www.firstgroup-sa.co.za Open in urlscan Pro
2606:4700::6811:b93a  Public Scan

47 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Page URL
2. https://www.firstgroup-sa.co.za/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://onboard.triptease.io/bootstrap.js?integrationId=01FZGACC90HYFT4DTPHMABCEX6 HTTP 307
• https://onboard.triptease.io/bootstrap/v6891.84388/bootstrap.js

Request Chain 41

• https://www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js

Request Chain 62

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Show response dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/	586 B 1 KB	1498ms 791ms	Document text/html	52.169.10.20 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.169.10.20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 / Resource Hash 4a7f2078179348173d7849b8e066a815976f9e93afccd9aab398e266d83e117c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers api-deprecated False content-length 586 content-type text/html; charset=utf-8 date Mon, 11 Sep 2023 23:59:07 GMT server Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 strict-transport-security max-age=31536000; includeSubDomains x-activity-id 619cac34-5c2a-4ec5-8016-2d634fe9abd8 x-content-type-options nosniff x-ms-activity-id 619cac34-5c2a-4ec5-8016-2d634fe9abd8 x-servicefabricrequestid c3b71cc7-1e47-4934-ac53-a0b13cb36cdf 31d862d8-ab07-4578-b3b9-98c1828a3468
GET H2	200	bot-detection.js Show response mktdplp102cdn.azureedge.net/public/latest/js/	29 KB 11 KB	106ms 19ms	Script application/x-javascript	2606:2800:133:206e:1315:22a5:2006:24fd EDGECAST
General Check archive.org Show headers Download Go to Full URL https://mktdplp102cdn.azureedge.net/public/latest/js/bot-detection.js?v=1.84.2007 Requested by Host: dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com URL: https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CDA) / Resource Hash 84eacf3f43bf7b9177fb78c533f34c3930cd517da0295bfd57bd5e01b2400ed8 Request headers accept-language de-DE,de;q=0.9 Referer https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 11 Sep 2023 23:59:08 GMT content-encoding gzip content-md5 Yp+2mkXk4MNv10H73jLLCQ== age 282608 x-cache HIT content-length 10471 x-ms-lease-status unlocked last-modified Tue, 14 Feb 2023 10:25:54 GMT server ECAcc (frc/4CDA) etag 0x8DB0E75DA644AE9 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id ea7b28c3-401e-002e-6e79-e201b4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/png
POST H2	204	cp dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/	0 0	244ms 244ms	Fetch	52.169.10.20 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/cp Requested by Host: mktdplp102cdn.azureedge.net URL: https://mktdplp102cdn.azureedge.net/public/latest/js/bot-detection.js?v=1.84.2007 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.169.10.20 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 11 Sep 2023 23:59:07 GMT x-content-type-options nosniff server Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 x-servicefabricrequestid 5d694051-c0ec-4659-a16f-a6ec24e68585, a230a9ed-0e8b-4aed-b6f3-f9b9c0a35bb5 x-activity-id ad0dc3d2-6e1b-422e-882d-8fa42e296c38 x-ms-activity-id ad0dc3d2-6e1b-422e-882d-8fa42e296c38 content-length 0 api-deprecated False
GET H2	200	Primary Request / Show response www.firstgroup-sa.co.za/	177 KB 25 KB	1727ms 126ms	Document text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/ Requested by Host: mktdplp102cdn.azureedge.net URL: https://mktdplp102cdn.azureedge.net/public/latest/js/bot-detection.js?v=1.84.2007 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa6cfbe961ccae98945314cb9a598cc9ad004d9701dfa163e3756f67fe28ca0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 8053dce8af942c29-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 11 Sep 2023 23:59:10 GMT last-modified Mon, 11 Sep 2023 08:18:15 GMT referrer-policy no-referrer-when-downgrade server cloudflare strict-transport-security max-age=31536000; includeSubdomains; preload vary Accept-Encoding via 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront) x-amz-cf-id p3uLchqVln4hg0zVqYCwknE_cwLp8diGYKW19iBbMeiyiz0altclSQ== x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	main.css www.firstgroup-sa.co.za/css/custom/721/47/main/2075e48fadcfffc43106ba000870852b/	306 KB 51 KB	221ms 217ms	Stylesheet text/css	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/css/custom/721/47/main/2075e48fadcfffc43106ba000870852b/main.css Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d18d8c02267735d514d1b55662dd81b79a74863066d4c6145d108a8099b7818 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 a6f8e4a6d80386054febd47005eabaca.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 11 Sep 2023 08:18:17 GMT server cloudflare etag W/"3b16fef5ecdb194db58ab7c13ff72415" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control no-cache cf-ray 8053dce97fe12c29-FRA x-amz-cf-id CSA4zV_6145ZPsLheUETr935_M1m22QiEZX2n1M4bHZ4fRoR2uBzNA==
GET H2	200	gms-latest.min.js Show response cdn.galaxy.tf/asset-galaxy/js/	149 KB 46 KB	447ms 359ms	Script application/javascript	2606:4700::6811:b83a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v93be0159edb1b68f42ec36ab9db3b90a Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81fe13ad9ef82cacb79ed35dcc68f47beb08413f8ba12e72504f6c47b51cde71 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=15768000 content-encoding br cf-cache-status DYNAMIC last-modified Tue, 05 Sep 2023 09:33:04 GMT server cloudflare etag W/"252e8-60499505bc248-gzip" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 cf-ray 8053dcea0fce3a96-FRA alt-svc h3=":443"; ma=86400 expires Mon, 18 Sep 2023 23:59:10 GMT
GET H2	200	css2 fonts.googleapis.com/	33 KB 2 KB	84ms 34ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Great+Vibes&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 143682dacbd5d8fc07639adb4a1c60276ce0e58334d07e3233b68f93da91012c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 11 Sep 2023 23:59:10 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 11 Sep 2023 23:59:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 11 Sep 2023 23:59:10 GMT
GET H2	200	CopperplateGothicBold.woff2 www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	24 KB 24 KB	128ms 122ms	Font font/woff2	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/CopperplateGothicBold.woff2 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d11f751bbfcb3f74bcf60fcd587652038107e810669cd061441a399110e6e91 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 24304 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:39 GMT server cloudflare etag "05f290a1d57a905eaf542dbf89ebc236" x-frame-options SAMEORIGIN vary Accept-Encoding content-type font/woff2 cache-control no-cache accept-ranges bytes cf-ray 8053dce97fe52c29-FRA x-amz-cf-id kYKnevtzm3NsEV5gGzObE_B4g8j1xlZEpUEJyhiNCrCuwh3SUR_lgQ==
GET H2	200	CopperplateGothicBold.woff www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	31 KB 31 KB	193ms 187ms	Font application/x-font-woff	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/CopperplateGothicBold.woff Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fa9553b8e1c2e83d93cb6409d0c04fbd7f4df5fa073dc09526380b79c74aa6a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 056d6ac2ca676a55ced60e0ac6451d22.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 31880 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:34 GMT server cloudflare etag "269829e347820b7febfb4e7aaa78cc54" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-font-woff cache-control no-cache accept-ranges bytes cf-ray 8053dce97fe62c29-FRA x-amz-cf-id I0j7KRg_sG-YCWhT_0_yZ_dTVTcUwg4wWNCkmmsJnbbQ-FHeCOgZiA==
GET H2	200	itc_avant_lt_bold.woff2 www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	20 KB 21 KB	148ms 143ms	Font font/woff2	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/itc_avant_lt_bold.woff2 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be7b85136bd51909802cf9df3eb5a9c4422d6149bb469b07233a0ea591a73b46 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 20920 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:38 GMT server cloudflare etag "e8b0598527bbd215963e47b3e233e901" x-frame-options SAMEORIGIN vary Accept-Encoding content-type font/woff2 cache-control no-cache accept-ranges bytes cf-ray 8053dce97fe72c29-FRA x-amz-cf-id 2Y9wwfBckwa4JC_Y0tRPl7RHuvgcJoEMaIidJj8QdoAckaApomA5Sw==
GET H2	200	itc_avant_lt_bold.woff www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	26 KB 26 KB	169ms 164ms	Font application/x-font-woff	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/itc_avant_lt_bold.woff Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dfda8e97c19d1b57e5c77e515defcd80d7613d7b985bf58fe9abd989ccd5714a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 26424 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:32 GMT server cloudflare etag "8ab88185bca4bee0496fde06832470ac" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-font-woff cache-control no-cache accept-ranges bytes cf-ray 8053dce97fe92c29-FRA x-amz-cf-id XzG1JkyKif_NLHJdoumpPHxc0_3UBJI1dAbFbzBQ56jGfztgbBK5zA==
GET H2	200	itc_avant_medium.woff2 www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	19 KB 19 KB	193ms 188ms	Font font/woff2	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/itc_avant_medium.woff2 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4e8fdcb8768b79bd2c243c78d8c348e03fbf4627f9ef5efcc6e018c617aa61f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 19408 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:34 GMT server cloudflare etag "a8f042db7e5c85da64352b0bf42417fb" x-frame-options SAMEORIGIN vary Accept-Encoding content-type font/woff2 cache-control no-cache accept-ranges bytes cf-ray 8053dce98fea2c29-FRA x-amz-cf-id eOV11Er551fWSBsuRvd75SLemasb-ugbD5n-XbSbCeTweo806phNDg==
GET H2	200	itc_avant_medium.woff www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	24 KB 25 KB	356ms 352ms	Font application/x-font-woff	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/itc_avant_medium.woff Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cc32f757c93e1f0ead3f3c7a82abd4a1f3627ae69095466d755e0b7b24c1a64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 24868 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:11 GMT server cloudflare etag "dd3aa7f79a8b9f1180b5050369924b1d" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-font-woff cache-control no-cache accept-ranges bytes cf-ray 8053dce98feb2c29-FRA x-amz-cf-id dkHaQYgzSBlLHQefqBhsCLnMbZ05RWyyPmnRot_n_4VGa9lIanKY4A==
GET H2	200	itc_avant_garde_gothic_lt_extra_light-webfont.woff2 www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	19 KB 19 KB	456ms 451ms	Font font/woff2	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/itc_avant_garde_gothic_lt_extra_light-webfont.woff2 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5d3fc55488572a9b3887994dd1df3fb180c34fb6960f2383b064ee7b304a397 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 19716 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:36 GMT server cloudflare etag "a45078faf891a62a8200df321611aca3" x-frame-options SAMEORIGIN vary Accept-Encoding content-type font/woff2 cache-control no-cache accept-ranges bytes cf-ray 8053dce98fec2c29-FRA x-amz-cf-id -qOYzYLqUNHN4WsWZFyKntV5uZtMJ963YSj-2iLmHZrmTzS06crbCQ==
GET H2	200	itc_avant_garde_gothic_lt_extra_light-webfont.woff www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	24 KB 25 KB	149ms 145ms	Font application/x-font-woff	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/itc_avant_garde_gothic_lt_extra_light-webfont.woff Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e2fd837706dddcf705eb8f148f17035ef45ab7c7572c561b8490c72a78fb6f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 24960 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:32 GMT server cloudflare etag "01c6ac5bd7d66dc6f87830ee6e1e6518" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-font-woff cache-control no-cache accept-ranges bytes cf-ray 8053dce98fed2c29-FRA x-amz-cf-id zRbkM7camExV0JQE0klYirLqSn-6-u8Yl_sCLaE3hwsHS_wSL7wC3g==
GET H2	200	poetr-webfont.woff2 www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	18 KB 19 KB	223ms 218ms	Font font/woff2	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/poetr-webfont.woff2 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bee18ec8d387da52c83bb979a5ebfd0a81f01e4578a9217246454d7248e8e44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 9929448596fb4faec2a082aabe759212.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 18916 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:22 GMT server cloudflare etag "68c8e0697ce2d5f4478efe4145025318" x-frame-options SAMEORIGIN vary Accept-Encoding content-type font/woff2 cache-control no-cache accept-ranges bytes cf-ray 8053dce98fee2c29-FRA x-amz-cf-id cuKT_rzm-LGg7Dm27LCBAuYg0BU7S2KsRbuCshr86Q8Al-fYKrvvhA==
GET H2	200	poetr-webfont.woff www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/	24 KB 24 KB	205ms 200ms	Font application/x-font-woff	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/fonts/poetr-webfont.woff Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d561b3b5b59d01ba7eb7228cc3f9e7eb550941335bb93f9696b1ebda16debb9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.firstgroup-sa.co.za/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 f5a3dd79e879ec195790fd94291f3198.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 content-length 24292 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:27 GMT server cloudflare etag "e071b6ae8c4d4321bd7dfdd1218ebed2" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/x-font-woff cache-control no-cache accept-ranges bytes cf-ray 8053dce9b8082c29-FRA x-amz-cf-id L__44eJ9fKezoYIJzD6_fglsdf9Vemhomhz9hky0umzpctyyvtmFxQ==
GET H2	200	galaxy-helpers.js Show response www.firstgroup-sa.co.za/frontend/galaxy-helpers/public/	56 KB 21 KB	483ms 478ms	Script application/javascript	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-591fdd06-1450-4b90-8aa2-43ce03f90582 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 03 Nov 2022 06:54:59 GMT server cloudflare etag W/"ef1febd8b777272d6178f74661f8347e" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control no-cache cf-ray 8053dce9b8092c29-FRA x-amz-cf-id bq0aTRgOGGOFkZzscU00uqCSvF8oChX1ph8nlZ5JwyKYl3W_YCj-3g==
GET H2	200	jquery-3.1.1.min.js Show response www.firstgroup-sa.co.za/integration/first-hotels/public/vendor/	85 KB 31 KB	261ms 257ms	Script application/javascript	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/vendor/jquery-3.1.1.min.js Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:32 GMT server cloudflare etag W/"5b5a269bd363e0886c17d855c2aab241" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control no-cache cf-ray 8053dce9b80a2c29-FRA x-amz-cf-id Q2Tt7HVHJXj2_EHeNcOFDeuslE17Bc54y4x8-1ksw1OgbOigug2x-Q==
GET H2	200	lazysizes.min.js Show response www.firstgroup-sa.co.za/integration/first-hotels/public/vendor/	7 KB 4 KB	243ms 238ms	Script application/javascript	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/vendor/lazysizes.min.js Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06821251a29e71f8fd4f60349667c54d163b16d7bc8b1d47144c7f5042683eef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 5ca3eb318b3d637b6c83037daa75f174.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:14 GMT server cloudflare etag W/"149ff45fc6c2f13e892e438a58abb77f" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control no-cache cf-ray 8053dce9b80b2c29-FRA x-amz-cf-id ODqfOIpLv834tG6JsTp1luFQLqEOBzDYUG08hwORZmZp61oJEo_IYg==
GET H2	200	bundle-evt.min.js Show response www.firstgroup-sa.co.za/integration-shared/shared-evt/public/	14 KB 4 KB	271ms 267ms	Script application/javascript	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration-shared/shared-evt/public/bundle-evt.min.js?v93be0159edb1b68f42ec36ab9db3b90a Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21e3b91dff6fbc82e8f064bdff51a687158d9362c8b0c85d1b84cb9d8bea62e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 a6f8e4a6d80386054febd47005eabaca.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sun, 12 Jun 2022 05:30:15 GMT server cloudflare etag W/"06be9dcc973ab297fdff7ed212970025" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control no-cache cf-ray 8053dce9b80d2c29-FRA x-amz-cf-id gocyPWL7IqARScsfbJgSn4ITUaFXgRq2-Ab-WawDzH2kJwqcvFoRSA==
GET H2	200	bundle.js Show response www.firstgroup-sa.co.za/integration/first-hotels/public/js/	1 MB 324 KB	236ms 233ms	Script application/javascript	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/js/bundle.js?v93be0159edb1b68f42ec36ab9db3b90a Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d350c18850ccb96442fd9e501dfb290827f44090e10449f25ad95cd782d2d4a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 9a04c6aa4d3f25ed242a525a7658d9ac.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 13 Apr 2023 10:04:37 GMT server cloudflare etag W/"eefd778c350b63df23546d87b71e8df7" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control no-cache cf-ray 8053dce9b80e2c29-FRA x-amz-cf-id EK_-JNGZRKkCDOEJlMWS5lseXDcIqUV-OyHVn5MIHyD-M2EtuQCJ5Q==
GET H2	200	bootstrap.js Show response onboard.triptease.io/bootstrap/v6891.84388/ Redirect Chain https://onboard.triptease.io/bootstrap.js?integrationId=01FZGACC90HYFT4DTPHMABCEX6 https://onboard.triptease.io/bootstrap/v6891.84388/bootstrap.js	111 KB 34 KB	44ms 43ms	Script application/javascript	2606:4700:3033::6815:575d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onboard.triptease.io/bootstrap/v6891.84388/bootstrap.js Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Server 2606:4700:3033::6815:575d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71fa48f7b87aae09dd7e5dbc93b8342e28252fc0aa9df725926080da8e48ff36 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=15552000 content-encoding br cf-cache-status MISS x-goog-meta-git-hash 55ebac0aa9c8ae62d2c05de7f659e5ca5e14c32b nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ADPycdu3eALQv1oC_GNFCPyhkD9dFqeNvAXYtz7A9EHb6Jk7Su84jc6OTK2rPYdqtfvsMTju6HypjwgsUK0PbFanTQ1opMUu2dJt x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity x-goog-meta-build-version 6891.84388 alt-svc h3=":443"; ma=86400 last-modified Mon, 11 Sep 2023 18:00:56 GMT server cloudflare etag W/"2f69f80806319bb717b6a7a9cc3c7ab8" vary Accept-Encoding x-goog-generation 1694455256711224 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-goog-hash crc32c=eY0gdQ==, md5=L2n4CAYxm7cXtqepzDx6uA== access-control-expose-headers Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmxwlp7Lr6qCqe3grvBgCQIIDWjyzcb72fHKYTEfD%2B9WmEYUl%2BTwvo8dy6hBMAGpYMkSxpofeB2ZPdh5%2Bf8Tx6ualRsHqdhr1J8zJmoO87iwizYq0slPzY9uFRDCS5NMtx7x%2B%2FFoySf05u05H2UjGio73A%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 113574 cf-ray 8053dceedd72196a-FRA expires Tue, 10 Sep 2024 23:15:39 GMT Redirect headers date Mon, 11 Sep 2023 23:59:10 GMT strict-transport-security max-age=15552000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HpkX4Cpb%2BhxyUClhKSJfOfQuaQDdNYlU5rIE6AKvRpWxWZtEuMChJapsyVwfrxvad0S%2Bq9A%2FdhQK4SzhIEVuaFBhIk5i4%2Bl42%2FNiJHyCFhOK46UPoxBnth1ZIjHbCfZR4%2FAWfWR1oAwhf0jsSBihU3XLQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain;charset=UTF-8 location https://onboard.triptease.io/bootstrap/v6891.84388/bootstrap.js access-control-allow-origin * cache-control public, max-age=600 cf-ray 8053dced5cc5196a-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 63 alt-svc h3=":443"; ma=86400
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	193 KB 52 KB	103ms 21ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 11 Sep 2023 23:59:10 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 52127 x-xss-protection 0 pragma public x-fb-debug 93J96IeKr47u6gQExDVLtWjz4HY4Ousw4Eg+/xOggUOSZ0rfC+GTsZxRs18njzg8JAMNYh05dP86WzvJm85/3w== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	270 KB 84 KB	112ms 37ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 2a159a30d80e51aa6de10460b88621e8acb465dc756e10783ef6035c28ccd8bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85393 x-xss-protection 0 last-modified Mon, 11 Sep 2023 22:54:35 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 11 Sep 2023 23:59:10 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	328 KB 102 KB	136ms 61ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 77c1a9466b8b9f7ccc5fcd4ff7f9864e2669bcb56579bec7cfcea969ceb9e7eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 103879 x-xss-protection 0 last-modified Mon, 11 Sep 2023 22:54:35 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 11 Sep 2023 23:59:10 GMT
GET		ivIUsLAx7_s www.youtube.com/embed/ Frame 1FE2	0 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v35/	47 KB 48 KB	81ms 18ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Great+Vibes&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 00:05:03 GMT x-content-type-options nosniff age 258847 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48412 x-xss-protection 0 last-modified Tue, 02 May 2023 15:08:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 00:05:03 GMT
GET H2	200	memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 fonts.gstatic.com/s/opensans/v35/	49 KB 49 KB	19ms 19ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Great+Vibes&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.firstgroup-sa.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 21:19:25 GMT x-content-type-options nosniff age 182385 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50440 x-xss-protection 0 last-modified Tue, 02 May 2023 15:13:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 21:19:25 GMT
POST H/1.1	200 OK	721 Show response dynamic.travelclick-websolutions.com/view/	2 KB 2 KB	640ms 353ms	XHR application/json	195.244.31.25 IGUANA-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://dynamic.travelclick-websolutions.com/view/721 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/integration/first-hotels/public/js/bundle.js?v93be0159edb1b68f42ec36ab9db3b90a Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US), Reverse DNS xo7-viplb-01-new.ny.ig-1.net Software Apache / Resource Hash 1708524704e7635db0456d8b0d69c0b7ad1f32602c18cc2ccac6134a55d76ecc Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept */* Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Mon, 11 Sep 2023 23:59:11 GMT Content-Encoding gzip Strict-Transport-Security max-age=15768000 Server Apache Vary Accept-Encoding Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type application/json Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate X-Real-Hostname xo7-web-05 Content-Length 908 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET		ivIUsLAx7_s www.youtube.com/embed/ Frame 32E3	0 0
GET		ivIUsLAx7_s www.youtube.com/embed/ Frame E3B5	0 0
GET H2	200	ivIUsLAx7_s Show response www.youtube.com/embed/ Frame EEDB	87 KB 38 KB	88ms 87ms	Document text/html	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/integration/first-hotels/public/js/bundle.js?v93be0159edb1b68f42ec36ab9db3b90a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4c65ddcd2abc7eb2048d2a0108d4a192e0105ca4e3dd81d502cf81fb4ec21b31 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firstgroup-sa.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Mon, 11 Sep 2023 23:59:11 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H3	200	dropdown-arrow2.svg www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/	396 B 708 B	168ms 167ms	Image image/svg+xml	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/dropdown-arrow2.svg Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/css/custom/721/47/main/2075e48fadcfffc43106ba000870852b/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67048f24f9e15b8d779c632b86d09c4d9c9bb887a3142132bbb5f103e5163e11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/css/custom/721/47/main/2075e48fadcfffc43106ba000870852b/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 f580bae666598e3f09a5ffd24b286bae.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:33 GMT server cloudflare etag W/"51cd4cc2e178cdd8a0860500f595e434" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control no-cache cf-ray 8053dcee7c362c1a-FRA x-amz-cf-id snBwYosiN4pKP0rs88NQ-Q8wF5S9D08yHT588hFKUh1Yl6LZsjS_og==
GET H2	200	1547472146-5c3c8d1283504-thumb.png image-tc.galaxy.tf/wipng-eru188k0utdnkajd713ojlvek/	5 KB 6 KB	604ms 495ms	Image image/png	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wipng-eru188k0utdnkajd713ojlvek/1547472146-5c3c8d1283504-thumb.png?width=166 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ff63be0f3ff1d88d1a3de3f0115d9593a43ac04b6e0dcb5f4b1846d9767e105 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT x-amz-version-id ncbrqonI0SHC9I2p4rJ2ZhgOPt215c08 x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 content-length 5202 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 21 Jun 2023 15:27:46 GMT server cloudflare etag "dcbe9cc734262c7cc70455499277c037" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/png access-control-allow-origin * cache-control no-cache vary Accept-Encoding accept-ranges bytes cf-ray 8053dcef89fd9b86-FRA x-amz-cf-id iQo1DdqCeqdVbG-ZmaOwkci5RUuhUwxSnynkgrF-wDtqBwzYNu4URA==
GET H2	200	www-player.css www.youtube.com/s/player/7ee36b0e/ Frame EEDB	383 KB 48 KB	19ms 18ms	Stylesheet text/css	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/7ee36b0e/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ebd9916f73aea2ae814451af5fa1ce5fad205d534409877fd10bd6ffb43dd3c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 22:50:07 GMT content-encoding br x-content-type-options nosniff age 4144 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49339 x-xss-protection 0 last-modified Tue, 05 Sep 2023 01:11:43 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 10 Sep 2024 22:50:07 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/ Frame EEDB	314 KB 94 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 785272c9b1033897a81797962645fa74e7da0c63dd7208bae2ef171ecba275ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:06:06 GMT content-encoding br x-content-type-options nosniff age 3185 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 96199 x-xss-protection 0 last-modified Tue, 05 Sep 2023 01:11:43 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 10 Sep 2024 23:06:06 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame EEDB	2 MB 778 KB	55ms 55ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0c9a8bf4daf539463f609b2d8c45c1f138658dfdb9f6b776f2a20da40c92e152 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Wed, 06 Sep 2023 22:42:17 GMT content-encoding gzip x-content-type-options nosniff age 436614 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 796229 x-xss-protection 0 last-modified Tue, 05 Sep 2023 01:11:43 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 05 Sep 2024 22:42:17 GMT
GET H2	200	2351337388229475 Show response connect.facebook.net/signals/config/	147 KB 38 KB	82ms 82ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2351337388229475?v=2.9.125&r=stable&domain=www.firstgroup-sa.co.za Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7c70b408671f39183a571b84a5bd91283d2dbb36dd6000cbe50182c775c053a8 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 11 Sep 2023 23:59:11 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 8OeXvw/EGjBYUzrL3X0jj/VwF9Gn0euGUbp0bBD/yUAQteO0c0U1e+RiNxFkiQTxaVOwdvMZHunoeJImQG2ZAA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame EEDB	15 KB 15 KB	21ms 20ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 02:58:03 GMT x-content-type-options nosniff age 248468 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 02:58:03 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame EEDB	15 KB 15 KB	22ms 21ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 05:51:22 GMT x-content-type-options nosniff age 238069 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 05:51:22 GMT
GET H3	200	main.js Show response www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/ Frame 8075 Redirect Chain https://www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/scripts/jsd/main.js https://www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js	7 KB 3 KB	40ms 39ms	Script application/javascript	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1063d22232ac7a9142653a890482b4695b9672414484a55ab0d2bdca86fcb228 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br x-content-type-options nosniff server cloudflare vary accept-encoding content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public cf-ray 8053dcefbd202c1a-FRA alt-svc h3=":443"; ma=86400 Redirect headers date Mon, 11 Sep 2023 23:59:11 GMT server cloudflare vary accept-encoding access-control-allow-origin * location /cdn-cgi/challenge-platform/h/b/scripts/jsd/8827f912/main.js cache-control max-age=300, public cf-ray 8053dcef5ccb2c1a-FRA alt-svc h3=":443"; ma=86400
OPTIONS H2	200	892284 api.tsa-db.com/v1/data/BID/ Frame	0 0	93ms 22ms	Preflight application/json	2600:9000:223f:1a00:16:41f8:18c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.tsa-db.com/v1/data/BID/892284 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:1a00:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.firstgroup-sa.co.za Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent access-control-allow-methods OPTIONS,GET access-control-allow-origin * access-control-max-age 86400 age 6997 cache-control max-age=86400, s-maxage=86400, proxy-revalidate content-length 0 content-type application/json date Mon, 11 Sep 2023 22:02:34 GMT via 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront) x-amz-apigw-id LHMzQF_3DoEFdAA= x-amz-cf-id pXl6yVEvJliA8C5nRFXj_-qV8CTIU5qpCkXhyuamuf69rIWIamYsGw== x-amz-cf-pop FRA56-P5 x-amzn-requestid 6119fc07-3fe3-4631-a86f-762e475bf306 x-cache Hit from cloudfront
GET H2	200	892284 Show response api.tsa-db.com/v1/data/BID/	681 B 1 KB	120ms 120ms	XHR application/json	2600:9000:223f:1a00:16:41f8:18c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.tsa-db.com/v1/data/BID/892284 Requested by Host: dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com URL: https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:1a00:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 203bc53a79ede5a76afd9a243c8a80f2f5fbf467d5f11b6b6626ffbbbb8b81fe Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json Response headers date Mon, 11 Sep 2023 23:59:11 GMT via 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-amzn-trace-id Root=1-64ffa9cf-440e2915509ab72a1fcb6045;Sampled=0;lineage=688c80a0:0 x-amzn-requestid 6be1fd2f-6c68-4e9c-a188-dbbe00c84762 x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-amz-apigw-id LHd4dETdjoEFrYQ= content-length 681 x-amz-cf-id h979vOo3RgSv4ufr4ocJkhZGqZnpIAbtAekA_qhh_xsJjhO9HmV3yQ==
GET H2	200	optimize.js Show response www.googleoptimize.com/	134 KB 52 KB	599ms 34ms	Script application/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleoptimize.com/optimize.js?id=OPT-KZT9Z7N Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1752177aeaa976780e76a3bc1e8697a88e84e6be68601fba64b4e8efb64850a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 52545 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 11 Sep 2023 23:59:11 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	69ms 18ms	Script text/javascript	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 11 Sep 2023 23:44:21 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 890 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 12 Sep 2023 01:44:21 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/684551382/	3 KB 2 KB	86ms 32ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/684551382/?random=1694476751280&cv=11&fst=1694476751280&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&ref=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&hn=www.googleadservices.com&frm=0&tiba=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&auid=1325536023.1694476751&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1b5a8ac9089ca3b3cd7a82cd9e747d9991dde3312025f7815b4f7cc36fbeea98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1388 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/684551679/	3 KB 2 KB	102ms 48ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/684551679/?random=1694476751284&cv=11&fst=1694476751284&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&ref=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&hn=www.googleadservices.com&frm=0&tiba=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&auid=1325536023.1694476751&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 376ccf3a5bf3fe067388210bd303b89b81ed2a410bcfafdf1d45af366d8c9aa1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1390 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	hotjar-3449617.js Show response static.hotjar.com/c/	10 KB 4 KB	101ms 49ms	Script application/javascript	18.66.97.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3449617.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-49.fra56.r.cloudfront.net Software / Resource Hash cde96e86c09abbf36183ce0a361f540f66e4bc4d82a76c7ef6ddfe992bace071 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/50f7961de9f446e4d99c25a307abb4b0 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id 9rV5_KUN7pgds_230affCGj5fQRvFgWbvmxD7bOH3t_6OMvNTyCwvg==
GET H2	200	1004973-10041242.js Show response cdn-4.convertexperiments.com/js/	273 KB 74 KB	102ms 47ms	Script application/javascript	2a02:26f0:480:b9e::14a9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-4.convertexperiments.com/js/1004973-10041242.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:b9e::14a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 738402656090049d6135ec6d293ce8dd2b3c7543531eb25025a5fb9ecdb7d06e Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers content-type application/javascript date Mon, 11 Sep 2023 23:59:11 GMT content-encoding gzip cache-control public, max-age=300 vary Accept-Encoding expires Tue, 12 Sep 2023 00:04:11 GMT
GET H3	200	kernel-host.html Show response onboard.triptease.io/kernel/v6891.84388/ Frame 4CE6	57 KB 19 KB	217ms 160ms	Document text/html	2606:4700:3033::6815:575d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onboard.triptease.io/kernel/v6891.84388/kernel-host.html?originHost=www.firstgroup-sa.co.za Requested by Host: onboard.triptease.io URL: https://onboard.triptease.io/bootstrap.js?integrationId=01FZGACC90HYFT4DTPHMABCEX6 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:575d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b70aa4a4f9a0d850d502d619fcc6cd02e08faa19b6fae77d2c7252124e4b557e Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://www.firstgroup-sa.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * access-control-expose-headers Content-Type alt-svc h3=":443"; ma=86400 cache-control public, max-age=31536000 cf-cache-status MISS cf-ray 8053dcf049292c22-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 11 Sep 2023 23:59:11 GMT expires Tue, 10 Sep 2024 23:59:11 GMT last-modified Mon, 11 Sep 2023 18:01:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWwd0yeTUx145PYVfdVIG8kwUwe2kfFbtcO2uG5jePvaCBIxuCiDFd3g5Lm3Gg5SW97ZBpN1WeW8LbK49FDUwJQYK2LJYUQ%2BScjum%2BgIHOvL9eTF%2FO%2FSFlG6EhdVWlYvEXbjg%2BWNZQjbadlAmbmRZcYs%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000 vary Accept-Encoding x-goog-generation 1694455261723695 x-goog-hash crc32c=SihOOw== md5=VAmrY2PME741opQViXkKNA== x-goog-meta-build-version 6891.84388 x-goog-meta-git-hash 55ebac0aa9c8ae62d2c05de7f659e5ca5e14c32b x-goog-metageneration 2 x-goog-storage-class MULTI_REGIONAL x-goog-stored-content-encoding identity x-goog-stored-content-length 58557 x-guploader-uploadid ADPycdsG9DJbVLj_th6VSKNzAqAi4-UcTl1Jm9Iu_JDVz7Cpj7bkxJtrqpHNi4zQj5OOzfsRh9CXWOcEtySuX1A_LM1THg
GET H3	200	831287870643310 Show response connect.facebook.net/signals/config/	136 KB 35 KB	81ms 81ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/831287870643310?v=2.9.125&r=stable&domain=www.firstgroup-sa.co.za Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash fe4991afb042e7bba6b045a0bbc6cad7a604b96875c13d9732f771c718f70102 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 11 Sep 2023 23:59:11 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug xVMquYET1BJKhdGCcoGnue3WnmNwmDnGD+COTh8ijXK9dRSTxAE1CuJz5vfgo5Tynv7qfEE8VP9Qa17PWN36Hw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	61ms 18ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2351337388229475&ev=PageView&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F%23msdynttrid%3D273P3ZtUEu4mVTs48Q0OZ-eePeoW-xPgS4apyt-m1YE&rl=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&if=false&ts=1694476751383&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.2.1694476751381.1869642374&cs_est=true&it=1694476751220&coo=false&rqm=GET Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 11 Sep 2023 23:59:11 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/tr/	0 31 B	62ms 19ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2351337388229475&ev=PageView&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F%23msdynttrid%3D273P3ZtUEu4mVTs48Q0OZ-eePeoW-xPgS4apyt-m1YE&rl=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&if=false&ts=1694476751385&sw=1600&sh=1200&v=2.9.125&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.2.1694476751381.1869642374&cs_est=true&it=1694476751220&coo=false&tm=1&rqm=GET Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 11 Sep 2023 23:59:11 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	1547536711-5c3d89471192b-thumb.png image-tc.galaxy.tf/wipng-2o56s8th6a834tehxg7zey9li/	17 KB 17 KB	551ms 551ms	Image image/png	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wipng-2o56s8th6a834tehxg7zey9li/1547536711-5c3d89471192b-thumb.png?width=220 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82459c87ed7d203946353ab51cd4ad241e28cdbd58a183ac3f89e4a5abe10b56 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT x-amz-version-id DFwGeY9E9DA69.06wL_NNXBnAtjsaTQZ x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cf-cache-status DYNAMIC x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400 content-length 17391 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 14 Sep 2021 14:50:11 GMT server cloudflare etag "6ae3384a75a7c8eccb6d6c174a0a0f86" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/png access-control-allow-origin * cache-control no-cache vary Accept-Encoding accept-ranges bytes cf-ray 8053dcf03a489b86-FRA x-amz-cf-id 60u4IhfJ7SgJyX-aRhx7LEE1MWpEDilvjXDFzYTwB_9PW9NH0ERl3A==
POST H3	200	8053dce8af942c29 Show response www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 8075	0 278 B	53ms 53ms	XHR text/plain	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/h/b/jsd/r/8053dce8af942c29 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/cdn-cgi/challenge-platform/scripts/jsd/main.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br server cloudflare cf-ray 8053dcf12dcb2c1a-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8
GET H2	200	js Show response www.googletagmanager.com/gtag/	234 KB 82 KB	33ms 33ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7b705498ccee442982ee60ebc2ac47ad8008ca9237758939cd870a97f1fc9ffb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83567 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 11 Sep 2023 23:59:11 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	243 KB 84 KB	38ms 38ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LP9ZQF3SMX&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9Q4XPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 494aa9ea531b5b7d7abec1b66d66db43cff762eea9f16e05a679489deeb4c20a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 86015 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 11 Sep 2023 23:59:11 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/684551382/	42 B 108 B	89ms 43ms	Image image/gif	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/684551382/?random=1694476751280&cv=11&fst=1694473200000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&ref=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&frm=0&tiba=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&fmt=3&is_vtc=1&random=635912577&rmt_tld=0&ipr=y Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/684551382/	42 B 455 B	90ms 42ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/684551382/?random=1694476751280&cv=11&fst=1694473200000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&ref=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&frm=0&tiba=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&fmt=3&is_vtc=1&random=635912577&rmt_tld=1&ipr=y Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/684551679/	42 B 455 B	76ms 30ms	Image image/gif	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/684551679/?random=1694476751284&cv=11&fst=1694473200000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&ref=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&frm=0&tiba=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&fmt=3&is_vtc=1&random=3193765977&rmt_tld=0&ipr=y Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/684551679/	42 B 108 B	90ms 42ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/684551679/?random=1694476751284&cv=11&fst=1694473200000&bg=ffffff&guid=ON&async=1&gtm=45He3960&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&ref=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&frm=0&tiba=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&fmt=3&is_vtc=1&random=3193765977&rmt_tld=1&ipr=y Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame EEDB Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	29ms 29ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Protocol H3 Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 68a63a56ae039041142fa694627b6ad3d248b316e0bb2d7ecf17289d0c7996c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 11 Sep 2023 23:59:11 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame EEDB	29 B 495 B	80ms 31ms	Script text/javascript	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:49:40 GMT x-content-type-options nosniff age 571 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Sep 2023 00:04:40 GMT
GET H2	200	modules.2de3322c0609a6da3702.js Show response script.hotjar.com/	223 KB 55 KB	74ms 29ms	Script application/javascript	52.222.236.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.2de3322c0609a6da3702.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3449617.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-74.fra56.r.cloudfront.net Software / Resource Hash 1b748e9d9549bab031329819b84d9c82cc1f7221838d4dec7ee9ca49a88f4fde Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 07:34:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 59105 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55652 last-modified Mon, 11 Sep 2023 07:33:49 GMT etag "e084316b47ad4330caa9251c5113b0ca" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 5tcqj57HmFgTnXCAPBV61r4s5u6tGT-S9ruzzoyvjR2dD0AEhNY6MQ==
POST H2	200	log logs.convertexperiments.com/	2 B 172 B	113ms 27ms	Ping application/json	35.156.79.165 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://logs.convertexperiments.com/log Requested by Host: dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com URL: https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.79.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-79-165.eu-central-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.firstgroup-sa.co.za date Mon, 11 Sep 2023 23:59:11 GMT access-control-allow-credentials true server nginx/1.20.0 content-length 2 content-type application/json; charset=utf-8
POST H2	200	/ 10041242.metrics.convertexperiments.com/log-rep/	2 B 172 B	116ms 23ms	Ping application/json	35.156.79.165 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://10041242.metrics.convertexperiments.com/log-rep/ Requested by Host: dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com URL: https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.79.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-79-165.eu-central-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.firstgroup-sa.co.za date Mon, 11 Sep 2023 23:59:11 GMT access-control-allow-credentials true server nginx/1.20.0 content-length 2 content-type application/json; charset=utf-8
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	87ms 27ms	Preflight text/html	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Mon, 11 Sep 2023 23:59:11 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EEDB	67 KB 31 KB	35ms 34ms	XHR application/json+protobuf	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b3ca3c4bb9963857fc322d5b1c372a91939fae4e229b031bb138473e3e9863d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31627 x-xss-protection 0
POST H3	200	player Show response www.youtube.com/youtubei/v1/ Frame EEDB	73 KB 29 KB	197ms 196ms	XHR application/json	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 5f2f9b68a5548f5d0226862696a3ef858caa0cceb8e27fd7c0b9741f302ed72d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-Youtube-Bootstrap-Logged-In false accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20230904.00.00 X-Goog-Visitor-Id CgtmNnJZQnhpM3FoVSjP0_6nBjIGCgJERRIA Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29723 x-xss-protection 0 expires Mon, 11 Sep 2023 23:59:11 GMT
GET H2	200	uYrDajN49LkAebaqbjbg8XXjHxUCwTPASG4AHdFApZI.js Show response www.google.com/js/th/ Frame EEDB	37 KB 15 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/uYrDajN49LkAebaqbjbg8XXjHxUCwTPASG4AHdFApZI.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b98ac36a3378f4b90079b6aa6e36e0f175e31f1502c133c0486e001dd140a592 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Wed, 06 Sep 2023 05:07:14 GMT content-encoding br x-content-type-options nosniff age 499917 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14651 x-xss-protection 0 last-modified Mon, 28 Aug 2023 10:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 05 Sep 2024 05:07:14 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame EEDB	49 KB 15 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4dcfd138ab21b6f3679e81114be6f752b478552c6e8c39af2c1436e49865841 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 11:27:58 GMT content-encoding br x-content-type-options nosniff age 45073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15596 x-xss-protection 0 last-modified Tue, 05 Sep 2023 01:11:43 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 10 Sep 2024 11:27:58 GMT
GET H2	200	/ www.facebook.com/tr/	0 31 B	23ms 22ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=831287870643310&ev=PageView&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F%23msdynttrid%3D273P3ZtUEu4mVTs48Q0OZ-eePeoW-xPgS4apyt-m1YE&rl=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&if=false&ts=1694476751729&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.2.1694476751381.1869642374&it=1694476751220&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Mon, 11 Sep 2023 23:59:11 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	swiper.min.css cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/css/	17 KB 3 KB	99ms 37ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/css/swiper.min.css Requested by Host: cdn-4.convertexperiments.com URL: https://cdn-4.convertexperiments.com/js/1004973-10041242.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c9917ae6f29de0ba5c6606ea4d7bae6a7072f6b08fc90ddf9cfc09027b07ee Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3045760 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2436 last-modified Thu, 22 Jun 2023 10:42:56 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "649425b0-984" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3vMmrJF%2BpmeveNQr4G1P4ffr7xXEwkHv%2F%2BNusNfBcGmagVXS%2BlgffQFp%2Fy3Xr3JOH8KxAkCzUltH1Bap09TmT%2BA7prRHwkQkN4Hj%2FRhdnPnbfZiBMDnCF8hDwO32feWLsKK%2FU7%2FMVPy%2Fu7sOUpbfrFl"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8053dcf31bea1c22-FRA expires Sat, 31 Aug 2024 23:59:11 GMT
GET H2	200	swiper.min.js Show response cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/js/	95 KB 21 KB	96ms 35ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.1/js/swiper.min.js?_=1694476750972 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/integration/first-hotels/public/js/bundle.js?v93be0159edb1b68f42ec36ab9db3b90a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 00792ef04b29d7cbd5110cea7e934b63b774145c63defbc66d3df9bd1023ff63 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3045995 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 20430 last-modified Thu, 22 Jun 2023 10:42:56 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "649425b0-4fce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igC0mILNl8vBUsb8WCRei45MCU3R1s4FiVogZh%2FRsdMO4JImEED%2FuklAKzyAfF3zXTBf6c4md9FSB9pMdZ73PU4uhmMr56ivU1Gnq9GUYOA2Ngr0MVyo9QUMK1As0o%2BMcaZ%2FrLgXAsLZ1zKCCPAVsOdt"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8053dcf31beb1c22-FRA expires Sat, 31 Aug 2024 23:59:11 GMT
GET H3	200	kernel.js onboard.triptease.io/kernel/v6891.84388/ Frame 4CE6	63 KB 21 KB	39ms 38ms	Other application/javascript	2606:4700:3033::6815:575d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onboard.triptease.io/kernel/v6891.84388/kernel.js? Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:575d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7709a3a753368dd902babe99c18fe83e46687d7a96f243d0106e61636dd0b757 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-DE,de;q=0.9 Referer https://onboard.triptease.io/kernel/v6891.84388/kernel-host.html?originHost=www.firstgroup-sa.co.za User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=15552000 content-encoding br cf-cache-status HIT x-goog-meta-git-hash 55ebac0aa9c8ae62d2c05de7f659e5ca5e14c32b nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 20686 x-guploader-uploadid ADPycdvKLr5ThtQbfsdOjN6sa7Z-OMNJpdWfzEdbE9P_04nIq8Vm-0pPRFkDotzyRNV663746dLTOC2T0axUpKpXwvrDMjpisZq8 x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity x-goog-meta-build-version 6891.84388 alt-svc h3=":443"; ma=86400 last-modified Mon, 11 Sep 2023 18:01:01 GMT server cloudflare etag W/"6cd4c807ea049a864151829f60ca17b2" vary Accept-Encoding x-goog-generation 1694455261716415 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-goog-hash crc32c=OPvndg==, md5=bNTIB+oEmoZBUYKfYMoXsg== access-control-expose-headers Content-Type cache-control public, max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdBWFH3BHllREtXCJ%2B%2B04uIt63amzilYUBcnFVjiKtwy6l4gl5DeNmiAunvBW9NNk8CL4%2FqSFeXY%2BKdVau5n5%2BO5XkROz2YG5YO0O9YDT%2B9D09G2VRrm9iteplzbKmxw5TVGGA2usFiXoW0uyfJVMaduoA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 64617 cf-ray 8053dcf2da982c22-FRA expires Tue, 10 Sep 2024 18:14:23 GMT
GET H3	200	calendar.svg www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/	491 B 686 B	174ms 172ms	Image image/svg+xml	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/calendar.svg Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70bf367f8a864b1ffff64191ae85b7f6bd66f5127b7acdaa73db9e4e46c8981a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 480845f7432fb94c1c6d81f7845a67fe.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:13 GMT server cloudflare etag W/"2f714d01df95c551b9ab4b6e5ea28175" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control no-cache cf-ray 8053dcf2fe9b2c1a-FRA x-amz-cf-id wd0g2F6M9OtmlXK-A5FYL8qbCIE0co4N8Uge0GTC1xSLs0Hjif0wLA==
GET H3	200	bed.svg www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/	1 KB 927 B	185ms 183ms	Image image/svg+xml	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/bed.svg Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd49b929d9d8836eb1f57feb264259aaafc6c6a0ba9cfb9b803150f040814f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:32 GMT server cloudflare etag W/"9fda7d9765c377fcb092ef755a545920" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control no-cache cf-ray 8053dcf2fe9c2c1a-FRA x-amz-cf-id wiE4sZEJ8SqBeXwfZgc62u0enQnB0lmFZx7hVVchOAcjkvwafRRCDg==
GET H3	200	minus2.png www.firstgroup-sa.co.za/integration/first-hotels/public/images/	141 B 550 B	184ms 182ms	Image image/png	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/minus2.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81ee91b271d16e2cfce70838aae0a41831cc99e8ffa7c070c021e9d803b5b03a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 141 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:26 GMT server cloudflare etag "46201ff060cf4e3609f7dbad20bf7534" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png cache-control no-cache accept-ranges bytes cf-ray 8053dcf2fe9d2c1a-FRA x-amz-cf-id DjcjQmCbNmlVirfTw2TFD701MwebY6Q1X_5TQReN-HdNvGeKGxnvrQ==
GET H3	200	plus2.png www.firstgroup-sa.co.za/integration/first-hotels/public/images/	292 B 699 B	131ms 129ms	Image image/png	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/plus2.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dadd2fe93bedffecaca7fed58fd74af66da5fefff858b48cb2d45494236f4d4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 292 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:12 GMT server cloudflare etag "81ed7bc1309fce5cd1b0c43e40a61b2d" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png cache-control no-cache accept-ranges bytes cf-ray 8053dcf2fe9e2c1a-FRA x-amz-cf-id aWgjUArYyr_0zxC5oLv7N9m3eyZ0XvHLb57SqN8Rf6SrW7BfcGaW0Q==
GET H3	200	adult.svg www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/	504 B 709 B	178ms 177ms	Image image/svg+xml	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/adult.svg Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0854d432df5634f3e1bcba1668e56d8de1e0cb55ede3a6bbcee97b463b06df9e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:11 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 content-encoding br x-cache RefreshHit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:13 GMT server cloudflare etag W/"32626b48f6cec679f75b8c37a10e3dbd" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control no-cache cf-ray 8053dcf2fe9f2c1a-FRA x-amz-cf-id Z9Aii5ZDmHSu06UdM6LEpnH7hOxANzFaVJ9haGEFPq0XVN57g0zpcw==
POST H2	204	collect region1.google-analytics.com/g/	0 260 B	72ms 26ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je3960&_p=10399833&cid=237506692.1694476752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694476751&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&dr=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&dt=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&en=page_view&_fv=1&_nsi=1&_ss=1&ep.hotel_name=not_applicable&ep.hotel_id=not_applicable&ep.hotel_bid=892284&ep.hotel_brand_name=First%20Group%20Management%20MB&ep.hotel_chain_id=not_applicable&ep.hotel_city=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_sub_brand_name=not_applicable&ep.hotel_tc_region=not_applicable&ep.hotel_booking_engine=not_applicable&ep.page_has_tvs=no&ep.page_language=en&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.site_cms=galaxy&ep.site_galaxy_product=custom&ep.site_tvs=tvs_yes&ep.hotel_property_type=group_property&ep.hotel_star_rating=not_applicable&ep.hotel_room_types_count=not_applicable&epn.site_number_of_languages=1&ep.site_global_product=web&ep.page_content_group=not_applicable&ep.site_be_version=be4&epn.page_tvs_videos_count=0&up.user_logged_in=no Requested by Host: dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com URL: https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.firstgroup-sa.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	26ms 26ms	Preflight text/html	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Mon, 11 Sep 2023 23:59:11 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EEDB	90 B 134 B	31ms 31ms	XHR application/json+protobuf	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 606afdba01bb3ecfb5080e262e0781abf48788e806d0b961969c64a24bc3d6f9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 11 Sep 2023 23:59:11 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	28ms 27ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-LP9ZQF3SMX&gtm=45je3960&_p=10399833&cid=237506692.1694476752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694476751&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&dr=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&dt=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&en=page_view&_fv=1&_ss=1&ep.page_subsection=not_applicable&ep.page_language=en&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_brand_name=not_applicable&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&up.user_logged_in_session=no Requested by Host: dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com URL: https://dd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com/t/t/n601bxJgssLdbs4sbdo4e8YqXeDlEG0Kgq4fzixxPKEx/AVeoDQWS60rFNIhfT3JO10LjvtHk4sCehVP3ZrxYXRwx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.firstgroup-sa.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	image-northwest.png crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	119 KB 0	593ms 208ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/image-northwest.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Sat, 20 May 2023 07:58:28 GMT Server AmazonS3 x-amz-request-id PK1R6NSX2M5GJQHQ ETag "de9ce20048668d9b28753e1d493ccfbf" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 1081274 x-amz-id-2 USExrdOA1zUAsl5coIdkK+JgmwGCGosTASB67BK3IBvojcFb+5z5HMvSN5w9VlD1ihrMhHw0HKA=
GET H/1.1	200 OK	image-kzn.png crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	118 KB 0	601ms 213ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/image-kzn.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Sat, 20 May 2023 07:58:27 GMT Server AmazonS3 x-amz-request-id PK1PRR00V6MJM0F0 ETag "e68f88725f99deaf8fbb43de5b7e8a51" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 1110493 x-amz-id-2 8rCuWjYKaSfkUXTMVnJuNsiy3gEMu7e5+Atjm1BI6P4Xmt03r/VutgpSMl67UoeaH4zmiToUGK8=
GET H/1.1	200 OK	img-kzn-north.png crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	101 KB 0	768ms 199ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/img-kzn-north.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Sat, 20 May 2023 07:58:27 GMT Server AmazonS3 x-amz-request-id PK1QVB7P0DA610R5 ETag "128ab376115a33abb96cfa0fa46e85f6" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 772521 x-amz-id-2 Di2GT93GIIjuyY/xdr3KdWnQg+iv46gZgzCfushjina4Tk/oxRWM0f4YKFPi8+HlT2TQjnQC7Z4=
GET H/1.1	200 OK	img-wc.png crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	55 KB 0	920ms 204ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/img-wc.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Sat, 20 May 2023 07:58:26 GMT Server AmazonS3 x-amz-request-id PK1HGB10JF3KVF25 ETag "a3154ce144f293c3a825224f845fdc3d" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 1231702 x-amz-id-2 U0HKcEf5POFOJwoKEN6YzF/So4Tb4t1dRXfrRNekUUTuOAgKysRWUza+NForn4wM5ZaFfxHGf8Q=
GET H/1.1	200 OK	img-kzn-south.png crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	33 KB 0	936ms 196ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/img-kzn-south.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Sat, 20 May 2023 07:58:25 GMT Server AmazonS3 x-amz-request-id PK1SPVMGYJF59Y98 ETag "81335bb4e94ffe4fc8dc9b7c25ee9243" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 771269 x-amz-id-2 tCHzHrb5j1QUtHyy62GpRXMy7er6iV9tBOQyL2YsH1aj0njrkdksm6A+OWdpjoSfc+VRT0fYOLc=
GET H/1.1	200 OK	img-namibia.png crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	36 KB 0	965ms 210ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/img-namibia.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Sat, 20 May 2023 07:58:24 GMT Server AmazonS3 x-amz-request-id PK1T2QHX05FV5B1V ETag "de9ce20048668d9b28753e1d493ccfbf" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 1081274 x-amz-id-2 B9x383d8csLJgL3NUyC0yJn06dqzyH/L8kIatvzt9JrBt+Kc2GkL4wfPkmt8O0oUd7h7HqhFOBI=
GET		img-eastercape.png crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	0 0
GET H/1.1	200 OK	fg-icon-4.png crpimagebucket.s3.af-south-1.amazonaws.com/	34 KB 34 KB	527ms 180ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fg-icon-4.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 6189a3e875798b48a2aff20850cc045c4f13c714a801df8130819228595fe37f Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Wed, 12 Jul 2023 18:50:43 GMT Server AmazonS3 x-amz-request-id PK1P6GCHCNPBZJ98 ETag "b4d9294108d31835b0d2b62956b5055f" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 34737 x-amz-id-2 LAYL11O2hIYrtuy2eAVzvwGhrSCI78+Yuw9ifLPAzSvyLh6ZfqKeakAbCbSvUaaM0MlVivRz0gU=
GET H/1.1	200 OK	fg-icon-3.png crpimagebucket.s3.af-south-1.amazonaws.com/	38 KB 39 KB	560ms 206ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fg-icon-3.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 7187324394cdd90e7af3d8288d741d4e6abd9ca9d881a9d4dc004880b05d56b4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Wed, 12 Jul 2023 18:50:43 GMT Server AmazonS3 x-amz-request-id PK1STJ3H4XKJGN50 ETag "0c96ad303cca158166ff74e17ab2c16e" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 39228 x-amz-id-2 ZqdppOEjFp3mDSCREl346ujjbP6zMttDjuM6biG+chAA1l2Ueavm4ha0EnLp5R0o/6vOLCDmqrU=
GET H/1.1	200 OK	fg-icon-2.png crpimagebucket.s3.af-south-1.amazonaws.com/	21 KB 22 KB	547ms 195ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fg-icon-2.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash b4211cdc39964bfc88e6d753bba82c5714b3eb7077f2df4afb523971bac804a1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Wed, 12 Jul 2023 18:50:44 GMT Server AmazonS3 x-amz-request-id PK1MBWSZS7DN2WV9 ETag "0950a2769cb5bf6ffdef52814ec19971" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 21773 x-amz-id-2 KfCv0+ePdjOKmOJpN5v8o6Pi0jzdnxYO8Kt0LeEqc2w0YTAs0gkXm/0xg+42SnKARh9qk5aaxlU=
GET H/1.1	200 OK	fg-icon-1.png crpimagebucket.s3.af-south-1.amazonaws.com/	16 KB 16 KB	544ms 197ms	Image image/png	52.95.180.50
General Check archive.org Show headers Download Go to Show image Full URL https://crpimagebucket.s3.af-south-1.amazonaws.com/fg-icon-1.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.180.50 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 5bd577e488488216796fb0c3f962f4c49f25299c5404ed1c51ba896213d0f35b Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:13 GMT Last-Modified Wed, 12 Jul 2023 18:50:44 GMT Server AmazonS3 x-amz-request-id PK1GFY602XWK7S02 ETag "0dcfd8c7e7f70346426443047fcc8077" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 16330 x-amz-id-2 1UGEJ8JXWzv+yg4A+9GP9ri8t3FSSv3P+D2Uoa4gaUADuRoGdiy3hVDiq0sdDzTeXmGLwJahPg0=
GET H2	200	first-resorts_logo.svg image-tc.galaxy.tf/wisvg-4m6yt5wuiu9svu0z84gd1865b/	41 KB 24 KB	499ms 497ms	Image image/svg+xml	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wisvg-4m6yt5wuiu9svu0z84gd1865b/first-resorts_logo.svg?width=300 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d07bfa00d1f9d04ac74c4e9111a7f8c5476ac28ea4fdf1e31bb40752245790c Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id oSDYTGeIIEiqbV0brshL4KYyeEJTWEnt x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 content-encoding br x-cache Miss from cloudfront cf-cache-status DYNAMIC x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sun, 05 Dec 2021 19:11:47 GMT server cloudflare etag W/"4dfa5ec8111fe122e18ab1da6ed7c61f" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/svg+xml access-control-allow-origin * cache-control no-cache vary Accept-Encoding cf-ray 8053dcf3cbc69b86-FRA x-amz-cf-id bhZyXq5IBck9P25l5yb948dLZpXkr6zFWzeiXcE_muyI5J60LjpUtg==
GET H3	200	close.png www.firstgroup-sa.co.za/integration/first-hotels/public/images/	3 KB 3 KB	149ms 148ms	Image image/png	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/close.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6f096aff0b42de211cfa97c74df6dab72fc336b06eaab72d712ab7d41e66064 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 9a04c6aa4d3f25ed242a525a7658d9ac.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 3090 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 17 Sep 2021 12:35:38 GMT server cloudflare etag "d82a031e66a9d559cb1cab2207e2b3a4" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/png cache-control no-cache accept-ranges bytes cf-ray 8053dcf3cefc2c1a-FRA x-amz-cf-id xz7b0uCIH0zju9nbTzoFrO8Ptf05YFQSavMSdH8t6R3sTpKK-B2Hdw==
GET H2	200	first-apartments-chalets_logo.svg image-tc.galaxy.tf/wisvg-egap6jwd082pqvi53ktbjjac6/	52 KB 29 KB	510ms 508ms	Image image/svg+xml	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wisvg-egap6jwd082pqvi53ktbjjac6/first-apartments-chalets_logo.svg?width=300 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c06384c2930a25b8c0e71e8f2fb89d3a9039411169e5e693b38d6e6204c18483 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id LjnLd35bshMAKVIu3chlb9hbGIlZLGpK x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 content-encoding br x-cache Miss from cloudfront cf-cache-status DYNAMIC x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sun, 05 Dec 2021 19:11:47 GMT server cloudflare etag W/"f41f9bb39113922fc0f00cd167f28a16" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/svg+xml access-control-allow-origin * cache-control no-cache vary Accept-Encoding cf-ray 8053dcf3cbc79b86-FRA x-amz-cf-id m1m8MdjuI-Bq4YqJLCtv_zdj-RSpEF9oQJstf_lBGGbewKIj_rFFog==
GET H2	200	first-hotels-suites_logo.svg image-tc.galaxy.tf/wisvg-4js3slet0mmg904cag0k4gq2u/	45 KB 25 KB	490ms 488ms	Image image/svg+xml	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wisvg-4js3slet0mmg904cag0k4gq2u/first-hotels-suites_logo.svg?width=300 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 464bf5d03bbddcbf63100cead9433316f908de11ee2cf598961e82e8504ea514 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id KCGEv.g20pPJ1o3WlkpThOXnfWostzTD x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 content-encoding br x-cache Miss from cloudfront cf-cache-status DYNAMIC x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Sun, 05 Dec 2021 19:11:47 GMT server cloudflare etag W/"4cd88dc31e91aa6866b585c9c9e53c06" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/svg+xml access-control-allow-origin * cache-control no-cache vary Accept-Encoding cf-ray 8053dcf3cbc89b86-FRA x-amz-cf-id Y6JDjsCF6yAthg4RoKN7CeSTA2dVJWY3LHnuphK4sHbbphpYsmwEyw==
GET H2	200	first-private-collection_logo.png image-tc.galaxy.tf/wipng-22smndb4ld8djtb809hlejloa/	44 KB 44 KB	503ms 502ms	Image image/png	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wipng-22smndb4ld8djtb809hlejloa/first-private-collection_logo.png?width=300 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79ee569bcfc70ba3ee9b288d31aa6097e52e27a2b59d76407c241f23686afaa1 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id tv4ZDz9bcCPHu2JcT2r56f2ATUkyo5kh x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cf-cache-status DYNAMIC x-amz-replication-status REPLICA alt-svc h3=":443"; ma=86400 content-length 44709 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 07 Dec 2021 07:05:07 GMT server cloudflare etag "d368aabb1cb79e8a12398e1cbfe355a1" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/png access-control-allow-origin * cache-control no-cache vary Accept-Encoding accept-ranges bytes cf-ray 8053dcf3cbc99b86-FRA x-amz-cf-id x-CJKECxeE8Uf6DFcsUnEyiww6AOd-g267yXDIZS7eGC-Y6hbOitNQ==
POST H3	204	qoe Show response www.youtube.com/api/stats/ Frame EEDB	0 19 B	27ms 26ms	XHR text/html	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=243&cpn=y7aAnHII7NzbxNhQ&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C62697%2C91144%2C6225%2C70530%2C16533%2C68204%2C25387%2C9842%2C1089%2C4973%2C976%2C322%2C966%2C2234%2C26436267%2C27%2C171%2C137%2C839%2C2050%2C321%2C535%2C1254%2C677%2C612%2C243%2C4326&cl=562622789&seq=1&docid=ivIUsLAx7_s&ei=z6n_ZJWLKpu76dsPh9is4A8&event=streamingstats&plid=AAYFHhzfWcLVDm7D&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FivIUsLAx7_s%3Fstart%3D3%26rel%3D0%26autoplay%3D1%26loop%3D1%26playlist%3DivIUsLAx7_s%26start%3D3%26mute%3D1&qclc=ChB5N2FBbkhJSTdOemJ4TmhREAE&embargoed=0&cbr=Chrome&cbrver=116.0.5845.179&c=WEB_EMBEDDED_PLAYER&cver=1.20230904.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.014:B,0.325:B,0.325:B&cat=streaming&cmt=0.014:0.000,0.325:3.000&vfs=0.325:243:247::r&view=0.325:4800:1079&bwe=0.325:130000&bat=0.325:1:1&vis=0.325:0&bh=0.325:0.000 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset 120 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 X-YouTube-Client-Version 1.20230904.00.00 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgtmNnJZQnhpM3FoVSjP0_6nBjIGCgJERRIA X-YouTube-Ad-Signals dt=1694476751550&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C4800%2C1079&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	725 B 2 KB	143ms 72ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=5206753&dur=135.920&lmt=1652779089795588&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPNhb59Gfg48jmRjv_NDdgzMg1jk3kTtHO3I5-X-lubEAiBiqc8xFkGeH7EAjIyO1HqOlzgr9N8XzBMYDCrY3wRl5Q%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAMm-e9Xkn5D1xa06fKF4ecwM6_KNlX2oLt9lE8RKgFXuAiEAh_2Eh55483BXe3wA7o5PjsxKkRto_mpKA2ALpIfCves%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=0-669&rn=1&rbuf=0&pot=Iiywr7Cp1FAZYPPIxML-wfr14cHY3_2c9sDm_Nr_gPCGwfLF-ejzyPrq4v357g==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 456f76e0ae5bc0b2f2ac9bd4306691eb0c7c87aae92249ce436c1f3745f0a014 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:12 GMT X-Restrict-Formats-Hint None X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Last-Modified Tue, 17 May 2022 09:18:09 GMT Server gvs 1.0 Vary Origin Content-Type application/vnd.yt-ump Access-Control-Allow-Origin https://www.youtube.com Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=21299 Access-Control-Allow-Credentials true Timing-Allow-Origin https://www.youtube.com Expires Mon, 11 Sep 2023 23:59:12 GMT
POST H/1.1	200 OK	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	556 B 2 KB	135ms 65ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=251&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=2317727&dur=135.941&lmt=1652779122065814&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgazgdcaAuuTwibN3rDUiVZanVn62q5ngQOpnxNgYJDqoCIHu9jlWguFRn6NfgyTx2hFZhDSNL4NTjGg4kzOG-HnzA&alr=yes&sig=AOq0QJ8wRQIgHIvK95ZUSykGtkT_6W7Yfkmvvf5iOZPQSKMt2xozu5wCIQC1U7owMsWdojwMVZ6d747QJBs3bopp2DwTn1SYtoeSwg%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=0-500&rn=2&rbuf=0&pot=Iix7v3u5H0DScDjYD9I10THlKtETzzaMPdAt7BHvS-BN0TnVMvg42DH6Ke0y_g==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash ee7e81d11ec12279107e6f1a901a1c741655798bfa9fc8e550f6357b62629b8a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Date Mon, 11 Sep 2023 23:59:12 GMT X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Connection keep-alive Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Last-Modified Tue, 17 May 2022 09:18:42 GMT Server gvs 1.0 Vary Origin Content-Type application/vnd.yt-ump Access-Control-Allow-Origin https://www.youtube.com Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=21299 Access-Control-Allow-Credentials true Timing-Allow-Origin https://www.youtube.com Expires Mon, 11 Sep 2023 23:59:12 GMT
GET H3	200	remote.js Show response www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame EEDB	116 KB 33 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97a159e488477400a41c43897dc257375cf9bdabd184e67c79ca01a13c051647 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Wed, 06 Sep 2023 18:29:55 GMT content-encoding br x-content-type-options nosniff age 451757 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33687 x-xss-protection 0 last-modified Tue, 05 Sep 2023 01:11:43 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 05 Sep 2024 18:29:55 GMT
GET H3	200	captions.js Show response www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame EEDB	70 KB 23 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/captions.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e0f563c6709c8245ac3ea873d13c58fff6d2ff367a2d47f5dc975d0c76b48479 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 20:55:54 GMT content-encoding br x-content-type-options nosniff age 10998 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23912 x-xss-protection 0 last-modified Tue, 05 Sep 2023 01:11:43 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 10 Sep 2024 20:55:54 GMT
GET H3	200	endscreen.js Show response www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/ Frame EEDB	32 KB 8 KB	30ms 28ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/endscreen.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a15c141ee72ced70798716ac22c5421d704ec422d414018e8bda9c6f295d839c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 19:30:33 GMT content-encoding br x-content-type-options nosniff age 16119 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8206 x-xss-protection 0 last-modified Tue, 05 Sep 2023 01:11:43 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 10 Sep 2024 19:30:33 GMT
POST H3	200	next Show response www.youtube.com/youtubei/v1/ Frame EEDB	7 KB 2 KB	235ms 235ms	XHR application/json	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 8eff1cba518a92f0300b4650a7cde7d66a92ed91ec3df700fca9cf429c5fd2f4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-Youtube-Bootstrap-Logged-In false accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/json Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20230904.00.00 X-Goog-Visitor-Id CgtmNnJZQnhpM3FoVSjP0_6nBjIGCgJERRIA Response headers date Mon, 11 Sep 2023 23:59:12 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2249 x-xss-protection 0 expires Mon, 11 Sep 2023 23:59:12 GMT
GET DATA	200 OK	truncated /	152 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	150 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	browser-perf.db243e0997bfc17cf4e9.js Show response script.hotjar.com/	6 KB 2 KB	19ms 19ms	Script application/javascript	52.222.236.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/browser-perf.db243e0997bfc17cf4e9.js Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.2de3322c0609a6da3702.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-74.fra56.r.cloudfront.net Software / Resource Hash 2b8bbe125196d927d028b14debae5bf05d60cb60e0eb9e2d53b8b36790abc9de Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Fri, 08 Sep 2023 09:39:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 310806 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 2018 last-modified Fri, 08 Sep 2023 09:39:02 GMT etag "faf5c6abc28de9ebe77ff3bbc0c54c6a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id 1XqrtcB1J1FsKEtrQgh5l5x7IDtElK75SgDb8SRd5ivy-kgQCAagrQ==
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame EEDB	28 B 54 B	38ms 35ms	XHR application/json	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 X-Goog-Request-Time 1694476752241 Content-Type application/json X-YouTube-Utc-Offset 120 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 X-YouTube-Client-Version 1.20230904.00.00 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgtmNnJZQnhpM3FoVSjP0_6nBjIGCgJERRIA X-YouTube-Ad-Signals dt=1694476751550&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C4800%2C1079&vis=1&wgl=true&ca_type=image Response headers date Mon, 11 Sep 2023 23:59:12 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0 expires Mon, 11 Sep 2023 23:59:12 GMT
GET H3	200	magalies-1.jpg image-tc.galaxy.tf/wijpeg-e7u9abmxsjszbsjdsnhjfhh8/	214 KB 215 KB	561ms 560ms	Image image/jpeg	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wijpeg-e7u9abmxsjszbsjdsnhjfhh8/magalies-1.jpg Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 054869ad4bf0c379b4dc42a8322c026082b05f60227e5e21e7f823513978a8db Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id einsLE.lCbJThLVD6.cagspemVr0u7CH x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 content-length 219054 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 31 May 2023 17:25:51 GMT server cloudflare etag "ce80fbbc2749c28126ad54a46b780ba5" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control no-cache vary Accept-Encoding accept-ranges bytes cf-ray 8053dcf598289966-FRA x-amz-cf-id wi9lnAGQbrAp_MoZF5xCizd7X8ZWz88CRh_p2SlBQk5_b6EVctNX9Q==
GET H3	200	1555580642-5cb846e292fc6-thumb.jpg image-tc.galaxy.tf/wijpeg-acgu6fdbcjlt07orrng8egg6k/	50 KB 0	641ms 639ms	Image image/jpeg	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wijpeg-acgu6fdbcjlt07orrng8egg6k/1555580642-5cb846e292fc6-thumb.jpg Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id rYSmbMZM67CPkL225mdB8YcVHRuEAyr6 x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 content-length 122125 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 31 May 2023 17:39:25 GMT server cloudflare etag "5db7ff615b14acac36766f09c4f281b4" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control no-cache vary Accept-Encoding accept-ranges bytes cf-ray 8053dcf598299966-FRA x-amz-cf-id NClIlxDgy8wPx02lqo3owik46aVDsjqwVLLyIy5IrZjkWso3pOFt2Q==
GET		midlands-1.jpg image-tc.galaxy.tf/wijpeg-c6v17qs3r19mzxsbr8ikeag4y/	0 0
GET H3	200	qwantani-3-bedroom-chalet-re11-ko-241-2019.jpg image-tc.galaxy.tf/wijpeg-5vgy2so0shak403zlqahy5194/	51 KB 0	668ms 667ms	Image image/jpeg	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wijpeg-5vgy2so0shak403zlqahy5194/qwantani-3-bedroom-chalet-re11-ko-241-2019.jpg Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id RbKqtFEHy7Khb2ivR_TIpRyu7Ty4VwXx x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 content-length 102345 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 31 May 2023 17:43:22 GMT server cloudflare etag "6b2cb72652fbe7cc372e50232690f0a4" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control no-cache vary Accept-Encoding accept-ranges bytes cf-ray 8053dcf5982b9966-FRA x-amz-cf-id Y55bSuA4hzs84EXWSghUlNyfdLvTar4xU00QDyVBvZu4MWwnjqeOTw==
GET H3	200	microsoftteams-image.png image-tc.galaxy.tf/wipng-3spy3e54q7r3mxbjmiflfwzq3/	437 KB 0	490ms 489ms	Image image/png	2606:4700::6811:ba3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://image-tc.galaxy.tf/wipng-3spy3e54q7r3mxbjmiflfwzq3/microsoftteams-image.png Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:ba3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT x-amz-version-id I6INyuXztMgW0VUXebr557.vzrJ27WBo x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubdomains; preload via 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront) content-security-policy default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none' x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront cf-cache-status DYNAMIC alt-svc h3=":443"; ma=86400 content-length 712516 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Wed, 31 May 2023 17:45:31 GMT server cloudflare etag "ae3ce0d0517057b5d9dbf11b4c73a5e3" x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD, OPTIONS content-type image/png access-control-allow-origin * cache-control no-cache vary Accept-Encoding accept-ranges bytes cf-ray 8053dcf5982c9966-FRA x-amz-cf-id YydipzGMhSXmzM5iWR_oRV59u9vmYi1ZaGVLWV6fhDuwGeLAKjSZxg==
GET		margate-1.jpg image-tc.galaxy.tf/wijpeg-5x6wrn4ixdjwdfmzquz4b7k6v/	0 0
GET H3	200	magalies-park Show response www.firstgroup-sa.co.za/	103 KB 16 KB	282ms 281ms	XHR text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/magalies-park Requested by Host: cdn-4.convertexperiments.com URL: https://cdn-4.convertexperiments.com/js/1004973-10041242.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbd436e93b6ab65fdf3162bebadd292193724394a266eda2bd008be839c5fc2a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 0a4b38fa4b7e435c9572519905d42268.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 11 Sep 2023 08:18:22 GMT server cloudflare etag W/"5b15738fbbab050f94e88e738cb59d33" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 8053dcf5afd52c1a-FRA x-amz-cf-id oklp4BCuSBpKI_K0ugFxd6p85ChADe5nv0uIsI1neKF5eazrMGrzeQ==
GET H3	200	la-montagne Show response www.firstgroup-sa.co.za/	104 KB 16 KB	180ms 179ms	XHR text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/la-montagne Requested by Host: cdn-4.convertexperiments.com URL: https://cdn-4.convertexperiments.com/js/1004973-10041242.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adcb3dce779ca961e6aa70f5782d7304888a6e485ee6a0ae19c162e81ed3b33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 d120748dba94009201c8a9c5c612c7fc.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 11 Sep 2023 08:18:42 GMT server cloudflare etag W/"706b7480a4f2f9bb67246e8f9462a849" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 8053dcf5afd62c1a-FRA x-amz-cf-id jNqArss6kWSTELZRL-1IquMSsPbdIb-UtvlELuyVRCQBeCwbTrd9TQ==
GET H3	200	midlands-saddle-and-trout Show response www.firstgroup-sa.co.za/	106 KB 16 KB	258ms 257ms	XHR text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/midlands-saddle-and-trout Requested by Host: cdn-4.convertexperiments.com URL: https://cdn-4.convertexperiments.com/js/1004973-10041242.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92f6ca68d7f3bba5c6941cb503aac08933e3d0f69e23dd4f5238a5cf83277e7f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 9bc84c94880403a2bdfe0bc8f1800e4e.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 11 Sep 2023 08:18:39 GMT server cloudflare etag W/"92b5f0dc6d82a0fe9909c0080e5bf751" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 8053dcf5afd82c1a-FRA x-amz-cf-id H2QQHJFqJihMfp_LwDjvIHpmkaVcqs68AaeJJHZOGAt-_DXpfteD5Q==
GET H3	200	qwantani Show response www.firstgroup-sa.co.za/	104 KB 16 KB	239ms 238ms	XHR text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/qwantani Requested by Host: cdn-4.convertexperiments.com URL: https://cdn-4.convertexperiments.com/js/1004973-10041242.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bab60833e1491d37e56431038a9ad647998954e8199e7516fdfd8d482dcba361 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 b10069b378f22e10f0382c21d0a9578e.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 11 Sep 2023 08:18:38 GMT server cloudflare etag W/"0562e93fb142bd36198fadc66069f2c0" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 8053dcf5afd92c1a-FRA x-amz-cf-id wneMaSUhJEAf6lqXJ31VV9hPfygrSXw5d6h01Q3spnDZ8w6bOVZpPg==
GET H3	200	bushmans-nek Show response www.firstgroup-sa.co.za/	110 KB 17 KB	214ms 213ms	XHR text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/bushmans-nek Requested by Host: cdn-4.convertexperiments.com URL: https://cdn-4.convertexperiments.com/js/1004973-10041242.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f20e9ae2e143b77a0cb7619a64645cd478804cb8e90697dac1e7b8cd17d7b60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 7b082441eaf35142a6f7785a74fb7a50.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 11 Sep 2023 08:18:40 GMT server cloudflare etag W/"0f0bc7d4595f1e6eb10ebb9518444a6f" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 8053dcf5afda2c1a-FRA x-amz-cf-id c8SmWthL326hFvtWuHswMy7tsAzXWn9TH-MWgk0bgb-RapsMuXTA6Q==
GET H3	200	margate-sands Show response www.firstgroup-sa.co.za/	106 KB 16 KB	246ms 246ms	XHR text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firstgroup-sa.co.za/margate-sands Requested by Host: cdn-4.convertexperiments.com URL: https://cdn-4.convertexperiments.com/js/1004973-10041242.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e764bec11defe49d111d901b69dba958a5c23bc2850bebe12d8f56c7d366a6ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 b10069b378f22e10f0382c21d0a9578e.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 11 Sep 2023 08:18:34 GMT server cloudflare etag W/"727b74e0b40c3eeff237ed17e0d99112" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 8053dcf5afdb2c1a-FRA x-amz-cf-id eQ-G66RfdkOSVAeT_qNeS7-VjhOzM8j-WQFAWaF3qH--6FKRAuplIA==
POST H3	200	/ Show response www.facebook.com/tr/ Frame 1BDE	0 18 B	18ms 18ms	Document text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.firstgroup-sa.co.za Referer https://www.firstgroup-sa.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.firstgroup-sa.co.za alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Mon, 11 Sep 2023 23:59:12 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
POST H2	200	/ Show response content.hotjar.io/	56 B 161 B	239ms 89ms	XHR application/json	54.75.154.185
General Check archive.org Show headers Download Go to Full URL https://content.hotjar.io/?gzip=1 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.2de3322c0609a6da3702.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.75.154.185 -, , ASN (), Reverse DNS Software / Resource Hash baec4adb329802431c521131194838609a3c4a65626bfd24ada3e63e42502c4e Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers access-control-allow-origin * date Mon, 11 Sep 2023 23:59:12 GMT content-length 56 vary Origin content-type application/json
GET		fa-chevron-right-blue.png' www.firstgroup-sa.co.za/'https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	0 0
GET H3	404	fa-chevron-left-blue.png' www.firstgroup-sa.co.za/'https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/	53 KB 53 KB	639ms 638ms	Image text/html	2606:4700::6811:b93a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firstgroup-sa.co.za/'https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/fa-chevron-left-blue.png' Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:b93a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT strict-transport-security max-age=31536000; includeSubdomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 b10069b378f22e10f0382c21d0a9578e.cloudfront.net (CloudFront) x-amz-cf-pop AMS58-P1 content-encoding br x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server cloudflare x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache cf-ray 8053dcf5eff82c1a-FRA x-amz-cf-id lrlBGC_1G6O95pGLxmnovANvnFRB6cd2HKDWet-sLJBmZ0ZQ7Ozcmg==
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 214 B	28ms 27ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=10399833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&dr=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDACEABRAAAACAAI~&jid=578775921&gjid=2076098559&cid=237506692.1694476752&tid=UA-98837830-1&_gid=1468467862.1694476752&_r=1&_slc=1&gtm=45He3960n81K9Q4XPK&cd1=no_data&cd2=not_applicable&cd4=not_applicable&cd5=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&z=1977511720 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.firstgroup-sa.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 68 B	26ms 25ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=10399833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&dr=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&ul=en-us&de=UTF-8&dt=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDACEABRAAAACAEK~&jid=650368577&gjid=95219344&cid=237506692.1694476752&tid=UA-162681275-1&_gid=1468467862.1694476752&_r=1&_slc=1&gtm=45He3960n81TL2MM4B&cd1=892284&cd2=not_applicable&cd3=First%20Group%20Management%20MB&cd4=not_applicable&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=custom&cg1=web&cg2=not_applicable&cg3=group_property&cd19=tvs_yes&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=1&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F%23msdynttrid%3D273P3ZtUEu4mVTs48Q0OZ-eePeoW-xPgS4apyt-m1YE&cd39=not_applicable&cd40=firstgroup-sa.co.za&cd41=GTM-TL2MM4B&cd42=67&cd54=be4&cd59=0&z=1234796466 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.firstgroup-sa.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 71 B	26ms 25ms	XHR text/plain	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=10399833&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&dr=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&ul=en-us&de=UTF-8&dt=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDACEABRAAAACAEK~&jid=132016263&gjid=728086208&cid=237506692.1694476752&tid=UA-135537499-1&_gid=1468467862.1694476752&_r=1&_slc=1&gtm=45He3960n81K9Q4XPK&cd1=not_set&cd2=not_applicable&cd3=not_applicable&cd4=not_applicable&cd5=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F%23msdynttrid%3D273P3ZtUEu4mVTs48Q0OZ-eePeoW-xPgS4apyt-m1YE&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=en&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd13=not_applicable&cd14=no&cg1=not_applicable&cd20=no&z=418400418 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.firstgroup-sa.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	64 KB 64 KB	44ms 20ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=251&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=2317727&dur=135.941&lmt=1652779122065814&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgazgdcaAuuTwibN3rDUiVZanVn62q5ngQOpnxNgYJDqoCIHu9jlWguFRn6NfgyTx2hFZhDSNL4NTjGg4kzOG-HnzA&alr=yes&sig=AOq0QJ8wRQIgHIvK95ZUSykGtkT_6W7Yfkmvvf5iOZPQSKMt2xozu5wCIQC1U7owMsWdojwMVZ6d747QJBs3bopp2DwTn1SYtoeSwg%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=501-66036&rn=3&rbuf=0&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash bc109442d6d08933a67b0f00c920e0c7916a760910f56ab6369e22b4ac919b6e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers client-protocol quic date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Tue, 17 May 2022 09:18:42 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 11 Sep 2023 23:59:12 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame E609	0 15 B	21ms 20ms	Document text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.firstgroup-sa.co.za Referer https://www.firstgroup-sa.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.firstgroup-sa.co.za alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Mon, 11 Sep 2023 23:59:12 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 19ms	Image image/gif	2001:4860:4802:36::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=10399833&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F&dr=https%3A%2F%2Fdd1562d995504d8bb9c66c5977d5221d.svc.dynamics.com%2F&ul=en-us&de=UTF-8&dt=Luxury%20Holiday%20Accommodation%20in%20South%20Africa%20%7C%20First%20Group%20Resorts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=2kyco3QpSfCTG6iMjPW3Sg&_u=aDDACEABRAAAACAEK~&jid=&gjid=&cid=237506692.1694476752&tid=UA-135537499-1&_gid=1468467862.1694476752&gtm=45He3960n81K9Q4XPK&cd1=not_set&cd2=not_applicable&cd3=not_applicable&cd4=not_applicable&cd5=https%3A%2F%2Fwww.firstgroup-sa.co.za%2F%23msdynttrid%3D273P3ZtUEu4mVTs48Q0OZ-eePeoW-xPgS4apyt-m1YE&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=en&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd13=not_applicable&cd14=no&cg1=not_applicable&cd20=no&z=986713670 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 08:52:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 54385 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 www.youtube.com/ Frame EEDB	0 10 B	19ms 18ms	Image text/plain	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?E2OwVw Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 355 B	89ms 28ms	XHR text/plain	2a00:1450:400c:c00::9a
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-135537499-1&cid=237506692.1694476752&jid=132016263&gjid=728086208&_gid=1468467862.1694476752&_u=aDDACEABRAAAACAEK~&z=1127266783 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.firstgroup-sa.co.za/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.firstgroup-sa.co.za cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		7523-fg-50-off-4-night-vacay-web-banner-v4.jpg image-tc.galaxy.tf/wijpeg-dhe7rm2o0ovxr4o2o5dxbx51x/	0 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame EEDB	4 KB 2 KB	89ms 39ms	Script text/javascript	2a00:1450:4001:82a::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 23:59:12 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 11 Sep 2023 23:59:12 GMT
GET		file.jpg image-tc.galaxy.tf/wijpeg-3dq8g1uts3kjq6dmuyj4p9xt9/	0 0
GET		file.jpg image-tc.galaxy.tf/wijpeg-b0s6fddxj1wokopnwzjl62isa/	0 0
GET		7523-fg-50-off-4-night-vacay-web-banner-v3.jpg image-tc.galaxy.tf/wijpeg-287fmyq9ktvi4twtyvh60d1c5/	0 0
POST H3	200	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	117 KB 117 KB	20ms 20ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=5206753&dur=135.920&lmt=1652779089795588&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPNhb59Gfg48jmRjv_NDdgzMg1jk3kTtHO3I5-X-lubEAiBiqc8xFkGeH7EAjIyO1HqOlzgr9N8XzBMYDCrY3wRl5Q%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAMm-e9Xkn5D1xa06fKF4ecwM6_KNlX2oLt9lE8RKgFXuAiEAh_2Eh55483BXe3wA7o5PjsxKkRto_mpKA2ALpIfCves%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=670-119952&rn=4&rbuf=0&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash bcec23ad664498a53075b038812dd7575d281fd1b1b83b48fbdf2d5c73fa483c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers expires Mon, 11 Sep 2023 23:59:12 GMT date Mon, 11 Sep 2023 23:59:12 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Tue, 17 May 2022 09:18:09 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
POST H3	200	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	734 B 758 B	73ms 73ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=19574369&dur=135.920&lmt=1652779089836499&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgR0SJXqP-BrFybrSW8Dne34M96tWRx8nrWMYYl7GzPzkCIQD6M60vfDy4t53-4HHXwJtkoGFbtlRTsWqRQJE7geBi3w%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM2doAe4K5bDoWM_f45rU63xsFLUvJLo__iFFKm3dYjEAiAUURxiWhAeD-dKuDq1oipqq7biObXZzNkF_2l4cjykEw%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=0-678&rn=5&rbuf=0&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 29c72f50baa77d7a96841e6df51b4eedb48a39f05825f3276700cb5bf758e867 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers expires Mon, 11 Sep 2023 23:59:12 GMT date Mon, 11 Sep 2023 23:59:12 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Tue, 17 May 2022 09:18:09 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
GET		child.svg www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/	0 0
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	35ms 35ms	Image image/gif	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135537499-1&cid=237506692.1694476752&jid=132016263&_u=aDDACEABRAAAACAEK~&z=328561655 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	30ms 30ms	Image image/gif	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135537499-1&cid=237506692.1694476752&jid=132016263&_u=aDDACEABRAAAACAEK~&z=328561655 Requested by Host: www.firstgroup-sa.co.za URL: https://www.firstgroup-sa.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firstgroup-sa.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	117 KB 117 KB	20ms 20ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=5206753&dur=135.920&lmt=1652779089795588&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPNhb59Gfg48jmRjv_NDdgzMg1jk3kTtHO3I5-X-lubEAiBiqc8xFkGeH7EAjIyO1HqOlzgr9N8XzBMYDCrY3wRl5Q%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAMm-e9Xkn5D1xa06fKF4ecwM6_KNlX2oLt9lE8RKgFXuAiEAh_2Eh55483BXe3wA7o5PjsxKkRto_mpKA2ALpIfCves%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=119953-239235&rn=6&rbuf=0&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash e4f6019b8649b0be2019a78df9656c55e42bd480d4e84e80110bd96d80847d44 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers expires Mon, 11 Sep 2023 23:59:12 GMT date Mon, 11 Sep 2023 23:59:12 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Tue, 17 May 2022 09:18:09 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/116/ Frame EEDB	51 KB 15 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:82a::2003
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/116/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 -, , ASN (), Reverse DNS Software sffe / Resource Hash 9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Mon, 11 Sep 2023 15:20:05 GMT content-encoding gzip x-content-type-options nosniff age 31147 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15373 x-xss-protection 0 last-modified Mon, 12 Jun 2023 15:06:10 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Tue, 12 Sep 2023 15:20:05 GMT
POST H3	200	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	64 KB 64 KB	21ms 20ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=251&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=2317727&dur=135.941&lmt=1652779122065814&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgazgdcaAuuTwibN3rDUiVZanVn62q5ngQOpnxNgYJDqoCIHu9jlWguFRn6NfgyTx2hFZhDSNL4NTjGg4kzOG-HnzA&alr=yes&sig=AOq0QJ8wRQIgHIvK95ZUSykGtkT_6W7Yfkmvvf5iOZPQSKMt2xozu5wCIQC1U7owMsWdojwMVZ6d747QJBs3bopp2DwTn1SYtoeSwg%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=66037-131572&rn=7&rbuf=788&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash b85ae7bf693120b0a98e59d30577c09bb5f661b2f497b63288b11984c6f19e60 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers client-protocol quic date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Tue, 17 May 2022 09:18:42 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 11 Sep 2023 23:59:12 GMT
POST		videoplayback rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	0 0
POST H3	204	qoe Show response www.youtube.com/api/stats/ Frame EEDB	0 19 B	27ms 26ms	XHR text/html	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=247&afmt=251&cpn=y7aAnHII7NzbxNhQ&el=embedded&ns=yt&fexp=v1%2C23858057%2C125239%2C21348%2C2602%2C73492%2C54572%2C73455%2C62697%2C91144%2C6225%2C70530%2C16533%2C68204%2C25387%2C9842%2C1089%2C4973%2C976%2C322%2C966%2C2234%2C26436267%2C27%2C171%2C137%2C839%2C2050%2C321%2C535%2C1254%2C677%2C612%2C243%2C4326&cl=562622789&seq=2&docid=ivIUsLAx7_s&ei=z6n_ZJWLKpu76dsPh9is4A8&event=streamingstats&plid=AAYFHhzfWcLVDm7D&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FivIUsLAx7_s%3Fstart%3D3%26rel%3D0%26autoplay%3D1%26loop%3D1%26playlist%3DivIUsLAx7_s%26start%3D3%26mute%3D1&qclc=ChB5N2FBbkhJSTdOemJ4TmhREAI&embargoed=0&cbr=Chrome&cbrver=116.0.5845.179&c=WEB_EMBEDDED_PLAYER&cver=1.20230904.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&afs=0.329:251::i&cat=spkadtrt&cmt=0.340:3.000,1.100:3.000,1.105:3.004,1.107:3.004,1.110:3.004&vps=0.340:S:ss.15,1.100:B,1.105:SU,1.107:B,1.110:B,1.110:B&ctmp=startSeconds:t.952;ss.3,hidden:&vfs=1.110:247:247:243:r&view=1.110:4800:1079&bwm=1.110:371887:1.200&bwe=1.110:447325&bat=1.110:1:1&bh=1.110:0.000 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset 120 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1 X-YouTube-Client-Version 1.20230904.00.00 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgtmNnJZQnhpM3FoVSjP0_6nBjIGCgJERRIA X-YouTube-Ad-Signals dt=1694476751550&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C4800%2C1079&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	450 KB 450 KB	21ms 20ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=19574369&dur=135.920&lmt=1652779089836499&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgR0SJXqP-BrFybrSW8Dne34M96tWRx8nrWMYYl7GzPzkCIQD6M60vfDy4t53-4HHXwJtkoGFbtlRTsWqRQJE7geBi3w%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM2doAe4K5bDoWM_f45rU63xsFLUvJLo__iFFKm3dYjEAiAUURxiWhAeD-dKuDq1oipqq7biObXZzNkF_2l4cjykEw%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=679-461253&rn=9&rbuf=0&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 6cef062d5ca987609306c6c38e0306cc71b2a9515c219aec6edc4a61b37d2931 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers expires Mon, 11 Sep 2023 23:59:12 GMT date Mon, 11 Sep 2023 23:59:12 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Tue, 17 May 2022 09:18:09 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
POST H3	200	videoplayback Show response rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	64 KB 64 KB	20ms 20ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=251&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=2317727&dur=135.941&lmt=1652779122065814&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgazgdcaAuuTwibN3rDUiVZanVn62q5ngQOpnxNgYJDqoCIHu9jlWguFRn6NfgyTx2hFZhDSNL4NTjGg4kzOG-HnzA&alr=yes&sig=AOq0QJ8wRQIgHIvK95ZUSykGtkT_6W7Yfkmvvf5iOZPQSKMt2xozu5wCIQC1U7owMsWdojwMVZ6d747QJBs3bopp2DwTn1SYtoeSwg%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=501-66036&rn=10&rbuf=0&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash bc109442d6d08933a67b0f00c920e0c7916a760910f56ab6369e22b4ac919b6e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers client-protocol quic date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Tue, 17 May 2022 09:18:42 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 11 Sep 2023 23:59:12 GMT
POST H3	200	videoplayback rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	450 KB 450 KB	23ms 22ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=19574369&dur=135.920&lmt=1652779089836499&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgR0SJXqP-BrFybrSW8Dne34M96tWRx8nrWMYYl7GzPzkCIQD6M60vfDy4t53-4HHXwJtkoGFbtlRTsWqRQJE7geBi3w%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM2doAe4K5bDoWM_f45rU63xsFLUvJLo__iFFKm3dYjEAiAUURxiWhAeD-dKuDq1oipqq7biObXZzNkF_2l4cjykEw%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=461254-921828&rn=11&rbuf=0&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers expires Mon, 11 Sep 2023 23:59:12 GMT date Mon, 11 Sep 2023 23:59:12 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Tue, 17 May 2022 09:18:09 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic
POST H3	200	videoplayback rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	64 KB 64 KB	25ms 24ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=251&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=2317727&dur=135.941&lmt=1652779122065814&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgazgdcaAuuTwibN3rDUiVZanVn62q5ngQOpnxNgYJDqoCIHu9jlWguFRn6NfgyTx2hFZhDSNL4NTjGg4kzOG-HnzA&alr=yes&sig=AOq0QJ8wRQIgHIvK95ZUSykGtkT_6W7Yfkmvvf5iOZPQSKMt2xozu5wCIQC1U7owMsWdojwMVZ6d747QJBs3bopp2DwTn1SYtoeSwg%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=66037-131572&rn=12&rbuf=784&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers client-protocol quic date Mon, 11 Sep 2023 23:59:12 GMT x-content-type-options nosniff last-modified Tue, 17 May 2022 09:18:42 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" expires Mon, 11 Sep 2023 23:59:12 GMT
POST H3	200	videoplayback rr5---sn-4g5ednsl.googlevideo.com/ Frame EEDB	0 0	21ms 20ms	Fetch application/vnd.yt-ump	2a00:1450:4001:6a::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=247&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=19574369&dur=135.920&lmt=1652779089836499&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgR0SJXqP-BrFybrSW8Dne34M96tWRx8nrWMYYl7GzPzkCIQD6M60vfDy4t53-4HHXwJtkoGFbtlRTsWqRQJE7geBi3w%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM2doAe4K5bDoWM_f45rU63xsFLUvJLo__iFFKm3dYjEAiAUURxiWhAeD-dKuDq1oipqq7biObXZzNkF_2l4cjykEw%3D%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=921829-1382403&rn=13&rbuf=1769&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/7ee36b0e/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers expires Mon, 11 Sep 2023 23:59:12 GMT date Mon, 11 Sep 2023 23:59:12 GMT x-restrict-formats-hint None x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" last-modified Tue, 17 May 2022 09:18:09 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true timing-allow-origin https://www.youtube.com client-protocol quic

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.youtube.com

URL

https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1

Domain

www.youtube.com

URL

https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1

Domain

www.youtube.com

URL

https://www.youtube.com/embed/ivIUsLAx7_s?start=3&rel=0&autoplay=1&loop=1&playlist=ivIUsLAx7_s&start=3&mute=1

Domain

crpimagebucket.s3.af-south-1.amazonaws.com

URL

https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/img-eastercape.png

Domain

image-tc.galaxy.tf

URL

https://image-tc.galaxy.tf/wijpeg-c6v17qs3r19mzxsbr8ikeag4y/midlands-1.jpg

Domain

image-tc.galaxy.tf

URL

https://image-tc.galaxy.tf/wijpeg-5x6wrn4ixdjwdfmzquz4b7k6v/margate-1.jpg

Domain

www.firstgroup-sa.co.za

URL

https://www.firstgroup-sa.co.za/'https://crpimagebucket.s3.af-south-1.amazonaws.com/fontawesome/fa-chevron-right-blue.png'

Domain

image-tc.galaxy.tf

URL

https://image-tc.galaxy.tf/wijpeg-dhe7rm2o0ovxr4o2o5dxbx51x/7523-fg-50-off-4-night-vacay-web-banner-v4.jpg?width=1980

Domain

image-tc.galaxy.tf

URL

https://image-tc.galaxy.tf/wijpeg-3dq8g1uts3kjq6dmuyj4p9xt9/file.jpg

Domain

image-tc.galaxy.tf

URL

https://image-tc.galaxy.tf/wijpeg-b0s6fddxj1wokopnwzjl62isa/file.jpg

Domain

image-tc.galaxy.tf

URL

https://image-tc.galaxy.tf/wijpeg-287fmyq9ktvi4twtyvh60d1c5/7523-fg-50-off-4-night-vacay-web-banner-v3.jpg?width=1980

Domain

www.firstgroup-sa.co.za

URL

https://www.firstgroup-sa.co.za/integration/first-hotels/public/images/svg/child.svg

Domain

rr5---sn-4g5ednsl.googlevideo.com

URL

https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1694498351&ei=z6n_ZJWLKpu76dsPh9is4A8&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A8&id=o-ABnyoO18wVmaEcTGFFXDuj9f7dUvq0c5wR8kZLaS_SQj&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=2w&mm=31%2C29&mn=sn-4g5ednsl%2Csn-4g5lznls&ms=au%2Crdu&mv=m&mvi=5&pl=29&pcm2=no&initcwndbps=3652500&spc=UWF9fxhhFa4yKc1vbglkSSt2AdAWSMRss1mUXLRe8A&vprv=1&svpuc=1&mime=video%2Fwebm&ns=lvogeZOiVnfOPzfZK8_AAasP&gir=yes&clen=5206753&dur=135.920&lmt=1652779089795588&mt=1694476396&fvip=5&keepalive=yes&fexp=24007246%2C51000022&beids=24350018&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=uS4w8RKegerYrA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cpcm2%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAPNhb59Gfg48jmRjv_NDdgzMg1jk3kTtHO3I5-X-lubEAiBiqc8xFkGeH7EAjIyO1HqOlzgr9N8XzBMYDCrY3wRl5Q%3D%3D&alr=yes&sig=AOq0QJ8wRgIhAMm-e9Xkn5D1xa06fKF4ecwM6_KNlX2oLt9lE8RKgFXuAiEAh_2Eh55483BXe3wA7o5PjsxKkRto_mpKA2ALpIfCves%3D&cpn=y7aAnHII7NzbxNhQ&cver=1.20230904.00.00&range=239236-241066&rn=8&rbuf=2081&pot=MmgPit_SRFUYuw-ynD10F3kzqxqecYMz9e58ukeprfUK-ay7qJaNzC-LaLwS2ZJiipsHksRTCsoz9Df5Sr9lrEy5h9cp7gzucICZhV9sZsJQIDmUyC9Ojszj1Rmsg1K3DDvU8Ye7F4xJFw==&ump=1&srfvp=1