classicspasandsteam.heyonline.co.za Open in urlscan Pro
52.27.96.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://classicspasandsteam.heyonline.co.za/
Submission: On February 07 via automatic, source certstream-suspicious (February 7th 2023, 2:24:49 pm UTC) — Scanned from DE

Summary HTTP 52 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 52 HTTP transactions. The main IP is 52.27.96.232, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is classicspasandsteam.heyonline.co.za.
TLS certificate: Issued by R3 on February 7th 2023. Valid for: 3 months.

This is the only time classicspasandsteam.heyonline.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	52.27.96.232 52.27.96.232	16509 (AMAZON-02) (AMAZON-02)
12	99.86.1.224 99.86.1.224	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80a::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
52	14

3 52.27.96.232 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-96-232.us-west-2.compute.amazonaws.com

classicspasandsteam.heyonline.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 99.86.1.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-224.fra6.r.cloudfront.net

dqbgk6hf2uifn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 295 fonts.googleapis.com — Cisco Umbrella Rank: 34 maps.googleapis.com — Cisco Umbrella Rank: 361	270 KB
12	cloudfront.net dqbgk6hf2uifn.cloudfront.net	2 MB
9	gstatic.com www.gstatic.com maps.gstatic.com fonts.gstatic.com	775 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	21 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	27 KB
3	heyonline.co.za 2 redirects classicspasandsteam.heyonline.co.za	6 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 346	17 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742	13 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 777	4 KB
52	9

	Domain	Requested by
12	maps.googleapis.com	www.google.com maps.googleapis.com classicspasandsteam.heyonline.co.za
12	dqbgk6hf2uifn.cloudfront.net	classicspasandsteam.heyonline.co.za
6	www.gstatic.com	www.google.com www.gstatic.com
6	cdnjs.cloudflare.com	classicspasandsteam.heyonline.co.za
5	www.google.com	classicspasandsteam.heyonline.co.za www.gstatic.com www.google.com
3	classicspasandsteam.heyonline.co.za	2 redirects
2	maps.gstatic.com	www.google.com classicspasandsteam.heyonline.co.za
2	ssl.google-analytics.com	classicspasandsteam.heyonline.co.za
2	maxcdn.bootstrapcdn.com	classicspasandsteam.heyonline.co.za
1	fonts.gstatic.com	www.google.com
1	unpkg.com	dqbgk6hf2uifn.cloudfront.net
1	fonts.googleapis.com	dqbgk6hf2uifn.cloudfront.net
1	ajax.googleapis.com	classicspasandsteam.heyonline.co.za
52	13

This site contains links to these domains. Also see Links.

Domain
goo.gl
heyonline.co.za
moboom.com

Subject Issuer	Validity	Valid
classicspasandsteam.heyonline.co.za R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://classicspasandsteam.heyonline.co.za/
Frame ID: 88BBD091E28C07AA5DD3B5EBA6DE5C6E
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d224.68286586445302!2d28.198648153621402!3d-25.706878853190155!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x1ebfd8c941b2dc39%3A0x59b237a2889d16f5!2sClassic%20Spas!5e0!3m2!1sen!2sza!4v1659519313158!5m2!1sen!2sza
Frame ID: 19F841105772E39013C10BBC9E23DF76
Requests: 16 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o&co=aHR0cHM6Ly9jbGFzc2ljc3Bhc2FuZHN0ZWFtLmhleW9ubGluZS5jby56YTo0NDM.&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=qcg9kfrpjzfu
Frame ID: 5FC897E0786E1D65417E66287B980205
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o
Frame ID: 2EE6CC7D6DAF0F14EF68BD305376BC74
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Classic Spa and Steam - Specialists in Spa's and steam units for steam rooms.

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Lightbox (JavaScript Libraries) Expand

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

52
Requests

96 %
HTTPS

85 %
IPv6

9
Domains

13
Subdomains

14
IPs

3
Countries

3266 kB
Transfer

4914 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://goo.gl/maps/yJF8ehhJcfeUPWe46
Title: 767 8th Avenue, Wonderboom South, Pretoria, 0084

Search URL Search Domain Scan URL

URL: https://heyonline.co.za/

Search URL Search Domain Scan URL

URL: https://moboom.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://classicspasandsteam.heyonline.co.za/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27 HTTP 301
https://dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0

Request Chain 53

https://classicspasandsteam.heyonline.co.za/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27 HTTP 301
https://dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0

52 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
classicspasandsteam.heyonline.co.za/ 17 KB
6 KB 883ms
353ms Document
text/html 52.27.96.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.27.96.232 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-96-232.us-west-2.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 86f31c60daf7838fbf0d3f968dac5f4ea50fb364bbf0213a3d499ad0131392fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 07 Feb 2023 14:24:41 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 5449df16-6f6a-d288-aa61-62de38cae2ed_af59435255eb98fcc06f879660449e14_2e13b2d97706e0c475e7bbb2f749eb04
dqbgk6hf2uifn.cloudfront.net/_css/bootstrap/ 138 KB
28 KB 1489ms
1455ms Stylesheet
text/css 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_css/bootstrap/5449df16-6f6a-d288-aa61-62de38cae2ed_af59435255eb98fcc06f879660449e14_2e13b2d97706e0c475e7bbb2f749eb04?_hostname=classicspasandsteam.heyonline.co.za
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: 280025393e7f35e6bb2e6025a84987d59f60dd7096198adade3c21c3f6ae797f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-powered-by: Moboom (www.moboom.com)
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=315360000
x-amz-cf-id: 1vrtOXT7UMD5NR3YRYRWBjrz8AdPk-0OvYzlznNpKCeUi3w_8yehCw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.css
dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/css/ 2 KB
1 KB 42ms
9ms Stylesheet
text/css 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/css/main.css
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 24f0bad48c7f18cb3a38f2401454d61f67692c2960e02bd2453242ee8dfbf903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 07:57:54 GMT
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified: Sun, 19 Jan 2014 09:54:59 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2874407
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=315360000
x-amz-cf-id: tbW-rPcnagL193zOk8HuPMhoxknxcsLFmbH53Ax2lkFoIhg0tkjZ_w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5449df16-6f6a-d288-aa61-62de38cae2ed_af59435255eb98fcc06f879660449e14_2e13b2d97706e0c475e7bbb2f749eb04
dqbgk6hf2uifn.cloudfront.net/_css/ 12 KB
3 KB 753ms
719ms Stylesheet
text/css 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_css/5449df16-6f6a-d288-aa61-62de38cae2ed_af59435255eb98fcc06f879660449e14_2e13b2d97706e0c475e7bbb2f749eb04?_hostname=classicspasandsteam.heyonline.co.za
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: c808f78c7bd2eff0e2a9673d6361f9c0b1b8a873aab050465592a3e113d573e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:42 GMT
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-powered-by: Moboom (www.moboom.com)
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: max-age=315360000
x-amz-cf-id: 7s4YJGQ-hydqA3RxFhzm2IOFDvCojxezYfaPTKg1WbP1vIljmOGYdg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 19:04:13 GMT

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/ 14 KB
6 KB 30ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.7.1/modernizr.min.js

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6619193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5231
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-38fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvIrAyZf%2BRL3q5doAX50t0KsTuZL06EaLQswVwsCOhLTdw1a4wn9fQe2vpdFEcGwdN%2BzEb%2F9y9WQqCrAINzEcUTZfRULeivUOBJkmCXqjFLAcikQUeo41YibRMLU9GvhK7d1Sp%2FIEgGCSPxZoEA0geL6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 795cca646f349978-FRA
expires: Sun, 28 Jan 2024 14:24:41 GMT

GET
H2 200 c584025e-3180-b24d-008f-62ea4084d26b_0
dqbgk6hf2uifn.cloudfront.net/_img/ 35 KB
36 KB 840ms
840ms Image
image/png 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_img/c584025e-3180-b24d-008f-62ea4084d26b_0
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: c29b0ed4b632a2a52d20452199fa8373658050e88b9a02790b933ee9f4f5679c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-powered-by: Moboom (www.moboom.com)
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=315360000
x-amz-cf-id: hMkkvTPNr5r74XkzbmPKau-OwZbrX6mHeug74nUlodupGWdjPt4kTg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 240f4932-1117-0780-ee43-62f4f9f56bb4_0
dqbgk6hf2uifn.cloudfront.net/_img/ 203 KB
204 KB 970ms
970ms Image
image/png 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_img/240f4932-1117-0780-ee43-62f4f9f56bb4_0
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: e405ab2a09404c42b219dac4d759dbf02f5c5f0a6aeb79625b89706eaa013a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:44 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-powered-by: Moboom (www.moboom.com)
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=315360000
x-amz-cf-id: b-CxPw9h9sMVfF9HAoj5xcWnfzqd5P9CRqsfIaqL23zDAENz16WTtw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

e2438183-6ab5-05f3-490c-62ea61b0bb27_0
dqbgk6hf2uifn.cloudfront.net/_img/
Redirect Chain

https://classicspasandsteam.heyonline.co.za/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27
https://dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0

875 KB
877 KB

1249ms
1248ms

Image
image/png

99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: fa50e9584a0910be8e29e0270814ebf742b98631ae3e73bdd1c66197726f8294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:44 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
x-powered-by: Moboom (www.moboom.com)
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=315360000
x-amz-cf-id: zIRDjBIoyVvQy7oPJJuJo93sNEDdSB5N6gQ-C38HZfTcnuEvpIExOA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Tue, 07 Feb 2023 14:24:43 GMT
server: nginx
x-powered-by: Moboom (www.moboom.com)
content-type: text/html
location: //dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0
cache-control: max-age=315360000
content-length: 0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 21587539-d4d4-4ee0-07d2-5f5b365b4644_960
dqbgk6hf2uifn.cloudfront.net/_img/ 53 KB
53 KB 15ms
10ms Image
image/png 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_img/21587539-d4d4-4ee0-07d2-5f5b365b4644_960
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: 5a4a1be17760f24849d67d768161746319447fd86e22bd6afc191ea58ffbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 08:45:10 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2439573
x-powered-by: Moboom (www.moboom.com)
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000
x-amz-cf-id: qYD0zNtTtnw3eve7DQPU2Icn2gZdrQc8eva04F15Va3uioX4Zeilxw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 51fc0343-27a2-c0c8-056f-5a6eb5de5c92_0
dqbgk6hf2uifn.cloudfront.net/_img/ 53 KB
53 KB 23ms
18ms Image
image/png 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_img/51fc0343-27a2-c0c8-056f-5a6eb5de5c92_0
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: a1a667a70a096f370e9ff8883aafd2e86a2e327e695da8d92b401966e4648910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 15:04:40 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1812003
x-powered-by: Moboom (www.moboom.com)
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000
x-amz-cf-id: EXyxhP2pntBisb5zy8lU1dEDoqrgQVn3UAFyplAb65o-prcaN8l53A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/twitter-bootstrap/2.3.2/js/ 28 KB
8 KB 38ms
17ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/twitter-bootstrap/2.3.2/js/bootstrap.min.js

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c1d540b7034e4790ece82622854c1fbf34f0d4297f3167d914fb09ddae6cb4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 756
age: 19994035
cdn-cachedat: 01/30/2022 21:44:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:05:01 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"be1c5898c4332c8e7f9906011e005bb0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d3dd951e09e2bc7e46cf70fbac57b962
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 795cca691d2991f5-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.imagesloaded.min.js Show response
dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/js/ 1 KB
979 B 8ms
8ms Script
application/javascript 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/js/jquery.imagesloaded.min.js
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: d1f761f3e319661545b220040e8d646f0211240fbd8cc1e206e38923607391b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 07:50:02 GMT
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified: Sun, 19 Jan 2014 18:39:49 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 369280
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: gwAzEC0jN0lFnOB0Jz0sFyyWKF0su159lpESHWoZhPaBfKA1z4Pe6g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cbpBGSlideshow.min.js Show response
dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/js/ 1 KB
903 B 8ms
7ms Script
application/javascript 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/js/cbpBGSlideshow.min.js
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 655299f9b48944389459d9ee50524e66718542d4080bf05fd3fa7932c1a5baa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 16:09:43 GMT
content-encoding: gzip
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified: Sun, 19 Jan 2014 18:39:49 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 944099
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: vv0wflGXXg10YitJJUCQK5zVJShygF_d6BfLzgE3mbQJ7VlVbLY71g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slider_init.js Show response
dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/js/ 45 B
418 B 8ms
8ms Script
application/javascript 99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_ext/widgets/2cc5116b-b7d8-0041-62be-52a0c96362f1/1.0.0/js/slider_init.js
Requested by: Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 97d5c51ab4926e22e8c18fbdb20872b3667c7364a701edc8f2b3b1ce3e0c0835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 09:15:47 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified: Sun, 19 Jan 2014 09:54:59 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1487335
etag: "52dba0f3-2d"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 45
x-amz-cf-id: tC_zXlf6K9Hn9LV5bRq-kUi3lnhBN3nHVMpcdTDwbnQEid09CT2-1Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 14ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7156617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9564
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPDSlZLzQkwxBB%2Fda2ybzlLCS5xgkl4s9zoOKdof3LaXdAAYmhlcd1%2B2q7H59rZaP8tinAb5MXzWIY66SpEAsRs3y2zL%2BjftdLRkTlGrEm8vPN4vP8oaiO4Km%2FrNv8a5PKx3GejDUFAvG%2BhSh6TsSgAC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 795cca6a0d779978-FRA
expires: Sun, 28 Jan 2024 14:24:42 GMT

GET
H3 200 slick-lightbox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-lightbox/0.2.12/ 7 KB
3 KB 17ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-lightbox/0.2.12/slick-lightbox.min.js

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b88470d1086465a4372837c7222c7846962536bb16316fc50b94ea928a0c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 345370
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1954
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1d60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdMoNKpJlcS1wHW2%2BhCJjgjxASfqDgGmECdd4HMFFe8Rmr68YXbNkjPt4R3gykle3KXxdde1YTYjVa4%2B9abyXMdpCwGxkjgMMzP2YsVFcwqKhvpvieQn19sWdUzBibyYJPobbc4fagZBd7pjw%2FpyFVur"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 795cca6a1ac0bb50-FRA
expires: Sun, 28 Jan 2024 14:24:42 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
870 B 61ms
22ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

719dd9d08854f73d2ff4b8bd2516a8d9f247b28fea167d18db7e8a689257ed2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 550
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 14:24:43 GMT

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
1011 B 26ms
23ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 315340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1avqxA5ti3cbTrLDgghfuUXOp1OpC9xYxipagHptNJxrguzckf2XBe7YJ2SofWpcQMtkZDn3ICAk7Iyex3A3gLOEKSU0LhHGK%2Ff1M%2BGaXOAYu3K5CAWg1sngF9EG%2Fga7vKdFljqFsK1evYSOIYmmcKn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 795cca6ea841bb50-FRA
expires: Sun, 28 Jan 2024 14:24:43 GMT

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
1 KB 20ms
17ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 343846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HddcAkfLaid%2FhKKrkBdX%2Bu%2BgiB4rHvAGBk3zdIC1S0EHWaQlPM72Z76C0w2e0aTLUtH3khkumNpRgiKA8lawq5EC0pQKnCkUrU3Jy7VGDIJFiugEpy9TOBzpRqQIqAZ78CZIM5%2FUY%2FhdgHfy6rOoQ4jT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 795cca6ea843bb50-FRA
expires: Sun, 28 Jan 2024 14:24:43 GMT

GET
H3 200 slick-lightbox.css
cdnjs.cloudflare.com/ajax/libs/slick-lightbox/0.2.12/ 2 KB
1 KB 23ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-lightbox/0.2.12/slick-lightbox.css

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bd28fd6b98ad39278421c332ab2b8df4760668f608cabd7acb886df8f3abd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 309427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 481
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-787"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2XM3daNuW1voJo%2BC9IhmvMPkuLOnPWOmXJFMVCRb9QeAjgocsiKnQi4rih9IgkQPTOcCbHOvyBbUyCblWU5s4FAaqoGpl5Sa9vVN2MpPHyZLdY8lFpZUl9FStBSAT9ffO87cL9X0htQb5rlnJefWfHS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 795cca6ea844bb50-FRA
expires: Sun, 28 Jan 2024 14:24:43 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 17ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718, 718
age: 1140149
cdn-cachedat: 2021-04-13 02:36:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 357c5298f2849c0ce9712c57ec240f4e
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 795cca6ea9f091f5-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 130ms
51ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,800,900&display=swap

Requested by

Host: dqbgk6hf2uifn.cloudfront.net
URL: https://dqbgk6hf2uifn.cloudfront.net/_css/5449df16-6f6a-d288-aa61-62de38cae2ed_af59435255eb98fcc06f879660449e14_2e13b2d97706e0c475e7bbb2f749eb04?_hostname=classicspasandsteam.heyonline.co.za

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f4d9285783f935587497b7aff67dc64b0da60fdd612ac5423ba46622c19122c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dqbgk6hf2uifn.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 14:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 14:24:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 14:24:42 GMT

GET
H2 200 base.css
unpkg.com/tailwindcss@1.1.2/dist/ 11 KB
4 KB 39ms
19ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/tailwindcss@1.1.2/dist/base.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdaae4b100f8adc0e684ee2e0b9980ce86cd9a8b9564d30c2d0d4e66218f016a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dqbgk6hf2uifn.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:42 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 84083
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GRKM1CH75XAN7BWRSQ0RE2BB-fra
server: cloudflare
etag: W/"2a16-P9HHsBOimUGanCubl/I5Glw06x0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 795cca6918ad2c5f-FRA

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 120ms
28ms Script
text/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 14:02:00 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1363
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 07 Feb 2023 16:02:00 GMT

GET
H2 200 embed Show response
www.google.com/maps/ Frame 19F8 3 KB
1 KB 184ms
164ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d224.68286586445302!2d28.198648153621402!3d-25.706878853190155!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x1ebfd8c941b2dc39%3A0x59b237a2889d16f5!2sClassic%20Spas!5e0!3m2!1sen!2sza!4v1659519313158!5m2!1sen!2sza

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ead7eae43aca651d0f0aa86def6c920366c2d5a10cfa52ce1990d2a849d2a210

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-JRVVl_G4k1AEZ0mu1yqyWA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://classicspasandsteam.heyonline.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1068
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-JRVVl_G4k1AEZ0mu1yqyWA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 14:24:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 51ms
13ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://classicspasandsteam.heyonline.co.za/
Origin: https://classicspasandsteam.heyonline.co.za
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 12:43:48 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 51ms
50ms Image
image/gif 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1121415845&utmhn=classicspasandsteam.heyonline.co.za&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Classic%20Spa%20and%20Steam%20-%20Specialists%20in%20Spa%27s%20and%20steam%20units%20for%20steam%20rooms.&utmhid=748860802&utmr=-&utmp=%2F&utmht=1675779883455&utmac=UA-230481086-89&utmcc=__utma%3D131001693.2107986962.1675779883.1675779883.1675779883.1%3B%2B__utmz%3D131001693.1675779883.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1018068703&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 14:24:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5FC8 43 KB
23 KB 35ms
33ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o&co=aHR0cHM6Ly9jbGFzc2ljc3Bhc2FuZHN0ZWFtLmhleW9ubGluZS5jby56YTo0NDM.&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=qcg9kfrpjzfu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6685b28c1a788a0e2df60dfec81e187c5ed72a673bcee6ed9bcc05b4bf380c61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2UEWnUFCAzteI477v13C6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://classicspasandsteam.heyonline.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23525
content-security-policy: script-src 'report-sample' 'nonce-2UEWnUFCAzteI477v13C6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 14:24:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 19F8 169 KB
55 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d224.68286586445302!2d28.198648153621402!3d-25.706878853190155!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x1ebfd8c941b2dc39%3A0x59b237a2889d16f5!2sClassic%20Spas!5e0!3m2!1sen!2sza!4v1659519313158!5m2!1sen!2sza

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

62b65a907aed5ff3553685fecd73db288b71f1846f813c663a85e0358d5f95a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:57:33 GMT
content-encoding: gzip
server: mafe
age: 1630
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56419
x-xss-protection: 0
expires: Tue, 07 Feb 2023 14:27:33 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 5FC8 55 KB
24 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o&co=aHR0cHM6Ly9jbGFzc2ljc3Bhc2FuZHN0ZWFtLmhleW9ubGluZS5jby56YTo0NDM.&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=qcg9kfrpjzfu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 12:32:36 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 5FC8 406 KB
162 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 12:43:48 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 19F8 3 B
46 B 58ms
24ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/51/8/ Frame 19F8 222 KB
222 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97fcf9ad8137f24c0f74e5450b2b4a01d87dfa70678130187fe13c1614ab419b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 19:04:01 GMT
x-content-type-options: nosniff
age: 501642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227161
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:04:01 GMT

GET
DATA 200
OK truncated
/ Frame 5FC8 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5FC8 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5FC8 2 KB
2 KB 15ms
15ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 01:40:39 GMT
x-content-type-options: nosniff
age: 45844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Feb 2023 01:40:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5FC8 15 KB
16 KB 49ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 586996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 19:21:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5FC8 102 B
133 B 23ms
22ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o&co=aHR0cHM6Ly9jbGFzc2ljc3Bhc2FuZHN0ZWFtLmhleW9ubGluZS5jby56YTo0NDM.&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=qcg9kfrpjzfu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Tue, 07 Feb 2023 14:24:43 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ Frame 19F8 271 KB
76 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a63c8a81e2094da4cf6f608732bd29c7210be02457ff7166676a8de0813ad973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 13:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77257
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 13:08:05 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ Frame 19F8 159 KB
58 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

493ab4e7ca6837030e64d507c6ab90890cd9a63fc25bb7bf3bcd441dda6881b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 09:42:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59675
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 09:42:48 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ Frame 19F8 75 KB
27 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c9960d4d786b64288ff14832e3329395c28d73accbbb25d715952059f009d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 10:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27437
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 10:41:48 GMT

GET
H2 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ Frame 19F8 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e5fddc0c82d6c3de1f5465f6d42ac46720aa2975040067aad0b51e7c6ef6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 23:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 23:10:00 GMT

GET
DATA 200
OK truncated
/ Frame 19F8 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 19F8 4 KB
4 KB 52ms
51ms Image
image/png 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i155244082&2i154063394&2e1&3u20&4m2&1u320&2u320&5m6&1e0&5sen&6sza&10b1&12b1&14i1379903&client=google-maps-embed&token=116733

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

3b7beedb63643597de63b4a2b9cb3e7724353aea47e7960ec46deb044cde2462

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=37
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3713
x-xss-protection: 0
expires: Wed, 08 Feb 2023 14:24:43 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ Frame 19F8 27 KB
10 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a450306c30c30862f568544abf1bd0f731d64252855b937fcf8fad9d830160ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10050
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 11:31:09 GMT

GET
H3 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8/ Frame 19F8 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=za&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

640933ecd0568399cf206b9195454c247e1b2b64dc6de7b19f83473fec5ac304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1409
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 18:42:34 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 2EE6 7 KB
1 KB 36ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b4070ef2f72a31516284b37565aa2e96ea2b2f998210ce65ff0c17d33b01412

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HvfBPTCUfR2rHvEXP0y8zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://classicspasandsteam.heyonline.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-HvfBPTCUfR2rHvEXP0y8zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Feb 2023 14:24:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 19F8 326 B
692 B 47ms
47ms Image
image/bmp 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: classicspasandsteam.heyonline.co.za
URL: https://classicspasandsteam.heyonline.co.za/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:43 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 07 Feb 2023 14:24:43 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 19F8 18 KB
3 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-25.707347192234664&2d28.198097482973736&2m2&1d-25.706148489173017&2d28.199412189557478&2u20&4sen&5e0&6sm%40633000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._vky7u3&client=google-maps-embed&token=119513

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/8/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b20a557777b9da1e6cfb7ba5f6dcbd06f86f25cb9cc26a8328491967018b5e4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2692
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 2EE6 55 KB
24 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 12:32:36 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 2EE6 406 KB
162 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6Lc_M88UAAAAAGi93k0fuyJTx4hP7UfOCJVPoQ3o

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 12:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 12:43:48 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 19F8 62 B
84 B 24ms
24ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=46492

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/8/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 19F8 62 B
83 B 25ms
24ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7suc2pvl&10e1&11b0&callback=_xdc_._146d2e&client=google-maps-embed&token=53913

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/8/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e4065f7e429c5ef81ad0f0ca6c059b9510f88accc154aca6e602886a9e288cd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Feb 2023 14:24:43 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

e2438183-6ab5-05f3-490c-62ea61b0bb27_0
dqbgk6hf2uifn.cloudfront.net/_img/
Redirect Chain

https://classicspasandsteam.heyonline.co.za/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27
https://dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0

875 KB
876 KB

18ms
18ms

Image
image/png

99.86.1.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0
Protocol: H2
Server: 99.86.1.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-224.fra6.r.cloudfront.net
Software: nginx / Moboom (www.moboom.com)
Resource Hash: fa50e9584a0910be8e29e0270814ebf742b98631ae3e73bdd1c66197726f8294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://classicspasandsteam.heyonline.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:24:44 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
age: 1
x-powered-by: Moboom (www.moboom.com)
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000
x-amz-cf-id: hGbaKu11y-6xuXoCAeImJeeVbKe43hHa9BVUmuXxLp9XsiVLDScuhQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Tue, 07 Feb 2023 14:24:45 GMT
server: nginx
x-powered-by: Moboom (www.moboom.com)
content-type: text/html
location: //dqbgk6hf2uifn.cloudfront.net/_img/e2438183-6ab5-05f3-490c-62ea61b0bb27_0
cache-control: max-age=315360000
content-length: 0
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
classicspasandsteam.heyonline.co.za/	1970-01-20 09:31:14	Name: _lang Value: en
classicspasandsteam.heyonline.co.za/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A1tpxviyeu1iCEbtfzEFGNJnl.jgYnwvZIt6GftkHeSXn4U3t0lEtW5jPNvXKwl2Uis6U
classicspasandsteam.heyonline.co.za/	1969-12-31 23:59:59	Name: dvc Value: r:1,w:1600,h:1200,p:false
.classicspasandsteam.heyonline.co.za/	1970-01-20 19:05:39	Name: __utma Value: 131001693.2107986962.1675779883.1675779883.1675779883.1
.classicspasandsteam.heyonline.co.za/	1969-12-31 23:59:59	Name: __utmc Value: 131001693
.classicspasandsteam.heyonline.co.za/	1970-01-20 13:52:27	Name: __utmz Value: 131001693.1675779883.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.classicspasandsteam.heyonline.co.za/	1970-01-20 09:29:40	Name: __utmt Value: 1
.classicspasandsteam.heyonline.co.za/	1970-01-20 09:29:41	Name: __utmb Value: 131001693.1.10.1675779883

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
classicspasandsteam.heyonline.co.za
dqbgk6hf2uifn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
ssl.google-analytics.com
unpkg.com
www.google.com
www.gstatic.com
2606:4700::6810:7caf
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:809::2004
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2008
52.27.96.232
99.86.1.224
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b2a741489fb323cd96e2b546693ca1fc7151cfa0f2111eee4dd512e6b359941
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f4d9285783f935587497b7aff67dc64b0da60fdd612ac5423ba46622c19122c
24f0bad48c7f18cb3a38f2401454d61f67692c2960e02bd2453242ee8dfbf903
280025393e7f35e6bb2e6025a84987d59f60dd7096198adade3c21c3f6ae797f
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
38b88470d1086465a4372837c7222c7846962536bb16316fc50b94ea928a0c4b
39e5fddc0c82d6c3de1f5465f6d42ac46720aa2975040067aad0b51e7c6ef6f4
3b7beedb63643597de63b4a2b9cb3e7724353aea47e7960ec46deb044cde2462
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
493ab4e7ca6837030e64d507c6ab90890cd9a63fc25bb7bf3bcd441dda6881b0
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5a4a1be17760f24849d67d768161746319447fd86e22bd6afc191ea58ffbde89
5c9960d4d786b64288ff14832e3329395c28d73accbbb25d715952059f009d1a
5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e
62b65a907aed5ff3553685fecd73db288b71f1846f813c663a85e0358d5f95a4
640933ecd0568399cf206b9195454c247e1b2b64dc6de7b19f83473fec5ac304
655299f9b48944389459d9ee50524e66718542d4080bf05fd3fa7932c1a5baa8
6685b28c1a788a0e2df60dfec81e187c5ed72a673bcee6ed9bcc05b4bf380c61
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
719dd9d08854f73d2ff4b8bd2516a8d9f247b28fea167d18db7e8a689257ed2c
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
7b4070ef2f72a31516284b37565aa2e96ea2b2f998210ce65ff0c17d33b01412
7c1d540b7034e4790ece82622854c1fbf34f0d4297f3167d914fb09ddae6cb4c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f31c60daf7838fbf0d3f968dac5f4ea50fb364bbf0213a3d499ad0131392fe
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97d5c51ab4926e22e8c18fbdb20872b3667c7364a701edc8f2b3b1ce3e0c0835
97fcf9ad8137f24c0f74e5450b2b4a01d87dfa70678130187fe13c1614ab419b
a1a667a70a096f370e9ff8883aafd2e86a2e327e695da8d92b401966e4648910
a450306c30c30862f568544abf1bd0f731d64252855b937fcf8fad9d830160ea
a63c8a81e2094da4cf6f608732bd29c7210be02457ff7166676a8de0813ad973
b0044d91b724bb429337d6dcd9d2332e855bc0b4452c1d3fc9beea9973017521
b1bd28fd6b98ad39278421c332ab2b8df4760668f608cabd7acb886df8f3abd7
b20a557777b9da1e6cfb7ba5f6dcbd06f86f25cb9cc26a8328491967018b5e4a
bdaae4b100f8adc0e684ee2e0b9980ce86cd9a8b9564d30c2d0d4e66218f016a
c29b0ed4b632a2a52d20452199fa8373658050e88b9a02790b933ee9f4f5679c
c808f78c7bd2eff0e2a9673d6361f9c0b1b8a873aab050465592a3e113d573e7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
d1f761f3e319661545b220040e8d646f0211240fbd8cc1e206e38923607391b8
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e405ab2a09404c42b219dac4d759dbf02f5c5f0a6aeb79625b89706eaa013a49
e4065f7e429c5ef81ad0f0ca6c059b9510f88accc154aca6e602886a9e288cd4
ead7eae43aca651d0f0aa86def6c920366c2d5a10cfa52ce1990d2a849d2a210
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
fa50e9584a0910be8e29e0270814ebf742b98631ae3e73bdd1c66197726f8294

classicspasandsteam.heyonline.co.za Open in urlscan Pro 52.27.96.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

85 %IPv6

9 Domains

13 Subdomains

14 IPs

3 Countries

3266 kBTransfer

4914 kBSize

8 Cookies

3 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

classicspasandsteam.heyonline.co.za Open in urlscan Pro
52.27.96.232 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

85 %
IPv6

9
Domains

13
Subdomains

14
IPs

3
Countries

3266 kB
Transfer

4914 kB
Size

8
Cookies

52 HTTP transactions
3 data transactions