fnb.thomalex.travel Open in urlscan Pro
40.121.51.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fnb.thomalex.travel/
Effective URL:
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
Submission: On February 06 via api (February 6th 2024, 11:19:57 am UTC) from ZA — Scanned from DE

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 45 HTTP transactions. The main IP is 40.121.51.62, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fnb.thomalex.travel.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 7th 2023. Valid for: a year.

This is the only time fnb.thomalex.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	40.121.51.62 40.121.51.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.239.169.4 52.239.169.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 5	2606:4700:303... 2606:4700:3031::ac43:abf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
12	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
45	13

11 40.121.51.62 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fnb.thomalex.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.169.4 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

resvoyage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::ac43:abf3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.covidchecker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sitata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	sitata.com www.sitata.com	1 MB
11	thomalex.travel 1 redirects fnb.thomalex.travel	1 MB
5	covidchecker.com 1 redirects www.covidchecker.com	67 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	340 KB
4	gstatic.com fonts.gstatic.com	118 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	314 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	16 KB
1	windows.net resvoyage.blob.core.windows.net	4 KB
45	13

	Domain	Requested by
12	www.sitata.com	www.covidchecker.com www.sitata.com cdnjs.cloudflare.com
11	fnb.thomalex.travel	1 redirects fnb.thomalex.travel
5	www.covidchecker.com	1 redirects fnb.thomalex.travel www.covidchecker.com
4	www.googletagmanager.com	www.covidchecker.com www.googletagmanager.com www.sitata.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	fnb.thomalex.travel www.covidchecker.com www.sitata.com
2	cdn.jsdelivr.net	www.sitata.com cdn.jsdelivr.net
1	www.google.de	www.covidchecker.com
1	www.google.com	www.covidchecker.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.covidchecker.com
1	resvoyage.blob.core.windows.net	fnb.thomalex.travel
45	13

This site contains links to these domains. Also see Links.

Domain
thomalex.com
www.sitata.com

Subject Issuer	Validity	Valid
*.thomalex.travel Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
covidchecker.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sitata.com GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
Frame ID: 13EC172422DA91F233F8F4FA34809841
Requests: 14 HTTP requests in this frame

Frame: https://www.covidchecker.com/de/embed
Frame ID: E7614DB346679DC2EEAC85A35CE04509
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account

Page URL History Show full URLs

https://fnb.thomalex.travel/ HTTP 302
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f Page URL

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"
/semantic(?:-([\d.]+))?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

45
Requests

100 %
HTTPS

85 %
IPv6

13
Domains

13
Subdomains

13
IPs

2
Countries

3277 kB
Transfer

6992 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://thomalex.com/
Title: Thomalex

Search URL Search Domain Scan URL

URL: https://www.sitata.com/
Title: Sitata

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fnb.thomalex.travel/ HTTP 302
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.covidchecker.com/embed HTTP 302
https://www.covidchecker.com/de/embed

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request LogOn Show response
fnb.thomalex.travel/Account/
Redirect Chain

https://fnb.thomalex.travel/
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

24 KB
24 KB

121ms
120ms

Document
text/html

40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c71ec046be4ffb60d4b9c307b73c0fc8e8d6f3d9a5b6aae5a15ded9fb2b16d9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private
content-length: 24533
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private
content-length: 145
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 11:19:51 GMT
location: /Account/LogOn?ReturnUrl=%2f
referrer-policy: unsafe-url
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 semantic.min.css
fnb.thomalex.travel/Content/Semantic_UI/ 614 KB
615 KB 97ms
96ms Stylesheet
text/css 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7c7c72980b57eeeb3ac6593419b8aeacb2952e95499eebf8e61412596e875f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 14:54:22 GMT
etag: "a6fc64847f9d51:0"
content-type: text/css
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 628886
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 waitscreen.css
fnb.thomalex.travel/Content/ 403 B
544 B 95ms
94ms Stylesheet
text/css 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/waitscreen.css

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e014a2ea215f8b2bf9ba11d0e47cf7b6f91d0194ada4df98d340eed148c0b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:46 GMT
etag: "28a8e339d142d51:0"
content-type: text/css
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 403
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 logon.css
fnb.thomalex.travel/Content/ 2 KB
2 KB 96ms
95ms Stylesheet
text/css 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/logon.css?6

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cacd6851dd67a005c0b95433fc00807bd604bf07776216a99cfb9b49768a9b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 08:02:16 GMT
etag: "e1aed58dd786d81:0"
content-type: text/css
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1910
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 vue.min.js Show response
fnb.thomalex.travel/Scripts/ 91 KB
92 KB 281ms
281ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/vue.min.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Fri, 27 Dec 2019 12:52:05 GMT
etag: "e94a1571b4bcd51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 93678
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H/1.1 200
OK 79751a6ac92e438996b7f526b1c6e562.png
resvoyage.blob.core.windows.net/africa/client-images/login/ 4 KB
4 KB 430ms
100ms Image
image/png 52.239.169.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resvoyage.blob.core.windows.net/africa/client-images/login/79751a6ac92e438996b7f526b1c6e562.png
Requested by: Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.169.4 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3966ecd9d6d3203b9b853ad3b2c1f05b29cbfe8152d2396cdd0629bf5ee81830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 06 Feb 2024 11:19:52 GMT
Last-Modified: Mon, 08 Nov 2021 09:59:02 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ECqrL9P7WAE53AZDJAANKQ==
ETag: 0x8D9A29E64CACA82
Content-Type: image/png
x-ms-request-id: e277af94-201e-002b-2aee-5817aa000000
x-ms-version: 2009-09-19
Content-Length: 4015

GET
H2 200 jquery-3.5.1.min.js Show response
fnb.thomalex.travel/Scripts/ 87 KB
88 KB 284ms
284ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/jquery-3.5.1.min.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 02 Feb 2023 15:07:52 GMT
etag: "45123f1f1837d91:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 89478
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 antiforgery.js Show response
fnb.thomalex.travel/Scripts/Plugins/ 2 KB
2 KB 95ms
94ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/Plugins/antiforgery.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3a1e31233360ad661f9f48a9bb08138405f09f31ada00ef97f5554a33cc8574b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:46 GMT
etag: "69302f3ad142d51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2436
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 waitscreen.js Show response
fnb.thomalex.travel/Scripts/Plugins/ 3 KB
3 KB 94ms
94ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/Plugins/waitscreen.js?version=1

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

324a10c6d3d78249a021f49cc5a9b3dee7134a739571f0fee53028b4a6f668ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:46 GMT
etag: "a816323ad142d51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3149
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 semantic.min.js Show response
fnb.thomalex.travel/Scripts/ 269 KB
269 KB 95ms
95ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/semantic.min.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ebd713db9a49554980ca78b058c8255e510e11e658ba1983f076e3e7c8024bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 14:54:22 GMT
etag: "36d41e4847f9d51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 275740
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 css
fonts.googleapis.com/ 3 KB
886 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 11:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 09:24:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 11:19:52 GMT

GET
H2

200

embed Show response
www.covidchecker.com/de/ Frame E761
Redirect Chain

https://www.covidchecker.com/embed
https://www.covidchecker.com/de/embed

9 KB
4 KB

32ms
32ms

Document
text/html

2606:4700:3031::ac43:abf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/de/embed

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be2c4b3b689c19c28e631a972a745663ad678def6fefc493da88df0e9ba3087

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fnb.thomalex.travel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8513002babba65a8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 11:19:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inpA3CDQP3H3VNfL085uAHVnaaZzC6cc1%2F0TPxFrfpwnb52Iaprpy%2F7hRkpFrtANekrJNSKcUed5sdJElVqeyIJmhNHRxPmQljKo6UtWAqt4k%2F%2F9VWcehlJqRVKhp3co55ijh6uaAgyGTWcqH%2BrEMiCXPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: b2576c7e7d1ad3a36ddd4703a6d3f336

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8513002b2b0965a8-FRA
content-type: text/html; charset=utf-8
date: Tue, 06 Feb 2024 11:19:52 GMT
location: /de/embed
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82%2Bkqke74CIi27v1gq2AIjUZD5zyVQTj1dN9NQfzGAxSmKSiZWJySTcXlQn3IdUgq%2BnmEcy2Lvb0YURTXUJ%2BEEv8m%2F9XqwM%2B309llZTVkvnU%2F35hsv07tKF9aZRv5xwpeAKjKw8BDxCZEiBw9QqePPObrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: b5b341ac027824a51dff419494196144

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 34ms
14ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fnb.thomalex.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 22:07:30 GMT
x-content-type-options: nosniff
age: 47542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 22:07:30 GMT

GET
H2 200 icons.woff2
fnb.thomalex.travel/Content/Semantic_UI/themes/default/assets/fonts/ 55 KB
56 KB 95ms
94ms Font
application/font-woff2 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/Semantic_UI/themes/default/assets/fonts/icons.woff2

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
Origin: https://fnb.thomalex.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 06 Feb 2024 11:19:52 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:45 GMT
etag: "b56b9639d142d51:0"
content-type: application/font-woff2
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 56780
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fnb.thomalex.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:48:23 GMT
x-content-type-options: nosniff
age: 577889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:48:23 GMT

GET
H2 200 app-987b106af26bf3909f6c6e6d2bdb32a9.css
www.covidchecker.com/css/ Frame E761 209 KB
38 KB 24ms
23ms Stylesheet
text/css 2606:4700:3031::ac43:abf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/css/app-987b106af26bf3909f6c6e6d2bdb32a9.css?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b79356aa990cca4585dca5552ddd61973708d004b0c6eac5658ca0e619aa11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2837896
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 15:01:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cU6WPYopEhAtEZgzcknpYmkj4Ahfu2YC5knDJ251B5VR6gvy28hJ5uixJTOEL4IT22MHEzk6oFGogPcy7YiR5aZbpoz5P2piv7cNdGFutrjbun6YGgxgkrs5el0gEsjGxeJ6ZZ11Z5xlvxMDX1bLXQ97SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8513002bdbf265a8-FRA

GET
H2 200 landing-713172ace8fb8d44b8367c16f938527f.css
www.covidchecker.com/css/ Frame E761 123 KB
18 KB 20ms
20ms Stylesheet
text/css 2606:4700:3031::ac43:abf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/css/landing-713172ace8fb8d44b8367c16f938527f.css?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2612ceeb4e2fa5600aa076753b5924a166041b960566a7aa1a92153e500b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243967
cf-polished: origSize=125948
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 03 Feb 2024 15:33:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ld6EFyE%2FytyaRcpI72GIwWlDqBxoDaF68PhDJJbqGNwiuFd%2BvThxohe7fGBrYQyToMGDRvXmB97lx8SrakUwHiiQViFobnK13RMo39%2FIcvU2xr2ZawXBQH0DYYt7%2B%2FQePQto0IxR7OfnVlcCu%2FMiGfyKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8513002bdbf465a8-FRA

GET
H2 200 sitata-covid-map-v3.js Show response
www.sitata.com/widgets/ Frame E761 2 KB
1 KB 98ms
43ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map-v3.js

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9497bc97cc02ef869137ccab51b0049473c046a1921e49cadfa94820f88d6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1556
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"9EC0DE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaklvU7GKSEs9w49DgP93oYhin7Pn9DVkn%2FL7wyHjy0fMifQ7PwKe%2FWlxCl%2FG499lgLy53QxL7A8oRZ%2FmIj7hK7xqwkpH0ZWNm7rAJ9V8Yi%2BWKvm6Cxzu2EPMSVUSpqsWCjqg2WBj%2FvJrhRW9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8513002c3e216633-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E761 177 KB
65 KB 41ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7da3b84e920f2a91b2aa18ee6255ea2fff7f5ef0718297be28e484ed60e6bc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65846
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Feb 2024 11:19:52 GMT

GET
H2 200 modernizr-1b4b8536bbe44b9d705dbe2c12aed66e.js Show response
www.covidchecker.com/js/ Frame E761 19 KB
7 KB 22ms
22ms Script
application/javascript 2606:4700:3031::ac43:abf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/js/modernizr-1b4b8536bbe44b9d705dbe2c12aed66e.js?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ade9d3490b1d32afa65cb9a0f0cc491c9aabccd2b2a48893e463765c66c76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243967
cf-polished: origSize=61602
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 03 Feb 2024 15:33:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pSs4wYro2IV8OJpbnmB%2FNnnpMpiX7QjewMEeRz6zPMkMCm3g0jdT66RssZfJIgEV9OE2Kbrdk62zXuynjPyLr%2BZOks5cBc%2FxjxHpghLks2bM%2BejctkYZZuxBWPlGSBAHahqCArCjflK4EZMS1gGtSSgbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8513002bdbf565a8-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame E761 17 KB
2 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/css/app-987b106af26bf3909f6c6e6d2bdb32a9.css?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bec8a6cfeb17d129ceb4f7befb0857dfd16fca09729d4541c1176b27e6051132

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 11:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 09:27:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 11:19:52 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/ Frame E761 56 KB
16 KB 29ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidchecker.com/
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7459630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15626
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-df59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDv8pAGYRxLAFalDngMGsATMRbDsRUFBbvnusBb5w9hKxG5zSILY5K5VjJSLVEXyfa86%2FG%2FPKxIDabhqq7uWRzVjJN197HXHBCT%2FTqrYe%2BieyI1sF3bKIgONX6hTxNka9CtOehB5XeMS6AHcYVdSr5JQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8513002c3868361d-FRA
expires: Sun, 26 Jan 2025 11:19:53 GMT

GET
H2 200 sitata-covid-map-v3.1.0.13.js Show response
www.sitata.com/widgets/ Frame E761 2 MB
760 KB 67ms
67ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.js

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f4ac700a14b1584ba09246989c69cf8391fbd6abca439fc01950266f9a3bb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2216990
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2546B30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0L2cwgYqpNob3z0LaIb4VtDxZAbXoxQXNXrvcpRp3vYmxXdm0nMTCPOa6aXpVRER8w5GVwZ%2Bp%2FA0uHoJOwFmjav7tSlzv9HYNCwFjJSfMACARw%2FoX91i3LMGszcqTqxFvAVbz72iWNuB4fgKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8513002c8e7c6633-AMS

GET
H2 200 sitata-covid-map-v3.1.0.13.css
www.sitata.com/widgets/ Frame E761 690 KB
72 KB 53ms
53ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb9e025c458a290ea6efb45935088487a9f4f8b55a1e08cb31420633108694c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"971B97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmEJjamprEfQs8LJ5LTP4O8PziDZrLumgmmF06PDZRr%2BRdkFXWxoUmX969DmVO2flVDYp5ajlGHxckMvgoF3t8YlJJyUt2KfoM9xTspAWEkmiE%2Fxh0nGbWzMDmbXRH9K5zvQTmglGllSf5Pjvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8513002c8e796633-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E761 52 KB
21 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Feb 2024 09:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5504
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 06 Feb 2024 11:48:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E761 328 KB
106 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1001553572&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4f3246deb6787117e5c4c3c7eb873a9874861da6f2612ee1269ec4672490f56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 11:19:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001553572/ Frame E761 3 KB
2 KB 63ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001553572/?random=1707218393113&cv=11&fst=1707218393113&bg=ffffff&guid=ON&async=1&gtm=45be41v0v869241431za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Ffnb.thomalex.travel%2F&top=https%3A%2F%2Ffnb.thomalex.travel%2F&hn=www.googleadservices.com&frm=2&tiba=Check%20your%20entry%20requirements%20for%20travel%20and%20the%20local%20travel%20restrictions%20at%20your%20destination%20%7C%20Sitata&npa=0&pscdl=noapi&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1001553572&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08a99f98b106ad6a9d263d91f02ba30ff9cdac6dbca519675192f114469edded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 11:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E761 12 KB
865 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sitata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 11:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 10:19:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 11:19:53 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.x/css/ Frame E761 218 KB
37 KB 39ms
22ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sitata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25581
x-jsd-version: 4.9.95
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230123-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"3690d-+C8LymUllOTB/eRBaefREVF0ZzU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV8kgABXpvBzvE%2F9SGlevlj7g9C4%2FPPD17GYXVb%2BL53fVl7kJRNNtLvIe3bg5EbA%2FqOwzlbWKkofgb4v88SaydRYlCNZ4M9Z9LSaYajVr92BvBwjYSDhWoyB4BI3yqs7eF3Vw7waupwZRwh%2FoLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8513002d3f1b1e51-FRA

OPTIONS
H3 204 check_public
www.sitata.com/api/v2/tokens/process/ Frame 0
0 89ms
72ms Preflight 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: POST
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8513002e6d0737fb-FRA
date: Tue, 06 Feb 2024 11:19:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ysxyc10UyLLDjiAC7WF%2FYO2jMDUihL68GbDKITXrbKBGxUDVWCH1kqzZSM0%2BuUBLsn%2Bw0cHRP9yxV69KXrqGOq9pZ71UidwB4gK2OY6pPj9FeGTutTRIchEV2dtMX7TMgMpB6XtHyPETSnPDAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: a6130cc47beeffa2f2edaaefc4b2a337

OPTIONS
H3 204 countries
www.sitata.com/api/v2/ Frame 0
0 61ms
44ms Preflight 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/countries?short=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: GET
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8513002e6d0937fb-FRA
date: Tue, 06 Feb 2024 11:19:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A98WRM40nw5nBp1p8pSUBPl1glq8y34d6VXE3WbZ2ztjinW94LXzxCTZjRWus%2FcItuu7ezPmf8O1Y3n1W02zssIHAPnvafubdi5gGcV9ReGaD31PFosV56VP4pQuOewCCEaucTLwH1z3zsTESg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 12e4513f0230ca576f07b167c4610816

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E761 244 KB
84 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T771YDHSTZ

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5579919e61665f7f14e3e6f63cd0c00baf6d36fb49ccd720fb4c3736970fc18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86440
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 11:19:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E761 244 KB
84 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T771YDHSTZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce4775fb357d5c19aa542f0ac43e72cb7ad97fbb1d1cfdde3458bdcf01051807

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86444
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Feb 2024 11:19:53 GMT

POST
H3 200 check_public Show response
www.sitata.com/api/v2/tokens/process/ Frame E761 2 B
524 B 33ms
33ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tD2hTW74KQ1ENcaCCgSRQGzMQ1S9zlyyry27MfRtIFW0aQrNk3VUehkZZqLdZj07kFKyp4dVp1UgJ%2BkGwvIdAZ%2B5sgmCBUrbNuo9JMfaSod2FkA3CsfIEqKX6GEjZo3ERG1ykQV0wKHo6MqN0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8513002edd7f37fb-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: fbb70759d13dc91a59d2881b292a869f

GET
H3 200 countries Show response
www.sitata.com/api/v2/ Frame E761 558 KB
100 KB 149ms
149ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/countries?short=1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0b713d62b2d139ba9868dc01ac00ff2e12dba27742aed89ba659b537f7a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-request-id: 240eb1f88223ea0a2e03a8571bf237c8
last-modified: Tue, 12 Dec 2023 20:06:17 GMT
server: cloudflare
etag: W/ fd0d13d594a95f36c63f6f6675da49fd
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5zfHDABDqqhN%2F7S%2BmeKkedeK4A0%2BfCYOrifuWEQPmaymYWHcNugPg9%2BfH8XnZK%2BaFku5zigYmKyfO0eWLuND4wyHJDAT%2BaS3SP%2FcpoQJiWbbgFBssBgCyVgo18LAQJ59Vug04oYljdjzCrOfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-apo-via: origin,page-rules
cf-ray: 8513002ead5137fb-FRA

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.x/fonts/ Frame E761 276 KB
277 KB 23ms
14ms Font
font/woff2 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@4.x/fonts/materialdesignicons-webfont.woff2?v=4.9.95

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18959
x-jsd-version: 4.9.95
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 283040
x-served-by: cache-fra-eddf8230085-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"451a0-lWoSaMOlEO10NQ05k4FLah/1emU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTvdfYsOFZVXPM8TS1WE4ploTA20YwioERQ7%2FeSHlC%2BIdXHIaH2piXwOflUwrDTjsLPCgmXlyvhQcYsKi2qVfzgwCVl%2BQvks6eYZ4AOrOWbqZ6Cd2o0BUSra9YPq9S0Jot11ApU0VP9opgD0hDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8513002e6a3c9019-FRA

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame E761 47 KB
47 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:59:51 GMT
x-content-type-options: nosniff
age: 577202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:59:51 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1001553572/ Frame E761 42 B
455 B 39ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1001553572/?random=1707218393113&cv=11&fst=1707217200000&bg=ffffff&guid=ON&async=1&gtm=45be41v0v869241431za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Ffnb.thomalex.travel%2F&frm=2&tiba=Check%20your%20entry%20requirements%20for%20travel%20and%20the%20local%20travel%20restrictions%20at%20your%20destination%20%7C%20Sitata&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hCl28dlk4PBDKrULRkUUAMC-E5xavQ&random=15806214&rmt_tld=0&ipr=y

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 11:19:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1001553572/ Frame E761 42 B
455 B 40ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1001553572/?random=1707218393113&cv=11&fst=1707217200000&bg=ffffff&guid=ON&async=1&gtm=45be41v0v869241431za200&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Ffnb.thomalex.travel%2F&frm=2&tiba=Check%20your%20entry%20requirements%20for%20travel%20and%20the%20local%20travel%20restrictions%20at%20your%20destination%20%7C%20Sitata&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hCl28dlk4PBDKrULRkUUAMC-E5xavQ&random=15806214&rmt_tld=1&ipr=y

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 11:19:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 400 user_location Show response
www.sitata.com/api/v2/places/ Frame E761 13 B
578 B 215ms
215ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/places/user_location

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f3f205265c1ac0a3af74d58628a1816a0828c4e47dd8860e02a923e4d65849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Feb 2024 11:19:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13
x-request-id: 6b00720d86d512d4a835a2c846c5434c
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drnmaIgrnTIcAYdNqKqq%2F3GhaTrKOBJKsmHiZIMZyZy%2BxAgNoKDE5CWi3ZDAwkhH4iqgLn7p7BcUzfoiXxUwLBDwJ1K%2FqnbTFKXK8RJyBiUD6pzesOYUwFWXCza9srJ84QbNHLgPnVsO%2BmwSiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-apo-via: origin,page-rules
cf-ray: 851300305f8737fb-FRA

OPTIONS
H3 204 user_location
www.sitata.com/api/v2/places/ Frame 0
0 32ms
32ms Preflight 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/places/user_location

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: GET
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 851300301f5537fb-FRA
date: Tue, 06 Feb 2024 11:19:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vza%2BIC0XcU7uCxa4nt%2BUng6bLTiNQjmZVTMgBhP4CzKGOuXZZ5k3QEwzAQ4BMBfUpbVVbFXlpvlcVYcJsQkxfA7a7%2F%2BeLnaO161Xr3arjOSwK7tDFH89AcVJlY6ER9hEEC201BRGBoJzjaXYzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 2252c9db0c1c67c7440e390f5da3b386

OPTIONS
H3 204 global_summary
www.sitata.com/api/v2/entry_requirements/ Frame 0
0 24ms
24ms Preflight 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/entry_requirements/global_summary?departure_code=null&vaccinated=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: GET
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85130031a90637fb-FRA
date: Tue, 06 Feb 2024 11:19:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHUnn46M%2BOYuT%2BhZC8DkAcJU4mawrelO2T3Dlgmbu8sEpn6PKJ9tyhfaL7L6CnzFhzOE1UuLOubDOYMV0qDsV3kwflcyriuiG4gYE%2F0lOhfgQVK45VGrd%2FgkhLwzZjbZp7%2Frc%2Bgv0Dd%2BAGKybw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: f06119ea6638fe973e000798244f0fd8

GET
H3 200 global_summary Show response
www.sitata.com/api/v2/entry_requirements/ Frame E761 11 KB
2 KB 320ms
320ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/entry_requirements/global_summary?departure_code=null&vaccinated=false

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace676de68f03629f18f25e37c6400c2a1e2055ef3d3c6aab130af2dbc110f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 06 Feb 2024 11:19:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-request-id: 07f01e13a747db4730e4567a576cbe8e
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0rLzKiaqvdIvmc82fvADLayVTifH9DQFyAenty%2BAL2pdkFwQCp4oeWEPABkTFdNZXswgvlKwylHfCcb6poe5w0neoEfFOOKOQ1v%2FdegxlgqdFLWOVoYkTA%2FA5R5ImnA3jvG6Z4TEhBlSgWODw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-apo-via: origin,page-rules
cf-ray: 85130031d92b37fb-FRA

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ Frame E761 24 KB
24 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:03:15 GMT
x-content-type-options: nosniff
age: 576998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:03:15 GMT

GET
H3 200 50m_world_new_min.topojson Show response
www.sitata.com/widgets/ Frame E761 304 KB
305 KB 69ms
69ms XHR
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/50m_world_new_min.topojson

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

524fc08454aded06ebd105d4b2e7130e5c2773d27a80649fa4b361e5f16c1205

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.covidchecker.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 11:19:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1BCA5D9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBI%2FZJo8Z1Xe%2FJuEKMuXaFN4t%2BBjYSmfToYIL75GdIosCz72gRI6biLB7FO%2F%2FpTLT18MGyJN%2BR3Q7rZNhIRoq4XdnenOxxk%2BIudFgK2awHinBgZySDUqs8%2BRCkGkTgtncAddHvTv79bOZ9R7Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public
cf-apo-via: origin,no-cache
cf-ray: 85130033eb6037fb-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fnb.thomalex.travel/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 6C0XPOXNfgiEaTqIW1tSujpkDTzzoNRx6rVQMSP27uKVBpLfiMdR-m9LszfvulzSwT5C9aGTp8RjVldkjzEliLjzrnTi9TTLV3bOscBOu6QQpwTJUM2xNqYJChCo_APsEP8KV24aSWphDrx__rLoZA2
			.doubleclick.net/	1970-01-20 18:13:39	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.sitata.com/api/v2/places/user_location Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fnb.thomalex.travel
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
resvoyage.blob.core.windows.net
www.covidchecker.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.sitata.com
2606:4700:3031::ac43:abf3
2606:4700::6810:5814
2606:4700::6811:190e
2a00:1450:4001:802::200a
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a06:98c1:3121::3
40.121.51.62
52.239.169.4
08a99f98b106ad6a9d263d91f02ba30ff9cdac6dbca519675192f114469edded
0be2c4b3b689c19c28e631a972a745663ad678def6fefc493da88df0e9ba3087
15ade9d3490b1d32afa65cb9a0f0cc491c9aabccd2b2a48893e463765c66c76a
18f3f205265c1ac0a3af74d58628a1816a0828c4e47dd8860e02a923e4d65849
1d2612ceeb4e2fa5600aa076753b5924a166041b960566a7aa1a92153e500b46
3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8
324a10c6d3d78249a021f49cc5a9b3dee7134a739571f0fee53028b4a6f668ee
3966ecd9d6d3203b9b853ad3b2c1f05b29cbfe8152d2396cdd0629bf5ee81830
3a1e31233360ad661f9f48a9bb08138405f09f31ada00ef97f5554a33cc8574b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
524fc08454aded06ebd105d4b2e7130e5c2773d27a80649fa4b361e5f16c1205
5f4ac700a14b1584ba09246989c69cf8391fbd6abca439fc01950266f9a3bb97
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6e014a2ea215f8b2bf9ba11d0e47cf7b6f91d0194ada4df98d340eed148c0b25
7c7c72980b57eeeb3ac6593419b8aeacb2952e95499eebf8e61412596e875f5e
7da3b84e920f2a91b2aa18ee6255ea2fff7f5ef0718297be28e484ed60e6bc2d
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
8b79356aa990cca4585dca5552ddd61973708d004b0c6eac5658ca0e619aa11f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
a5579919e61665f7f14e3e6f63cd0c00baf6d36fb49ccd720fb4c3736970fc18
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ace676de68f03629f18f25e37c6400c2a1e2055ef3d3c6aab130af2dbc110f8a
bec8a6cfeb17d129ceb4f7befb0857dfd16fca09729d4541c1176b27e6051132
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c71ec046be4ffb60d4b9c307b73c0fc8e8d6f3d9a5b6aae5a15ded9fb2b16d9a
cacd6851dd67a005c0b95433fc00807bd604bf07776216a99cfb9b49768a9b00
ce4775fb357d5c19aa542f0ac43e72cb7ad97fbb1d1cfdde3458bdcf01051807
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee
d4f3246deb6787117e5c4c3c7eb873a9874861da6f2612ee1269ec4672490f56
dd0b713d62b2d139ba9868dc01ac00ff2e12dba27742aed89ba659b537f7a96e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb9e025c458a290ea6efb45935088487a9f4f8b55a1e08cb31420633108694c
e9497bc97cc02ef869137ccab51b0049473c046a1921e49cadfa94820f88d6eb
ebd713db9a49554980ca78b058c8255e510e11e658ba1983f076e3e7c8024bb6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

fnb.thomalex.travel Open in urlscan Pro 40.121.51.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

85 %IPv6

13 Domains

13 Subdomains

13 IPs

2 Countries

3277 kBTransfer

6992 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fnb.thomalex.travel Open in urlscan Pro
40.121.51.62 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

85 %
IPv6

13
Domains

13
Subdomains

13
IPs

2
Countries

3277 kB
Transfer

6992 kB
Size

2
Cookies

45 HTTP transactions
0 data transactions