2	501	/ Show response glitchtip.tech.padam.io/api/130/envelope/	60 B 626 B	380ms 75ms	Fetch application/json	34.249.89.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.89.32 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-89-32.eu-west-1.compute.amazonaws.com Software / Resource Hash 3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce Security Headers Name Value Content-Security-Policy connect-src 'self' https://*.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self'; script-src 'self' https://*.glitchtip.com; default-src 'self'; frame-src 'self' Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://bookings.hertslynx.co.uk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 24 Feb 2023 08:59:32 GMT content-security-policy connect-src 'self' https://*.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self'; script-src 'self' https://*.glitchtip.com; default-src 'self'; frame-src 'self' x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 60
GET H2	200	m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response js.stripe.com/v3/ Frame 62EB	200 B 810 B	8ms 7ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bookings.hertslynx.co.uk/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 6764069 cache-control max-age=31536000 content-encoding br content-length 122 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 24 Feb 2023 08:59:32 GMT etag "93afeeb17bc37e711759584dbfc50d47" last-modified Wed, 07 Dec 2022 23:30:12 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 510857 x-content-type-options nosniff x-request-id 0485f6b2-305c-414a-8808-24f9fbb2eaac x-served-by cache-hhn-etou8220025-HHN
GET H2	200	get-parameters Show response start.hertslynx.padam.io/api/v1.7/	9 KB 3 KB	64ms 63ms	Fetch application/json	52.31.67.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://start.hertslynx.padam.io/api/v1.7/get-parameters?app_version=bookingzone:1.0.0&user_group=customer&language=en Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.31.67.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-67-199.eu-west-1.compute.amazonaws.com Software / Resource Hash b601aa1f676d681db892a4cf38d75530bf2cfe0b7cc60265708f9267578bac81 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept application/json Referer https://bookings.hertslynx.co.uk/ accept-language de-DE,de;q=0.9 authorization undefined User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 08:59:33 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff referrer-policy same-origin content-encoding gzip x-frame-options DENY allow GET, HEAD, OPTIONS content-language en access-control-allow-origin https://bookings.hertslynx.co.uk access-control-expose-headers Content-Disposition vary Accept-Language, Cookie, Origin content-type application/json x-xss-protection 1; mode=block
OPTIONS H2	200	get-parameters start.hertslynx.padam.io/api/v1.7/ Frame	0 0	607ms 33ms	Preflight text/html	52.31.67.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://start.hertslynx.padam.io/api/v1.7/get-parameters?app_version=bookingzone:1.0.0&user_group=customer&language=en Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.31.67.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-67-199.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers authorization Access-Control-Request-Method GET Origin https://bookings.hertslynx.co.uk Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-headers accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin https://bookings.hertslynx.co.uk access-control-expose-headers Content-Disposition access-control-max-age 86400 content-length 0 content-type text/html; charset=utf-8 date Fri, 24 Feb 2023 08:59:33 GMT referrer-policy same-origin strict-transport-security max-age=15724800; includeSubDomains vary Origin x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	csp-report q.stripe.com/ Frame 62EB	0 601 B	579ms 188ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 24 Feb 2023 08:59:32 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-upstream-service-time 0 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 62EB	0 600 B	579ms 188ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/csp-report Response headers date Fri, 24 Feb 2023 08:59:32 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 62EB	631 B 468 B	9ms 8ms	Script text/javascript	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Fri, 24 Feb 2023 08:59:32 GMT via 1.1 varnish age 6764068 x-cache HIT content-length 332 x-request-id 2b2fdaf8-bb26-46a9-be88-419369b1dac0 x-served-by cache-hhn-etou8220025-HHN last-modified Wed, 07 Dec 2022 23:30:11 GMT server Fastly etag "f8f6a4584135f737b26927596ce6e0a7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-cache-hits 457413
GET H2	200	inner.html Show response m.stripe.network/ Frame 21FA	930 B 2 KB	209ms 9ms	Document text/html	13.224.189.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-43.fra2.r.cloudfront.net Software Cloudfront / Resource Hash a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 269 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Fri, 24 Feb 2023 08:55:06 GMT etag "fc2e029628f163bb59adc6fa5a31161c" last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding via 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront) x-amz-cf-id Ns4_aGfMpVW9v2rO2P0bnplDctzJf9tQJyzs6qSAdODKL84KKnvQlQ== x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	csp-report q.stripe.com/ Frame 21FA	0 374 B	340ms 189ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: bookings.hertslynx.co.uk URL: https://bookings.hertslynx.co.uk/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/csp-report Response headers x-stripe-bg-intended-route-color green pragma no-cache date Fri, 24 Feb 2023 08:59:32 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff server nginx cross-origin-opener-policy same-origin cache-control max-age=0, no-cache, no-store, must-revalidate x-envoy-upstream-service-time 1 x-robots-tag none content-length 0 expires 0
GET H2	200	out-4.5.42.js Show response m.stripe.network/ Frame 21FA	86 KB 14 KB	10ms 10ms	Script text/javascript	13.224.189.43 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.42.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-43.fra2.r.cloudfront.net Software Cloudfront / Resource Hash f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Fri, 24 Feb 2023 08:55:36 GMT last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront via 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 etag W/"21df7244385e5c0bdf32da01d0dad6c0" age 244 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 cache-control max-age=300, public x-amz-cf-id NsGHpw41pgUDmhbEN1H9vP-t6yg8EU7ujq7Ol1YQ_JAWvrAzmu-05g==
POST H2	200	6 Show response m.stripe.com/ Frame 21FA	156 B 553 B	565ms 185ms	XHR application/json	44.237.94.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.42.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.237.94.111 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-237-94-111.us-west-2.compute.amazonaws.com Software nginx / Resource Hash fb99dd844bdf78831777f55af55b3387a587c67f1934c1f3cf6680d905439f0f Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color green date Fri, 24 Feb 2023 08:59:33 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff server nginx content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	501	/ Show response glitchtip.tech.padam.io/api/130/envelope/	60 B 625 B	117ms 116ms	Fetch application/json	34.249.89.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.89.32 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-89-32.eu-west-1.compute.amazonaws.com Software / Resource Hash 3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://*.glitchtip.com; frame-src 'self'; connect-src 'self' https://*.glitchtip.com; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://bookings.hertslynx.co.uk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 24 Feb 2023 08:59:33 GMT content-security-policy default-src 'self'; img-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://*.glitchtip.com; frame-src 'self'; connect-src 'self' https://*.glitchtip.com; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 60
POST H2	501	/ Show response glitchtip.tech.padam.io/api/130/envelope/	60 B 625 B	116ms 115ms	Fetch application/json	34.249.89.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.89.32 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-89-32.eu-west-1.compute.amazonaws.com Software / Resource Hash 3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce Security Headers Name Value Content-Security-Policy connect-src 'self' https://*.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self'; script-src 'self' https://*.glitchtip.com; default-src 'self'; frame-src 'self' Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://bookings.hertslynx.co.uk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 24 Feb 2023 08:59:33 GMT content-security-policy connect-src 'self' https://*.glitchtip.com; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com data:; img-src 'self'; script-src 'self' https://*.glitchtip.com; default-src 'self'; frame-src 'self' x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 60
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	67ms 18ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bookings.hertslynx.co.uk accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 05:21:08 GMT x-content-type-options nosniff age 99505 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 05:21:08 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	71ms 22ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bookings.hertslynx.co.uk accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 20 Feb 2023 01:29:06 GMT x-content-type-options nosniff age 372627 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 20 Feb 2024 01:29:06 GMT
GET H/1.1	200 OK	hcc_color.png s3-eu-west-1.amazonaws.com/padam-public-assets/hcc/logos/	11 KB 11 KB	43ms 43ms	Image image/png	52.218.65.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-eu-west-1.amazonaws.com/padam-public-assets/hcc/logos/hcc_color.png Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.65.20 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash a8dbc6f6ec27d018dcbb9a97be5a1c0e7011c776bb1ba86914fc17d81fb75ec8 Request headers accept-language de-DE,de;q=0.9 Referer https://bookings.hertslynx.co.uk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 24 Feb 2023 08:59:34 GMT x-amz-version-id null Last-Modified Mon, 16 Aug 2021 10:05:56 GMT Server AmazonS3 x-amz-request-id PEFDWGB045NNW5GA ETag "0a54604b8d088a9ab12efd2bb3bc15f5" Content-Type image/png Accept-Ranges bytes Content-Length 11063 x-amz-id-2 fmFGICew/0tHFrzYhfATl2pHo+Vk6SjYotrfFl1hdW4rVvc2okNF7iohVxI6cEPwOMso4Caxct0=
POST H2	200	/ Show response glitchtip.tech.padam.io/api/130/envelope/	41 B 602 B	178ms 178ms	Fetch application/json	34.249.89.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Requested by Host: s3-eu-west-1.amazonaws.com URL: https://s3-eu-west-1.amazonaws.com/prod-bookingzone/master/assets/app.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.249.89.32 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-89-32.eu-west-1.compute.amazonaws.com Software / Resource Hash 589d9499a78572479501bae22ef44c635d7b494c2fe0aecaac7b75d14ebee2ab Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://*.glitchtip.com; frame-src 'self'; connect-src 'self' https://*.glitchtip.com; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://bookings.hertslynx.co.uk/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 24 Feb 2023 08:59:33 GMT content-security-policy default-src 'self'; img-src 'self'; style-src-elem 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' https://*.glitchtip.com; frame-src 'self'; connect-src 'self' https://*.glitchtip.com; font-src 'self' https://fonts.gstatic.com data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'self' blob: x-content-type-options nosniff referrer-policy same-origin cross-origin-opener-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-frame-options DENY allow POST content-language de vary Accept-Language, Origin access-control-allow-origin * content-type application/json content-length 41

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless string| BASE_URL string| BRAND string| HOST_URL boolean| DEBUG string| ASSETS_URL string| LOGIN_TYPE string| DEFAULT_TERRITORY boolean| DISABLED_LOGIN string| GOOGLE_MAPS_API_KEY boolean| SIGNUP_AFTER_SEARCH object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView object| SENTRY_RELEASE object| SENTRY_RELEASES object| __SENTRY__ boolean| PHRASEAPP_ENABLED object| PHRASEAPP_CONFIG function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-20 19:29:49	Name: m Value: af06094d-ec29-451c-8717-4ab490c9b616834d32
			.bookings.hertslynx.co.uk/	1970-01-20 18:39:25	Name: __stripe_mid Value: 68d84fd2-312b-415f-96b4-edc070ace11b748335
			.bookings.hertslynx.co.uk/	1970-01-20 09:53:50	Name: __stripe_sid Value: 5b399e0e-5ca0-4b6c-a288-bb18fe12a09fcc0f50

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Message: Failed to load resource: the server responded with a status of 501 ()
network	error	URL: https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Message: Failed to load resource: the server responded with a status of 501 ()
network	error	URL: https://glitchtip.tech.padam.io/api/130/envelope/?sentry_key=91246f43c9a647d0a526ec01771569dd&sentry_version=7 Message: Failed to load resource: the server responded with a status of 501 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bookings.hertslynx.co.uk
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
glitchtip.tech.padam.io
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
q.stripe.com
s3-eu-west-1.amazonaws.com
start.hertslynx.padam.io
13.224.189.43
151.101.128.176
2600:9000:223c:7c00:13:1cd6:aec0:93a1
2606:4700::6811:180e
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
2a00:1450:400d:806::200a
34.249.89.32
44.237.94.111
52.218.65.20
52.31.67.199
54.186.23.98
00d40841cc7bc9a2623a3e130952a6c2631f94e7210b392a0b61e824dc0e508c
0168735fcd21636bde8fbdfb1545519372f351e41659c146c78fafb9bba598ed
0c27e3c41b0eff5f66b76de025a3f736a90ed78404fc35767f560a2f325c9d24
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
36649694206e2f41b4b3eaf731e21b544825f3cb7b69069b9b001ef9ce62140e
3d94d2c1cf8ee86c1470c062274f03ff8f117ddc059364876077883bfd7143ce
3f8a233d057abaab43390e166b1525cc4821e863053e68d72fb4387c825f6110
589d9499a78572479501bae22ef44c635d7b494c2fe0aecaac7b75d14ebee2ab
712be3d49baba97f46a8333f64807ca7d108cc221ba801e4e71ac5223f2fe247
8985209ab6a97c31af06b78f24facc59064370e6dd01c4ad281a633f7033fb7b
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a8dbc6f6ec27d018dcbb9a97be5a1c0e7011c776bb1ba86914fc17d81fb75ec8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b601aa1f676d681db892a4cf38d75530bf2cfe0b7cc60265708f9267578bac81
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dcde5c977dd5f39f418d71ea77c98924cf85dbcaef2f60d89a83e9d81c3d93
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb99dd844bdf78831777f55af55b3387a587c67f1934c1f3cf6680d905439f0f