bookings.wowapps.com Open in urlscan Pro
52.63.227.115  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bookings.wowapps.com/	9 KB 4 KB	1351ms 95ms	Document text/html	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash ded3af7d82116c915a4e3c5ecc1912f194726aabd7f0e03c9559d49a78476c07 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Cache-Control no-cache, no-store, max-age=0 Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Tue, 01 Aug 2023 23:02:50 GMT Server Microsoft-IIS/8.5 Strict-Transport-Security max-age=2592000 Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By ASP.NET
GET H2	200	css2 fonts.googleapis.com/	2 KB 952 B	656ms 189ms	Stylesheet text/css	172.253.118.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Hanken+Grotesk Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f95.1e100.net Software ESF / Resource Hash 8d47c1a790920fe1647a0f324995916336cb0278b208a5681ebf04aa3d761b22 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 01 Aug 2023 23:02:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 01 Aug 2023 23:02:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 01 Aug 2023 23:02:58 GMT
GET H/1.1	200 OK	bootstrap.min.css bookings.wowapps.com/css/bootstrap/	159 KB 35 KB	96ms 95ms	Stylesheet text/css	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/css/bootstrap/bootstrap.min.css Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 4a221530681185d5e32924c875d5fb9a1f486ce5d573041673bfe9e274ba0ffd Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:50 GMT Last-Modified Sun, 14 May 2023 21:57:33 GMT Server Microsoft-IIS/8.5 ETag "1d986af15f43f26" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control no-cache Accept-Ranges bytes
GET H/1.1	200 OK	site.css bookings.wowapps.com/css/	8 KB 4 KB	125ms 123ms	Stylesheet text/css	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/css/site.css Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 0ead7caaee3b0997848b4a4b5d01ee1ffba25d56091751118c2ff45983151b1f Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:50 GMT Last-Modified Tue, 01 Aug 2023 00:53:19 GMT Server Microsoft-IIS/8.5 ETag "1d9c4129016b67e" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control no-cache Accept-Ranges bytes
GET H/1.1	200 OK	Bookings.styles.css bookings.wowapps.com/	1 KB 1 KB	220ms 95ms	Stylesheet text/css	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/Bookings.styles.css Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 9f642cf23c863ea452156de9fd3faa4e5a205c44d8cd29995373bb639467f9d8 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:51 GMT Last-Modified Tue, 01 Aug 2023 02:06:30 GMT Server Microsoft-IIS/8.5 ETag "1d9c41cc95412ff" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control no-cache Accept-Ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	257 KB 87 KB	663ms 196ms	Script application/javascript	74.125.200.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-B1TK4W4L9T Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f97.1e100.net Software Google Tag Manager / Resource Hash 9d052d293bdadafb83c8a04e1deb5e91ca8e3420d8bf8709215349c22b37b1c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 23:02:59 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88183 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 01 Aug 2023 23:02:59 GMT
GET H/1.1	200 OK	jquery-ui.css bookings.wowapps.com/jquery-ui/	24 KB 6 KB	285ms 95ms	Stylesheet text/css	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/jquery-ui/jquery-ui.css Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 84869b655983bc8ab4b3006dcf28a0893ddfea77c0c816728434e4e6598c1b0e Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:51 GMT Last-Modified Mon, 03 Jul 2023 06:43:35 GMT Server Microsoft-IIS/8.5 ETag "1d9ad79b09f652a" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control no-cache Accept-Ranges bytes
GET H/1.1	200 OK	blazor.server.js Show response bookings.wowapps.com/_framework/	132 KB 49 KB	549ms 359ms	Script text/javascript	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/_framework/blazor.server.js Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 59ec41e0b4ec5ea977158c598d2456f3fc636eb6cd955c16437fd532ab4044cf Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:51 GMT Last-Modified Fri, 18 Nov 2022 14:59:20 GMT Server Microsoft-IIS/8.5 ETag "1d8fb5e56428444" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control no-cache Accept-Ranges bytes
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/	79 KB 25 KB	1052ms 243ms	Script application/javascript	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bookings.wowapps.com/ Origin https://bookings.wowapps.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 01 Aug 2023 23:02:58 GMT x-content-type-options nosniff content-encoding br age 4206826 x-jsd-version 5.3.0-alpha3 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 24750 x-served-by cache-fra-eddf8230059-FRA, cache-bfi-krnt7300115-BFI x-jsd-version-type version etag W/"13ac2-jNeXExg3GrPRY3nfbPslSlxkn8o" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	5a8a8681a6.js Show response kit.fontawesome.com/	11 KB 5 KB	702ms 322ms	Script text/javascript	104.18.23.52 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/5a8a8681a6.js Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e778fcecb1c0a2f73388fecc07334ba493ee0f40cdd61b648e0681efd2f35b96 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://bookings.wowapps.com/ Origin https://bookings.wowapps.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 23:02:58 GMT strict-transport-security max-age=31536000; preload content-encoding gzip cf-cache-status REVALIDATED server cloudflare access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=60, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method cf-ray 7f01b633faaca959-SYD access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F3cgQJL4Gc92ceQe90EC
GET H2	200	/ Show response js.stripe.com/v3/	517 KB 128 KB	620ms 214ms	Script text/javascript	13.227.254.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-56.sin52.r.cloudfront.net Software Cloudfront / Resource Hash 55f2cdbccc20baf836d4103c14d823cff2f7530d7ecb59b84d43b9c516c04432 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff date Tue, 01 Aug 2023 23:02:15 GMT via 1.1 1ce5b4ee9f2f36701e8515d9d8ae140c.cloudfront.net (CloudFront) x-amz-cf-pop SIN52-C3 age 43 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 01 Aug 2023 18:04:43 GMT server Cloudfront etag W/"603a0e99783616d6d67602a33c9c93da" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id yFRCjyP1ad67lkpZKhhTutOlcwYLyk-QwzelmdSSLqbrj8x9YIFb7Q==
GET H2	200	square.js Show response web.squarecdn.com/v1/	346 KB 100 KB	959ms 187ms	Script application/javascript	13.224.249.78 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://web.squarecdn.com/v1/square.js Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.249.78 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-249-78.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 10cf5c11797970ddcb58709384f3413fc672ed4a8d00ff4ffa70005f6a0183d5 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-amz-version-id ts69SjGUK26rhNg9yLv3BONI0is56leh content-encoding gzip via 1.1 e7dacb0efeeed58e9fdd0c9cd774981a.cloudfront.net (CloudFront) date Tue, 01 Aug 2023 18:06:48 GMT x-amz-cf-pop SIN52-C2 age 17771 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED x-amz-meta-websdk-version 1.51.0 last-modified Sat, 29 Jul 2023 01:05:24 GMT server AmazonS3 etag W/"675e1efc37a6c16b10a8a69de6ca7a90" access-control-max-age 300 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * x-amz-meta-md5checksum Z14e/DemwWsQqKad5sp6kA== cache-control public, max-age=300 vary Accept-Encoding x-amz-cf-id h29bfbBRHvFC5EhF03NKBZPeMYX7U24lD8Wld2e7FOeuO3MsnlIkDA==
GET H/1.1	200 OK	jquery.js Show response bookings.wowapps.com/jquery-ui/external/jquery/	292 KB 113 KB	377ms 188ms	Script text/javascript	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/jquery-ui/external/jquery/jquery.js Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:51 GMT Last-Modified Tue, 06 Jun 2023 12:07:43 GMT Server Microsoft-IIS/8.5 ETag "1d9986f7f658045" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control no-cache Accept-Ranges bytes
GET H/1.1	200 OK	jquery-ui.js Show response bookings.wowapps.com/jquery-ui/	198 KB 66 KB	314ms 95ms	Script text/javascript	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/jquery-ui/jquery-ui.js Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 18dff8333200f235a9137cc679a3c0355dc89b865000a11e4e43baab3e388c0e Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:51 GMT Last-Modified Tue, 06 Jun 2023 12:07:43 GMT Server Microsoft-IIS/8.5 ETag "1d9986f7f62070f" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control no-cache Accept-Ranges bytes
GET H/1.1	200 OK	open-iconic-bootstrap.min.css bookings.wowapps.com/css/open-iconic/font/css/	9 KB 3 KB	159ms 95ms	Stylesheet text/css	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/css/open-iconic/font/css/open-iconic-bootstrap.min.css Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/css/site.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/css/site.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Content-Encoding gzip Date Tue, 01 Aug 2023 23:02:51 GMT Last-Modified Sun, 14 May 2023 21:57:33 GMT Server Microsoft-IIS/8.5 ETag "1d986af15f66033" X-Powered-By ASP.NET Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control no-cache Accept-Ranges bytes
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	172 KB 47 KB	862ms 186ms	Script application/x-javascript	157.240.7.26 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.7.26 , Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-sin6.fbcdn.net Software / Resource Hash c99ff58c3dc4deb821c87dc9c45aed4af66541ceb1b0f62ec208114ffc37dbf4 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 01 Aug 2023 23:02:59 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 47198 x-xss-protection 0 pragma public x-fb-debug wAPmbbEQXVsVL1Lnosn+ES9srh1rQBizFESTsfYJKImEIWrq5yRncEIkQxPU9wHNiVuSre8aJ8eteW5+rCzEmg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	initializers Show response bookings.wowapps.com/_blazor/	2 B 237 B	96ms 96ms	Fetch application/json	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/_blazor/initializers Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/_framework/blazor.server.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Strict-Transport-Security max-age=2592000 Date Tue, 01 Aug 2023 23:02:51 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Transfer-Encoding chunked Content-Type application/json; charset=utf-8
GET H2	200	ieVq2YZDLWuGJpnzaiwFXS9tYvBRzyFLlZg_f_Ncs2Zq5vBM.woff2 fonts.gstatic.com/s/hankengrotesk/v8/	13 KB 14 KB	862ms 187ms	Font font/woff2	74.125.200.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/hankengrotesk/v8/ieVq2YZDLWuGJpnzaiwFXS9tYvBRzyFLlZg_f_Ncs2Zq5vBM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Hanken+Grotesk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f94.1e100.net Software sffe / Resource Hash 294ebb02701a56535ef031d4a241cb7621aa16dbd12ea934a5e1c3e518194b37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bookings.wowapps.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Mon, 31 Jul 2023 14:45:58 GMT x-content-type-options nosniff age 116220 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13512 x-xss-protection 0 last-modified Tue, 02 May 2023 14:50:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 30 Jul 2024 14:45:58 GMT
POST H/1.1	200 OK	negotiate Show response bookings.wowapps.com/_blazor/	316 B 519 B	95ms 95ms	Fetch application/json	52.63.227.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bookings.wowapps.com/_blazor/negotiate?negotiateVersion=1 Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/_framework/blazor.server.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 52.63.227.115 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-63-227-115.ap-southeast-2.compute.amazonaws.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash abebbc646d1f54419acf6c02e5b7ae3be2bbcadd0efb62b412a345e301179737 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://bookings.wowapps.com/ X-Requested-With XMLHttpRequest accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 X-SignalR-User-Agent Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version) Response headers Strict-Transport-Security max-age=2592000 Date Tue, 01 Aug 2023 23:02:51 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET Content-Length 316 Content-Type application/json
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	876ms 199ms	Fetch text/css	172.64.131.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=5a8a8681a6 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/5a8a8681a6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.131.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 23:02:59 GMT via 1.1 4efbd5b290462fbd5ee9b1de5f123e2a.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 age 75325 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AEDyfJLYw8w2L0qh46mdI1%2FQHwP7x%2BOcM6VGGNjDRMzd0xS5vZzXIgFc7x59LnNCkHEjmGcod2thfa6A08aNOuyHmGZAIGYQDzwtv6HVB%2FZJCiVC1Ev14sMlrmV9bBYPCJympVs%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7f01b63d2e5587dd-SIN access-control-allow-headers fa-kit-token x-amz-cf-id FfWqhkeDfUDrAkuJfc4rTGD5O8O5bFsoLMSSD4C7xIn_rKaqD5jX3A==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	870ms 193ms	Fetch text/css	172.64.131.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=5a8a8681a6 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/5a8a8681a6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.131.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 23:02:59 GMT via 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 age 75325 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CplyZ9nmoq3G3kCUgIPAnmYPCy2se8IsjJb2uPc8L0igQYhdi7mwtIweb%2FFuy6vzIw%2FVJP7CqAhDciOSFNvP0q1CTrbZ7LyHYE6L9TpBP%2FDBJgKDwvhsvpEPxWtmAxSxb8fvmzTeug%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7f01b63d2e5687dd-SIN access-control-allow-headers fa-kit-token x-amz-cf-id s9T14LR0G5kTHnAjD_VPdq_uWLPv_odBi9hda6E4ppiOepYfDjqxFQ==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 1 KB	874ms 198ms	Fetch text/css	172.64.131.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=5a8a8681a6 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/5a8a8681a6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.131.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Tue, 01 Aug 2023 23:02:59 GMT via 1.1 d9b92c8e025d0ae3b9e15cd61fa52236.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 age 75325 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyDg5PkAXO%2BWAAvotE7OQPCL5JAiKFsHMRxmDMsdVuLfhv9Ov3dE62zO21M5Gg8W0yFuUFYzDaO4ueTprJ0b97RM8JrjUT4vHrP%2FLGbL2vchEVNZU9jodCnGjoFXVCeo%2BbLrFpbHdg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7f01b63d2e5787dd-SIN access-control-allow-headers fa-kit-token x-amz-cf-id 79YbOJpTXVfiQ_rw_Ko73YU91UqVZ3o1xT2YCNi2-YNYuuqj9p_dyg==
GET H2	200	m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response js.stripe.com/v3/ Frame DB33	200 B 1 KB	189ms 188ms	Document text/html	13.227.254.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-56.sin52.r.cloudfront.net Software Cloudfront / Resource Hash f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://bookings.wowapps.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 547 alt-svc h3=":443"; ma=86400 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 01 Aug 2023 22:53:52 GMT etag "93afeeb17bc37e711759584dbfc50d47" last-modified Fri, 21 Jul 2023 22:17:59 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 1ce5b4ee9f2f36701e8515d9d8ae140c.cloudfront.net (CloudFront) x-amz-cf-id b9Q8CreWq7V7poS1dz7qTcweRhh_G0iG6ZofWVBOoLSnVspi0dFEbA== x-amz-cf-pop SIN52-C3 x-cache Hit from cloudfront x-content-type-options nosniff
GET H3	200	m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response js.stripe.com/v3/fingerprinted/js/ Frame DB33	631 B 998 B	189ms 189ms	Script text/javascript	13.227.254.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.254.56 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-56.sin52.r.cloudfront.net Software Cloudfront / Resource Hash 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 01 Aug 2023 22:53:53 GMT x-content-type-options nosniff via 1.1 625de659a90e36a729e80cd3fdf6ae3c.cloudfront.net (CloudFront) age 546 x-amz-cf-pop SIN52-C3 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 631 last-modified Wed, 19 Jul 2023 17:13:48 GMT server Cloudfront etag "f8f6a4584135f737b26927596ce6e0a7" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id ePgpyCfN8FI8-EBDaGnVBAwdndtTIe3xfQcRSiizc0WbEFI45L7_ag==
POST H2	200	csp-report q.stripe.com/ Frame DB33	0 717 B	966ms 254ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 01 Aug 2023 23:02:59 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690930979867832 x-envoy-upstream-service-time 8 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1690930979863241 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame DB33	0 718 B	960ms 248ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 01 Aug 2023 23:02:59 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690930979863974 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1690930979863310 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame BC61	930 B 1 KB	701ms 230ms	Document text/html	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 65 cache-control max-age=300, public content-encoding br content-length 540 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 01 Aug 2023 23:02:59 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 27 x-content-type-options nosniff x-request-id 94a1eeb3-6666-41f4-9020-ba366de2d14b x-served-by cache-bfi-kbfi7400070-BFI x-timer S1690930980.622875,VS0,VE0
POST H2	204	collect www.google-analytics.com/g/	0 257 B	860ms 186ms	Ping text/plain	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-B1TK4W4L9T&gtm=45je37v0&_p=1357158495&cid=1217887355.1690930980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690930979&sct=1&seg=0&dl=https%3A%2F%2Fbookings.wowapps.com%2F&dt=Booking%20Error&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-B1TK4W4L9T Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Tue, 01 Aug 2023 23:03:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bookings.wowapps.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	csp-report q.stripe.com/ Frame BC61	0 491 B	251ms 250ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 01 Aug 2023 23:02:59 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690930979863689 x-envoy-upstream-service-time 4 content-length 0 x-stripe-bg-intended-route-color green pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 3 x-stripe-client-envoy-start-time-us 1690930979863426 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame BC61	87 KB 15 KB	231ms 230ms	Script text/javascript	151.101.128.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.128.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Tue, 01 Aug 2023 23:02:59 GMT x-content-type-options nosniff content-encoding br via 1.1 varnish age 89 x-cache HIT content-length 15509 x-request-id 6780e811-aef8-49ea-aa8d-b388300203bf x-served-by cache-bfi-kbfi7400070-BFI server Fastly x-timer S1690930980.860709,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 29
GET H2	200	645231259298327 Show response connect.facebook.net/signals/config/	378 KB 108 KB	442ms 442ms	Script application/x-javascript	157.240.7.26 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/645231259298327?v=2.9.120&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.7.26 , Singapore, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-sin6.fbcdn.net Software / Resource Hash eb40303bd89c752ce3eb085d47cb3dd504f5907ec2ab205108ceb55301ca3d7c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 01 Aug 2023 23:03:00 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug zGV27opZX5jkVb2uwS6iLjSMNHavPi7fP09R7AZ0mSRtuVTyrrXgOo9Zi8Ej0qZeaHzDUSvjwsSarzfSB34W5A== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	6 Show response m.stripe.com/ Frame BC61	156 B 669 B	773ms 259ms	XHR application/json	52.88.60.218 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.60.218 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-60-218.us-west-2.compute.amazonaws.com Software nginx / Resource Hash acc2d9cf905e8c640d3e79e9a4bff8afbacefd2fcfc58db4a4afc4740162a375 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Tue, 01 Aug 2023 23:03:00 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1690930980705567 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1690930980704787 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H2	200	/ www.facebook.com/tr/	0 185 B	659ms 185ms	Image text/plain	157.240.235.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=645231259298327&ev=PageView&dl=https%3A%2F%2Fbookings.wowapps.com%2F&rl=&if=false&ts=1690930980594&sw=1600&sh=1200&v=2.9.120&r=stable&ec=0&o=30&fbp=fb.1.1690930980593.1924346798&cs_est=true&it=1690930979867&coo=false&exp=a3&rqm=GET Requested by Host: bookings.wowapps.com URL: https://bookings.wowapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-04-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 01 Aug 2023 23:03:01 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 54 B	186ms 185ms	Image text/plain	157.240.235.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=645231259298327&ev=Microdata&dl=https%3A%2F%2Fbookings.wowapps.com%2F&rl=&if=false&ts=1690930982099&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Booking%20Error%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.120&r=stable&ec=1&o=30&fbp=fb.1.1690930980593.1924346798&it=1690930979867&coo=false&es=automatic&tm=3&exp=a3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-04-sin6.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://bookings.wowapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 01 Aug 2023 23:03:02 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| fbq function| _fbq object| DotNet object| Blazor number| uidEvent object| bootstrap object| FontAwesomeKitConfig object| webpackChunkStripeJSouter function| noop function| Stripe function| loadSquareCardEntry function| createSquareToken object| stripe function| loadStripeCardEntry function| createStripeToken function| $ function| jQuery function| onBlazorReady object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __SENTRY__ object| Square

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wowapps.com/	1970-01-20 23:18:10	Name: _ga Value: GA1.1.1217887355.1690930980
			.wowapps.com/	1970-01-20 23:18:10	Name: _ga_B1TK4W4L9T Value: GS1.1.1690930979.1.0.1690930979.0.0.0
			.wowapps.com/	1970-01-20 15:51:46	Name: _fbp Value: fb.1.1690930980593.1924346798
			m.stripe.com/	1970-01-20 23:18:10	Name: m Value: a3447b85-6aaf-45b7-9f64-dc703c181555ddfa7a
			.bookings.wowapps.com/	1970-01-20 22:27:46	Name: __stripe_mid Value: 056be501-6485-4cb9-b805-23b22129ff21f01e23
			.bookings.wowapps.com/	1970-01-20 13:42:12	Name: __stripe_sid Value: 561d4276-2fe4-4171-81f2-171c6607ce436ac052

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000