fnb.thomalex.travel Open in urlscan Pro
40.121.51.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fnb.thomalex.travel/
Effective URL:
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
Submission: On February 26 via api (February 26th 2024, 11:26:09 am UTC) from ZA — Scanned from DE

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 45 HTTP transactions. The main IP is 40.121.51.62, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fnb.thomalex.travel.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 7th 2023. Valid for: a year.

This is the only time fnb.thomalex.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	40.121.51.62 40.121.51.62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.239.169.4 52.239.169.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1 5	2606:4700:303... 2606:4700:3035::6815:600c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	13

11 40.121.51.62 (Washington, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fnb.thomalex.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.169.4 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

resvoyage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6815:600c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.covidchecker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sitata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	sitata.com www.sitata.com	1 MB
11	thomalex.travel 1 redirects fnb.thomalex.travel	1 MB
5	covidchecker.com 1 redirects www.covidchecker.com	67 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	344 KB
4	gstatic.com fonts.gstatic.com	118 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	4 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 306	314 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6553	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	16 KB
1	windows.net resvoyage.blob.core.windows.net	4 KB
45	13

	Domain	Requested by
12	www.sitata.com	www.covidchecker.com www.sitata.com cdnjs.cloudflare.com
11	fnb.thomalex.travel	1 redirects fnb.thomalex.travel
5	www.covidchecker.com	1 redirects fnb.thomalex.travel www.covidchecker.com
4	www.googletagmanager.com	www.covidchecker.com www.googletagmanager.com www.sitata.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	fnb.thomalex.travel www.covidchecker.com www.sitata.com
2	cdn.jsdelivr.net	www.sitata.com cdn.jsdelivr.net
1	www.google.de	www.covidchecker.com
1	www.google.com	www.covidchecker.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.covidchecker.com
1	resvoyage.blob.core.windows.net	fnb.thomalex.travel
45	13

This site contains links to these domains. Also see Links.

Domain
thomalex.com
www.sitata.com

Subject Issuer	Validity	Valid
*.thomalex.travel Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
covidchecker.com GTS CA 1P5	`2024-02-07` - `2024-05-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sitata.com GTS CA 1P5	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
Frame ID: 445987D8413B2CA52C32DDB82DA0A5F7
Requests: 14 HTTP requests in this frame

Frame: https://www.covidchecker.com/de/embed
Frame ID: FCA3501DAAD86C95286808696E50E039
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account

Page URL History Show full URLs

https://fnb.thomalex.travel/ HTTP 302
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f Page URL

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Semantic UI (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+semantic(?:\.min)\.css"
/semantic(?:-([\d.]+))?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

45
Requests

100 %
HTTPS

85 %
IPv6

13
Domains

13
Subdomains

13
IPs

2
Countries

3282 kB
Transfer

7003 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://thomalex.com/
Title: Thomalex

Search URL Search Domain Scan URL

URL: https://www.sitata.com/
Title: Sitata

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fnb.thomalex.travel/ HTTP 302
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.covidchecker.com/embed HTTP 302
https://www.covidchecker.com/de/embed

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request LogOn Show response
fnb.thomalex.travel/Account/
Redirect Chain

https://fnb.thomalex.travel/
https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

24 KB
24 KB

127ms
127ms

Document
text/html

40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

df30ff68cb3469d54e812e463d8827d37e4adee0b4d957fbc3d29958e3088bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private
content-length: 24533
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private
content-length: 145
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 11:26:04 GMT
location: /Account/LogOn?ReturnUrl=%2f
referrer-policy: unsafe-url
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff

GET
H2 200 semantic.min.css
fnb.thomalex.travel/Content/Semantic_UI/ 614 KB
615 KB 357ms
356ms Stylesheet
text/css 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7c7c72980b57eeeb3ac6593419b8aeacb2952e95499eebf8e61412596e875f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 14:54:22 GMT
etag: "a6fc64847f9d51:0"
content-type: text/css
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 628886
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 waitscreen.css
fnb.thomalex.travel/Content/ 403 B
488 B 365ms
365ms Stylesheet
text/css 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/waitscreen.css

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e014a2ea215f8b2bf9ba11d0e47cf7b6f91d0194ada4df98d340eed148c0b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:46 GMT
etag: "28a8e339d142d51:0"
content-type: text/css
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 403
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 logon.css
fnb.thomalex.travel/Content/ 2 KB
2 KB 366ms
366ms Stylesheet
text/css 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/logon.css?6

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cacd6851dd67a005c0b95433fc00807bd604bf07776216a99cfb9b49768a9b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 23 Jun 2022 08:02:16 GMT
etag: "e1aed58dd786d81:0"
content-type: text/css
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1910
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 vue.min.js Show response
fnb.thomalex.travel/Scripts/ 91 KB
92 KB 123ms
122ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/vue.min.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Fri, 27 Dec 2019 12:52:05 GMT
etag: "e94a1571b4bcd51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 93678
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H/1.1 200
OK 79751a6ac92e438996b7f526b1c6e562.png
resvoyage.blob.core.windows.net/africa/client-images/login/ 4 KB
4 KB 528ms
129ms Image
image/png 52.239.169.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resvoyage.blob.core.windows.net/africa/client-images/login/79751a6ac92e438996b7f526b1c6e562.png
Requested by: Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.169.4 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3966ecd9d6d3203b9b853ad3b2c1f05b29cbfe8152d2396cdd0629bf5ee81830

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 26 Feb 2024 11:26:04 GMT
Last-Modified: Mon, 08 Nov 2021 09:59:02 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ECqrL9P7WAE53AZDJAANKQ==
ETag: 0x8D9A29E64CACA82
Content-Type: image/png
x-ms-request-id: 21977630-901e-0011-14a6-680dd2000000
x-ms-version: 2009-09-19
Content-Length: 4015

GET
H2 200 jquery-3.5.1.min.js Show response
fnb.thomalex.travel/Scripts/ 87 KB
88 KB 250ms
250ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/jquery-3.5.1.min.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 02 Feb 2023 15:07:52 GMT
etag: "45123f1f1837d91:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 89478
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 antiforgery.js Show response
fnb.thomalex.travel/Scripts/Plugins/ 2 KB
2 KB 122ms
122ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/Plugins/antiforgery.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3a1e31233360ad661f9f48a9bb08138405f09f31ada00ef97f5554a33cc8574b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:46 GMT
etag: "69302f3ad142d51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2436
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 waitscreen.js Show response
fnb.thomalex.travel/Scripts/Plugins/ 3 KB
3 KB 122ms
122ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/Plugins/waitscreen.js?version=1

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

324a10c6d3d78249a021f49cc5a9b3dee7134a739571f0fee53028b4a6f668ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:46 GMT
etag: "a816323ad142d51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3149
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 semantic.min.js Show response
fnb.thomalex.travel/Scripts/ 269 KB
269 KB 122ms
122ms Script
application/javascript 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Scripts/semantic.min.js

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ebd713db9a49554980ca78b058c8255e510e11e658ba1983f076e3e7c8024bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:04 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 14:54:22 GMT
etag: "36d41e4847f9d51:0"
content-type: application/javascript
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 275740
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 css
fonts.googleapis.com/ 3 KB
885 B 134ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e245f87c91e4cc60c4f66311f2691f187b9f710259f5f75cd6beff7598d6ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 11:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 10:33:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 11:26:05 GMT

GET
H2

200

embed Show response
www.covidchecker.com/de/ Frame FCA3
Redirect Chain

https://www.covidchecker.com/embed
https://www.covidchecker.com/de/embed

9 KB
4 KB

57ms
57ms

Document
text/html

2606:4700:3035::6815:600c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/de/embed

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0be2c4b3b689c19c28e631a972a745663ad678def6fefc493da88df0e9ba3087

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fnb.thomalex.travel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b7d4c528d7b8a2-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 11:26:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOrjGQqazQjnp66nZRHOI3n73z%2Fbxz%2FWrlc%2BnHhGD%2FoizTf%2FcQJslKEwTN7sG7pwQ%2F6mEm46IbLXCjyE06f480Ccv%2B9H9nE6iUtGOp3UXdCmpIeJ9lVD5XoHyTajz1S6X1H5He%2FMnBYhtVPgiVoQk%2FTOIw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 7a692123384c4fef5c95461590b3a080

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b7d4c4a81eb8a2-AMS
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 11:26:05 GMT
location: /de/embed
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3Ja2CXBIuXKqL8gdfpjy8kvdT%2FMrmQBzk2%2FGF6z%2BN%2FnBbMNr1%2BtOl4IDCBC8nE0lZwfjXF7XJz8MVeJ8yw8iRjBhYnX0iSuOCHrT6kpSd0YI8jWMPpDlagAgUr8Ak53I%2FxSsGFXWBnJokYQhr5rxHVakw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e2bacfc81d4a409a161b825b3de4356e

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fnb.thomalex.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:34:39 GMT
x-content-type-options: nosniff
age: 445886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:34:39 GMT

GET
H2 200 icons.woff2
fnb.thomalex.travel/Content/Semantic_UI/themes/default/assets/fonts/ 55 KB
56 KB 123ms
122ms Font
application/font-woff2 40.121.51.62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://fnb.thomalex.travel/Content/Semantic_UI/themes/default/assets/fonts/icons.woff2

Requested by

Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
Origin: https://fnb.thomalex.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 26 Feb 2024 11:26:05 GMT
referrer-policy: unsafe-url
x-content-type-options: nosniff
last-modified: Thu, 25 Jul 2019 10:10:45 GMT
etag: "b56b9639d142d51:0"
content-type: application/font-woff2
access-control-allow-origin: https://fnb.thomalex.travel, *
access-control-expose-headers: Request-Context
accept-ranges: bytes
access-control-allow-headers: *
content-length: 56780
request-context: appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 163ms
78ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fnb.thomalex.travel
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:27:45 GMT
x-content-type-options: nosniff
age: 446300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:27:45 GMT

GET
H2 200 app-987b106af26bf3909f6c6e6d2bdb32a9.css
www.covidchecker.com/css/ Frame FCA3 209 KB
38 KB 59ms
58ms Stylesheet
text/css 2606:4700:3035::6815:600c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/css/app-987b106af26bf3909f6c6e6d2bdb32a9.css?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b79356aa990cca4585dca5552ddd61973708d004b0c6eac5658ca0e619aa11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606059
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 11:05:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QWlTwQy0ggPRwtVBi884%2BYhV7J3agMVoZGyxY%2FcMSsfgQIVBh4VUOH%2BRVnSMVXFnXUSBdQ%2FjCZogqzUayXhImZYUbqvGgFfl510gY20PL2ihQirVORZB19qX8HOjZk1vyGx2PD2tGMAkRlpNAyogxS%2Fgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85b7d4c58957b8a2-AMS

GET
H2 200 landing-713172ace8fb8d44b8367c16f938527f.css
www.covidchecker.com/css/ Frame FCA3 123 KB
18 KB 55ms
54ms Stylesheet
text/css 2606:4700:3035::6815:600c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/css/landing-713172ace8fb8d44b8367c16f938527f.css?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2612ceeb4e2fa5600aa076753b5924a166041b960566a7aa1a92153e500b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2864832
cf-polished: origSize=125948
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 24 Jan 2024 07:38:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtEw45ECnnO1BMlERN2LI%2FfjY5HzW0WKu6a%2BBcdLgkOz25wy9OvU99IDnMXlFGqyBDyqmIlUkl%2F%2B2UubfL%2BrOGANlKCxjwCFa8zly3HZsTsScrmaYfj3rWGgU0uC3PdhQkWjj8UrGLUB5oZjdNWjSvSeKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85b7d4c5895bb8a2-AMS

GET
H2 200 sitata-covid-map-v3.js Show response
www.sitata.com/widgets/ Frame FCA3 2 KB
1 KB 294ms
171ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map-v3.js

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9497bc97cc02ef869137ccab51b0049473c046a1921e49cadfa94820f88d6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1556
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"2E57A5A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8knW6gKJx0fNPAllkj40aWxkLTFdoiZg1AI6LmtARk5gunNz5BABliukSfr2raWtETfDXJJiQCEbDEEe1uQ79zQlXkDAbmkV9lz0iWaM4KOlYfyypmUgb2qK01mnrqMIe5U%2BEuqKU1zV05LFiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 85b7d4c64c7b7916-CDG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FCA3 179 KB
66 KB 140ms
54ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1830bfa960dc491c1af252db317629d89b6fe4cad88a754ff84678d9fd2e03d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66750
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Feb 2024 11:26:05 GMT

GET
H2 200 modernizr-1b4b8536bbe44b9d705dbe2c12aed66e.js Show response
www.covidchecker.com/js/ Frame FCA3 19 KB
7 KB 65ms
65ms Script
application/javascript 2606:4700:3035::6815:600c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidchecker.com/js/modernizr-1b4b8536bbe44b9d705dbe2c12aed66e.js?vsn=d

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:600c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ade9d3490b1d32afa65cb9a0f0cc491c9aabccd2b2a48893e463765c66c76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/de/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 883915
cf-polished: origSize=61602
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 05:54:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IjMUNR2VFp7w5WXcTtFLlIMu1nYHWJL%2BYkILXzXw3Wq1ypn6mfQscVaA5Ksz1Jk4gqup%2FeHdModJRwHEbG6Xs65JtYf5z0MgHkPKb0Xm4aPf3008BtE61OQn2DSDg2g32YRvMQtX7ce8mGTR1ytW2llBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 85b7d4c5895db8a2-AMS

GET
H2 200 css2
fonts.googleapis.com/ Frame FCA3 17 KB
2 KB 48ms
48ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/css/app-987b106af26bf3909f6c6e6d2bdb32a9.css?vsn=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5489d34c6faf46a989be459cc0a3a28be86fb219aef6750c69d1410ddb9fe7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 11:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 10:40:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 11:26:05 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/ Frame FCA3 56 KB
16 KB 128ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidchecker.com/
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2831427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15626
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-df59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnFxtm3aZLi8Za%2BD7LJeuqdnkEGdUXfScPwF%2FXa20CRAPx9zlmZ1fHPEGL%2F5JLrGJChOz4jLoZ3Lz4%2BEKwsfM8IlQ6nQUug%2F8c52MeqGf%2B%2FbKNnlWYbf1D4kGW2SByLOpCxvdEX0OYA5Cz8ZIgDuXaJs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85b7d4c6edeb380f-FRA
expires: Sat, 15 Feb 2025 11:26:05 GMT

GET
H2 200 sitata-covid-map-v3.1.0.13.js Show response
www.sitata.com/widgets/ Frame FCA3 2 MB
760 KB 220ms
220ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.js

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae8040b1cd5d988a5269fff6502477c05431643cd0448a56ea0ea7f7629928c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4C81C7E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzRvIeQDo6iKeDMB67n%2F1esr6b357FFAlh2ZjF9dNLTWvu7GKjQKw2PrIQvIN803QLT85C2erD2UieC5ThxbrCZ1zhWTEXpdHKSwBj5OmY57dNM90Bt9UL9haKc4BeuFxUt3C7Eo1CT4qss7Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 85b7d4c76e1a7916-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sitata-covid-map-v3.1.0.13.css
www.sitata.com/widgets/ Frame FCA3 690 KB
72 KB 409ms
409ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb9e025c458a290ea6efb45935088487a9f4f8b55a1e08cb31420633108694c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7F87B00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI3YeVJLrq4QnmLK9N3vO6TOOWomc3cAriSgkR1pD1jKviDo7BE%2Fu5OngzmjeWxFjHEERDwZOL%2FvvW5zC15J2okbJQ37Ow1edzhRaEu0zxLdfL9J%2BgM%2FrLTf8CoH97O9FRcVvwHWvB2nNMRQtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 85b7d4c76e177916-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FCA3 52 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Feb 2024 09:32:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6843
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 26 Feb 2024 11:32:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame FCA3 332 KB
107 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1001553572&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a320ec776625f79c1cf0a3a34ad8671e72a4fc638ff65a2d5237c005b1a7ee63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 109856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Feb 2024 11:26:06 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1001553572/ Frame FCA3 3 KB
2 KB 162ms
76ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1001553572/?random=1708946766165&cv=11&fst=1708946766165&bg=ffffff&guid=ON&async=1&gtm=45be42l0v869241431za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Ffnb.thomalex.travel%2F&top=https%3A%2F%2Ffnb.thomalex.travel%2F&hn=www.googleadservices.com&frm=2&tiba=Check%20your%20entry%20requirements%20for%20travel%20and%20the%20local%20travel%20restrictions%20at%20your%20destination%20%7C%20Sitata&npa=0&pscdl=noapi&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1001553572&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1250418fc0ebf990f26b62674301a4239e09d8473741db75714ef6784f6e9355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 11:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1001553572/ Frame FCA3 42 B
455 B 138ms
52ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1001553572/?random=1708946766165&cv=11&fst=1708945200000&bg=ffffff&guid=ON&async=1&gtm=45be42l0v869241431za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Ffnb.thomalex.travel%2F&frm=2&tiba=Check%20your%20entry%20requirements%20for%20travel%20and%20the%20local%20travel%20restrictions%20at%20your%20destination%20%7C%20Sitata&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq_JD7jetmzvNhG_7X3vxtS-MauapB3Q&random=2127870682&rmt_tld=0&ipr=y

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 11:26:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1001553572/ Frame FCA3 42 B
455 B 139ms
53ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1001553572/?random=1708946766165&cv=11&fst=1708945200000&bg=ffffff&guid=ON&async=1&gtm=45be42l0v869241431za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.covidchecker.com%2Fde%2Fembed&ref=https%3A%2F%2Ffnb.thomalex.travel%2F&frm=2&tiba=Check%20your%20entry%20requirements%20for%20travel%20and%20the%20local%20travel%20restrictions%20at%20your%20destination%20%7C%20Sitata&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq_JD7jetmzvNhG_7X3vxtS-MauapB3Q&random=2127870682&rmt_tld=1&ipr=y

Requested by

Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 11:26:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FCA3 13 KB
891 B 59ms
59ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sitata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 11:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:06:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 11:26:06 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.x/css/ Frame FCA3 218 KB
37 KB 134ms
52ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sitata.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11067
x-jsd-version: 4.9.95
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230138-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"3690d-+C8LymUllOTB/eRBaefREVF0ZzU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uqjjsz4Sbn0x5f060JDmMp2%2Fc5kj%2FPYp5JbVa0vw46chhtXgGls6A77sLJm%2BZhxXaDWO6PlprJAXPOfjpvvQ1t4Hyb8KRglBdFlWsuae6WdVgtF8LwUsiizH7zF8QzWXeUr6nn5dlRH2gNTHfcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85b7d4ca99bb37f1-FRA

OPTIONS
H3 204 check_public
www.sitata.com/api/v2/tokens/process/ Frame 0
0 214ms
112ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: POST
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b7d4cbedbf702e-CDG
date: Mon, 26 Feb 2024 11:26:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaUIhReenOnig7ehG3PJ0jGfVrhXqwgyVeb%2Fw%2FpOKLWRZTJt0AyF0QheXkXil0ZWFSaO%2BmmlDkRuDzpkSnrZXQQfRHutL9%2FEyC72FFUQjP6Pr8zrSMzpFFgHePWR8TMglM3174vfHXpgUrhDgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 3141b154377d796c619adb7c335de932

OPTIONS
H3 204 countries
www.sitata.com/api/v2/ Frame 0
0 214ms
113ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/countries?short=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: GET
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b7d4cbedc4702e-CDG
date: Mon, 26 Feb 2024 11:26:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WesXVEBwatIlk1Wy67lqvxiRRv7asdtnyGzsEoPJetedM2A6iEczeRE%2BeMFtgvEWqn2De1BSwHy%2BU95vZWZ409pXa6rBmhyF2JMAebHgJF5Dn%2BZurabf6HyCU97epBHbMhBR68Hj1rmdhGW9Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 4dd64ddfd3fcf0b86ac09a6e4b1a8dfa

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame FCA3 247 KB
85 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T771YDHSTZ

Requested by

Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ff92aee233a7f16fea4b33f284a0090c7009ad697f36a4f738ac9dd6e31b8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Feb 2024 11:26:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame FCA3 247 KB
85 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T771YDHSTZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbf81301a8461a12c0ef999998d284aeaccee427b91d37fa5c57b64289c28cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.covidchecker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 26 Feb 2024 11:26:06 GMT

POST
H3 200 check_public Show response
www.sitata.com/api/v2/tokens/process/ Frame FCA3 2 B
532 B 80ms
79ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCXOimFOXQ9vAxm3JhtWzT1Fi1u56CU6ViMvDYA4Xx25zLt8O7kS%2F6tKy65Vo2bY%2FShqbb30GxuzitndH4%2BDvZOOPaa2DRPnnviqj4IN%2BNlMrmLgYR3GxFU6WK%2B%2BOCNhH6FbWfKZMVg8x%2FKlFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 85b7d4cc9f06702e-CDG
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: 1a2f5006f15790b64601663db4078c5b

GET
H3 200 countries Show response
www.sitata.com/api/v2/ Frame FCA3 558 KB
101 KB 197ms
196ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/countries?short=1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0b713d62b2d139ba9868dc01ac00ff2e12dba27742aed89ba659b537f7a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-request-id: c1d1952d1c897f3b587750747e1bc6a8
last-modified: Tue, 12 Dec 2023 20:06:17 GMT
server: cloudflare
etag: W/ fd0d13d594a95f36c63f6f6675da49fd
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMScnfK%2BqhL6vYsUrCgEdHhfpGfi2DIjbmVs1BxF2P8Kyk5nHXl9fNOSgtnb1TjFsoATjNqT42e9M3t8ukWpb2G3fGx54nMTwy11Qng1fQruXH3UhhaTTuOqn1rv3AgFzr1JVUiT3WBr%2FHCVTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-apo-via: origin,page-rules
cf-ray: 85b7d4cc9f09702e-CDG

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame FCA3 47 KB
47 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 03:51:57 GMT
x-content-type-options: nosniff
age: 459249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 03:51:57 GMT

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.x/fonts/ Frame FCA3 276 KB
277 KB 93ms
50ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@4.x/fonts/materialdesignicons-webfont.woff2?v=4.9.95

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21340
x-jsd-version: 4.9.95
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 283040
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"451a0-lWoSaMOlEO10NQ05k4FLah/1emU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FnhzVKyjiGlU143WR%2BF3DzVFvDdLnmtIoUjxVlwhSyXpwvUTWTIvftNHWIUVn63LUo2cJlsWBUaQCaASe7JgiotST5AHX%2Fmaps1lKOiWYwckq%2BZAmkQ95W88wuxiTAQ7WeK7M1AwTvP6CjqvUlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85b7d4cbfe643718-FRA

GET
H3 400 user_location Show response
www.sitata.com/api/v2/places/ Frame FCA3 13 B
575 B 280ms
280ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/places/user_location

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f3f205265c1ac0a3af74d58628a1816a0828c4e47dd8860e02a923e4d65849

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Feb 2024 11:26:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13
x-request-id: 3db78e8fd8600f7461584801a5556158
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCQ2IiACZp0QsrC8%2B1lrQgy0xBpydzu6sFVasB6lCUS74i8T0LINmPwHxQTrbGP0XTTlacLeLQc5BOh3N5PjRLdTF%2BfJQehV5574U9yvOxlo08gygM%2B83wgtwJFhetG4%2FgZ2YTGErfN9LAmYQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-apo-via: origin,page-rules
cf-ray: 85b7d4cfbd26702e-CDG

OPTIONS
H3 204 user_location
www.sitata.com/api/v2/places/ Frame 0
0 75ms
75ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/places/user_location

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: GET
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b7d4cf4c4a702e-CDG
date: Mon, 26 Feb 2024 11:26:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YF8FR8UftjDyzX757hZUTvNZ0CcQrjSRubFH9CRMKzk1V%2FljO83fJhPQhhAsZRlsQUYdKLeQ3bBQ4p8Arwx1Z4H5RSL3%2B%2BGjvM3jHH3xFfv4RbfgwxWwcgxkB55tzqemvjZLjydLLxgKsvu67Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 10642df96dcd8450f5fafc9ed28e8c05

OPTIONS
H3 204 global_summary
www.sitata.com/api/v2/entry_requirements/ Frame 0
0 75ms
74ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/entry_requirements/global_summary?departure_code=null&vaccinated=false

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,sit-widget-referer
Access-Control-Request-Method: GET
Origin: https://www.covidchecker.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,sit-widget-referer
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b7d4d18825702e-CDG
date: Mon, 26 Feb 2024 11:26:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuIR7GhvC9ZZzezKRyLZ%2FoAHoZu2PI6H%2B2Y81NsEfcKJ00cK%2FaqwmzaKyQ25%2F1pSbe4gKmkEbm2BPHCE388FEr%2BQUP2Fv7iwgqey%2FOdqxbSDRInREjbLMwPQTPnUaaHR5XxUQ9LpaQrz1TakdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 01d6746b213df7f8d1b3a9c66fa9e622

GET
H3 200 global_summary Show response
www.sitata.com/api/v2/entry_requirements/ Frame FCA3 11 KB
2 KB 110ms
110ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/api/v2/entry_requirements/global_summary?departure_code=null&vaccinated=false

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faaf8c67ad43b0cac79bac2913fb032a9425af390088084d47539b8ab026176b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer: https://fnb.thomalex.travel/
Referer: https://www.covidchecker.com/
Accept-Language: de-DE,de;q=0.9
Authorization: PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Feb 2024 11:26:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-request-id: bc1f923364dc610b6da7e782acf21488
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAR0l5uM5kK9l%2B45YHl5N60%2F9zmgnJjmqbllhbBa6%2FXJ5Es8pPAh8g15uWMaEbnwIRiUL4JMM3NoTS9%2BU2Awxundb9KTTaMfCqFzI7y1%2BIYmINhrD9YFK65%2BlwlcRiXR%2FzTUj%2BqI%2FQcAHxox3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-apo-via: origin,page-rules
cf-ray: 85b7d4d1f8f7702e-CDG

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ Frame FCA3 24 KB
24 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.covidchecker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:53:28 GMT
x-content-type-options: nosniff
age: 444759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:53:28 GMT

GET
H3 200 50m_world_new_min.topojson Show response
www.sitata.com/widgets/ Frame FCA3 304 KB
305 KB 85ms
85ms XHR
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sitata.com/widgets/50m_world_new_min.topojson

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

524fc08454aded06ebd105d4b2e7130e5c2773d27a80649fa4b361e5f16c1205

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.covidchecker.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:26:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"52CCFE8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uksV%2BRrkfszUq0Ngi3ozKkgmcyOjY53750oLCG1XHV6h7VkArD1%2BysTtgn1vL0qFq3DI%2FSyAHKjpRjXV8Ibq%2FgxSYGOI%2BJCGBXOU0iGYH9NfuXpEOSP0gGJPW%2BhbyLkXgSlddHMlq54Esxpsjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public
cf-apo-via: origin,no-cache
cf-ray: 85b7d4d2ba10702e-CDG
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fnb.thomalex.travel/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 3tywk7fwIL-YIRIvSP_1yTBy4ozMYzDe05AIQPw-Dz-a3Qr_E16EVZhJZiLPqDWdufmxpkfGWwlzE3c79GRZbbU4nAuUOBZ_aMExzhSC5sCCV9zxSrV0bJQBGsXqpoT5zTKMixJwsXljlLZBrFsykw2
			.doubleclick.net/	1970-01-20 18:42:27	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fnb.thomalex.travel/Account/LogOn?ReturnUrl=%2f Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.sitata.com/api/v2/places/user_location Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fnb.thomalex.travel
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
resvoyage.blob.core.windows.net
www.covidchecker.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.sitata.com
2606:4700:3035::6815:600c
2606:4700::6810:5514
2606:4700::6811:180e
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a06:98c1:3120::3
40.121.51.62
52.239.169.4
0be2c4b3b689c19c28e631a972a745663ad678def6fefc493da88df0e9ba3087
1250418fc0ebf990f26b62674301a4239e09d8473741db75714ef6784f6e9355
15ade9d3490b1d32afa65cb9a0f0cc491c9aabccd2b2a48893e463765c66c76a
1830bfa960dc491c1af252db317629d89b6fe4cad88a754ff84678d9fd2e03d0
18f3f205265c1ac0a3af74d58628a1816a0828c4e47dd8860e02a923e4d65849
1d2612ceeb4e2fa5600aa076753b5924a166041b960566a7aa1a92153e500b46
1ff92aee233a7f16fea4b33f284a0090c7009ad697f36a4f738ac9dd6e31b8e8
3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8
324a10c6d3d78249a021f49cc5a9b3dee7134a739571f0fee53028b4a6f668ee
3966ecd9d6d3203b9b853ad3b2c1f05b29cbfe8152d2396cdd0629bf5ee81830
3a1e31233360ad661f9f48a9bb08138405f09f31ada00ef97f5554a33cc8574b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
524fc08454aded06ebd105d4b2e7130e5c2773d27a80649fa4b361e5f16c1205
5489d34c6faf46a989be459cc0a3a28be86fb219aef6750c69d1410ddb9fe7ac
5e245f87c91e4cc60c4f66311f2691f187b9f710259f5f75cd6beff7598d6ddd
6e014a2ea215f8b2bf9ba11d0e47cf7b6f91d0194ada4df98d340eed148c0b25
7c7c72980b57eeeb3ac6593419b8aeacb2952e95499eebf8e61412596e875f5e
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
8b79356aa990cca4585dca5552ddd61973708d004b0c6eac5658ca0e619aa11f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
a320ec776625f79c1cf0a3a34ad8671e72a4fc638ff65a2d5237c005b1a7ee63
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ae8040b1cd5d988a5269fff6502477c05431643cd0448a56ea0ea7f7629928c3
bbf81301a8461a12c0ef999998d284aeaccee427b91d37fa5c57b64289c28cbe
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cacd6851dd67a005c0b95433fc00807bd604bf07776216a99cfb9b49768a9b00
dd0b713d62b2d139ba9868dc01ac00ff2e12dba27742aed89ba659b537f7a96e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb9e025c458a290ea6efb45935088487a9f4f8b55a1e08cb31420633108694c
df30ff68cb3469d54e812e463d8827d37e4adee0b4d957fbc3d29958e3088bb1
e9497bc97cc02ef869137ccab51b0049473c046a1921e49cadfa94820f88d6eb
ebd713db9a49554980ca78b058c8255e510e11e658ba1983f076e3e7c8024bb6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
faaf8c67ad43b0cac79bac2913fb032a9425af390088084d47539b8ab026176b

fnb.thomalex.travel Open in urlscan Pro 40.121.51.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

85 %IPv6

13 Domains

13 Subdomains

13 IPs

2 Countries

3282 kBTransfer

7003 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fnb.thomalex.travel Open in urlscan Pro
40.121.51.62 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

85 %
IPv6

13
Domains

13
Subdomains

13
IPs

2
Countries

3282 kB
Transfer

7003 kB
Size

2
Cookies

45 HTTP transactions
0 data transactions