travelit.tvst.travel Open in urlscan Pro
40.127.8.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u25504965.ct.sendgrid.net/ls/click?upn=u001.eWYdqZT-2FqVWfe7Z-2FAEzTFtUgzPaYkffyv5IbAYz2H-2BauKMGKAxYIu6FdQ6sV0xQj-2BacsF9...
Effective URL:
https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
Submission: On September 13 via manual (September 13th 2024, 11:34:47 am UTC) from IN — Scanned from CA

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 40.127.8.237, located in Johannesburg, South Africa and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is travelit.tvst.travel.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 22nd 2024. Valid for: a year.

This is the only time travelit.tvst.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.74 167.89.118.74	11377 (SENDGRID) (SENDGRID)
16	40.127.8.237 40.127.8.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.64.78 142.250.64.78	15169 (GOOGLE) (GOOGLE)
17	2

1 167.89.118.74 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x74.outbound-mail.sendgrid.net

u25504965.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 40.127.8.237 (Johannesburg, South Africa)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

travelit.tvst.travel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	tvst.travel travelit.tvst.travel	508 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
1	sendgrid.net 1 redirects u25504965.ct.sendgrid.net	308 B
17	3

	Domain	Requested by
16	travelit.tvst.travel	travelit.tvst.travel
1	www.google-analytics.com	travelit.tvst.travel
1	u25504965.ct.sendgrid.net	1 redirects
17	3

This site contains no links.

Subject Issuer	Validity	Valid
*.tvst.travel Sectigo RSA Organization Validation Secure Server CA	`2024-04-22` - `2025-05-21`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
Frame ID: B5F9A425E11C8DABA328325E07AABE1E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TravelIT - Confirm Password Reset

Page URL History Show full URLs

https://u25504965.ct.sendgrid.net/ls/click?upn=u001.eWYdqZT-2FqVWfe7Z-2FAEzTFtUgzPaYkffyv5IbAYz2H-2BauKMGKAxYI... HTTP 302
https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3 Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

528 kB
Transfer

832 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u25504965.ct.sendgrid.net/ls/click?upn=u001.eWYdqZT-2FqVWfe7Z-2FAEzTFtUgzPaYkffyv5IbAYz2H-2BauKMGKAxYIu6FdQ6sV0xQj-2BacsF93bS8G1e9AW44XT9g-2FpCp1Cg0YUs23-2B2X1yJ1nQcwRj8TJsLR3RpbPsGRV3w7ldTt0nKGDp5hcdjmMAVr1WM2fBFfJJE6Sy-2FoJMRX0-3DhFp0_EkDNOnbwG9F-2FOLdS3gSqjRUs-2Foppn-2FV-2BiH1jUM-2FSoLKObCyl-2B4Q6IkW1eHTJDLSJd3P8m0jYHMBdWiSJrWNYUmrYLcg8Fn650zYIxluENvgcFXd5E5VTheusO1F6-2F9twD-2B-2B8IMOJhAZR1ocTEcZQ7oXf9sOpewpi4siqA5KqrFeiSlH6PP8FVKFoQ2WnsKV69XKjynk-2FSmePfIWiN-2BXEyExDKcyTGQwHHWCjhmgFPJv9iQgXAJXG7v9IgVft9a6UCYRf0pEB6MM9eeAskIPK5nuLtcGEB4igNkpgrG4GDqo-3D HTTP 302
https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request ResetConfirmation.aspx Show response
travelit.tvst.travel/application/
Redirect Chain

https://u25504965.ct.sendgrid.net/ls/click?upn=u001.eWYdqZT-2FqVWfe7Z-2FAEzTFtUgzPaYkffyv5IbAYz2H-2BauKMGKAxYIu6FdQ6sV0xQj-2BacsF93bS8G1e9AW44XT9g-2FpCp1Cg0YUs23-2B2X1yJ1nQcwRj8TJsLR3RpbPsGRV3w7ldT...
https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

25 KB
27 KB

2659ms
1864ms

Document
text/html

40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

3fead38b856c28734c4c0be423bc20f81b89d1df98b4b98c5d65253f0270c626

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers: Request-Context travelit-state
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 25505
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Sep 2024 11:34:41 GMT
Expect-CT: max-age=30
Expires: -1
Permissions-Policy: geolocation=(self)
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Request-Context: appId=cid-v1:78cad39b-f8ad-4211-b671-fdf46198bea6
Server: TravelIT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8
Date: Fri, 13 Sep 2024 11:34:38 GMT
Location: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK MobileFriendly.css
travelit.tvst.travel/application/css/ 2 KB
4 KB 268ms
265ms Stylesheet
text/css 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/application/css/MobileFriendly.css

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

3b783e58f730a84417dff348f6b323d2e9a8f301e2a78dbca0241601e9beb676

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:41 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 2015
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 02 May 2024 12:26:14 GMT
Server: TravelIT
ETag: "07751ec8b9cda1:0"
Expect-CT: max-age=30
X-Frame-Options: sameorigin
Content-Type: text/css
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-min.js Show response
travelit.tvst.travel/CDN/2cf7ff6a/ 85 KB
32 KB 1038ms
520ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/CDN/2cf7ff6a/jquery-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

36187585f95e0932ec82a619838cff4a4a16e71473fffe7d57eaaaea0e16f928

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 30295
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 30 Jun 2023 11:22:28 GMT
Server: TravelIT
ETag: "0f262745abd91:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui-min.js Show response
travelit.tvst.travel/CDN/2cf7ff6a/ 249 KB
69 KB 809ms
266ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/CDN/2cf7ff6a/jquery-ui-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

06b52ceec973855bc439a6d643093b5d51bdb31a11d86516e8e0ab05ff70adbb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 68287
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 30 Jun 2023 09:47:41 GMT
Server: TravelIT
ETag: "809c4fe937abd91:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-tmpl-min.js Show response
travelit.tvst.travel/CDN/2cf7ff6a/ 6 KB
5 KB 1286ms
258ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/CDN/2cf7ff6a/jquery-tmpl-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

dfee1fe127c3a828a6f88e3ef6e8d1d7f8a3750e6f9d9e24520992a2294696a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 2679
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Jun 2023 16:28:50 GMT
Server: TravelIT
ETag: "0cd39cfca97d91:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-blockUI-min.js Show response
travelit.tvst.travel/CDN/2cf7ff6a/ 9 KB
6 KB 1303ms
261ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/CDN/2cf7ff6a/jquery-blockUI-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

d284de2e1f4f04e4bdc2a74458526dc09e00f7599114e5b8b0deabe7e784cef4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 3406
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 30 Jun 2023 11:29:59 GMT
Server: TravelIT
ETag: "8015d83346abd91:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK crypto-js-min.js Show response
travelit.tvst.travel/CDN/2cf7ff6a/ 46 KB
18 KB 1338ms
266ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/CDN/2cf7ff6a/crypto-js-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

288574134a26c5b5f21f0e118a36d3a93244f26873108579312edf2c51bb917a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 16112
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 03 Jul 2023 08:28:05 GMT
Server: TravelIT
ETag: "8018d54988add91:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK aes-min.js Show response
travelit.tvst.travel/CDN/2cf7ff6a/ 2 KB
4 KB 1370ms
261ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/CDN/2cf7ff6a/aes-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

9d2324da115b05d11b9876e759bb7bd2589fa772abde237c9dbdb572f6e2d5fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 1413
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 05 Jun 2023 16:28:49 GMT
Server: TravelIT
ETag: "f65c1ecfca97d91:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui-min.css
travelit.tvst.travel/CDN/2cf7ff6a/ 30 KB
10 KB 536ms
266ms Stylesheet
text/css 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/CDN/2cf7ff6a/jquery-ui-min.css?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

1ac2799b995a2699dcab36a8dc359a5f766925a4f357bc6f0f9dfb76adb9b68a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 7409
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 03 Jul 2023 08:55:59 GMT
Server: TravelIT
ETag: "80399d2f8cadd91:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: text/css
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK TTS3-combined-min.css
travelit.tvst.travel/application/css/ 10 KB
13 KB 1024ms
511ms Stylesheet
text/css 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/application/css/TTS3-combined-min.css?%3C%=RandomUID%%3E

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

f567764d47d26b355e5fb8de39a3417151fc39f6d75b1450ed48f2d689046069

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 10474
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Jun 2024 08:02:28 GMT
Server: TravelIT
ETag: "0c2b3dc55c1da1:0"
Expect-CT: max-age=30
X-Frame-Options: sameorigin
Content-Type: text/css
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK TTS9-combined-min.js Show response
travelit.tvst.travel/application/js/ 9 KB
5 KB 1545ms
258ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/application/js/TTS9-combined-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

0ffe8b89ec5fbf33d13baecddb6fa72b1a20a34c5c64605c3ef146c1b1ce12f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 2556
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Jun 2024 08:02:28 GMT
Server: TravelIT
ETag: "0c2b3dc55c1da1:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK TTS10-combined-min.js Show response
travelit.tvst.travel/application/js/ 4 KB
4 KB 1566ms
262ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/application/js/TTS10-combined-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

ae8bd3776d4d4e55ed853e48c0946a65f52470e7b49df2d62fe692423e94492e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 1333
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Jun 2024 08:02:28 GMT
Server: TravelIT
ETag: "0c2b3dc55c1da1:0"
Expect-CT: max-age=30
Vary: Accept-Encoding
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK TTS8-combined-min.js Show response
travelit.tvst.travel/application/js/ 2 KB
4 KB 1606ms
265ms Script
application/javascript 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/application/js/TTS8-combined-min.js?B0D456B8-F7AE-4F8C-A8D8-122D37A62E18

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

03e6193dbe931a241257a9ce380e95ee79daf666ca982c42f9620dbbe9365427

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:42 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 2102
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 18 Jun 2024 08:02:28 GMT
Server: TravelIT
ETag: "0c2b3dc55c1da1:0"
Expect-CT: max-age=30
X-Frame-Options: sameorigin
Content-Type: application/javascript
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK travelit%20logo%20grey.png
travelit.tvst.travel/application/images/ 13 KB
15 KB 586ms
520ms Image
image/png 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelit.tvst.travel/application/images/travelit%20logo%20grey.png

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

6547659e1acba0f098b4f31bbefd05360409685cee5b16f27f699bd8ca4cc594

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 13300
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 02 May 2024 12:26:18 GMT
Server: TravelIT
ETag: "0d1b3ee8b9cda1:0"
Expect-CT: max-age=30
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK bottombar.png
travelit.tvst.travel/application/images/ 253 KB
256 KB 469ms
261ms Image
image/png 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelit.tvst.travel/application/images/bottombar.png

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

7a4e589b47551f81909277a284db06e72225a2acd6d9c63e1d6bea6e1084921c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 259239
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 02 May 2024 12:26:16 GMT
Server: TravelIT
ETag: "0a482ed8b9cda1:0"
Expect-CT: max-age=30
X-Frame-Options: sameorigin
Content-Type: image/png
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 112ms
33ms Script
text/javascript 142.250.64.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: travelit.tvst.travel
URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.78 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Sep 2024 10:51:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2566
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 13 Sep 2024 12:51:57 GMT

GET
H/1.1 200
OK favicon.ico
travelit.tvst.travel/application/images/iconified/ 34 KB
36 KB 259ms
259ms Other
image/x-icon 40.127.8.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://travelit.tvst.travel/application/images/iconified/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.127.8.237 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TravelIT /

Resource Hash

9b12ef9fe161b6c1887f8d504818dcf039a07651f2c0c43fa3b38b3b1fb8bd21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 11:34:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.tvst.travel *.travel.co.za *.google.com *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.azure.com *.powerbi.com *.powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.googleapis.com *.google-analytics.com *.gstatic.com *.powerbi.com *.powerapps.com *.seal.thawte.comgetthawteseal *.stats.g.doubleclick.net *.aacsw.3ds.verifiedbyvisa.com *.mozilla.github.io https.paygate.co.za https.travelapi.com *.wetu.com *.q-xx.bstatic.com *.cloudfront.net *.iceportal.com *.travelport.leonardocontentcloud.com *.cfmedia.vfmleonardo.com *.hotelzon.com https.hotelbeds.com *.cdn.rawgit.com *.cdn.jsdelivr.net data:; frame-src 'self' *.tvst.travel *.googletagmanager.com *.google.com *.powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Connection: keep-alive
Content-Length: 34494
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 02 May 2024 12:26:18 GMT
Server: TravelIT
ETag: "0d1b3ee8b9cda1:0"
Expect-CT: max-age=30
X-Frame-Options: sameorigin
Content-Type: image/x-icon
Access-Control-Expose-Headers: travelit-state
Permissions-Policy: geolocation=(self)
Accept-Ranges: bytes

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://travelit.tvst.travel/application/ResetConfirmation.aspx?UID=A2851FAF-268F-4278-8719-42698EF386B3 Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' .tvst.travel .travel.co.za .google.com .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .azure.com .powerbi.com .powerapps.com https.services.visualstudio.com httpsseal.thawte.comgetthawteseal httpsstats.g.doubleclick.net httpsmozilla.github.io https.arcot.com https.bankserv.co.za https.capitecbank.co.za https.fnb.co.za https.tymedigital.com https.nedsecure.co.za https.touchtechpayments.com https://cdnjs.cloudflare.com trvlitsanuatcentralservicesignalr.service.signalr.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net httpsauthentication.cardinalcommerce.com stats.g.doubleclick.net analytics.google.com blob www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net stats.g.doubleclick.net; img-src 'self' .tvst.travel .googletagmanager.com .google.com .googleapis.com .google-analytics.com .gstatic.com .powerbi.com .powerapps.com .seal.thawte.comgetthawteseal .stats.g.doubleclick.net .aacsw.3ds.verifiedbyvisa.com .mozilla.github.io https.paygate.co.za https.travelapi.com .wetu.com .q-xx.bstatic.com .cloudfront.net .iceportal.com .travelport.leonardocontentcloud.com .cfmedia.vfmleonardo.com .hotelzon.com https.hotelbeds.com .cdn.rawgit.com .cdn.jsdelivr.net data:; frame-src 'self' .tvst.travel .googletagmanager.com .google.com .powerbi.com *.powerapps.com data:; connect-src 'self' trvlitsanuatcentralservicesignalr.service.signalr.net www.google-analytics.com wss://trvlitsanuatcentralservicesignalr.service.signalr.net https://maps.googleapis.com stats.g.doubleclick.net trvlitsanprodcentralservicesignalr.service.signalr.net wss://trvlitsanprodcentralservicesignalr.service.signalr.net;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

travelit.tvst.travel
u25504965.ct.sendgrid.net
www.google-analytics.com
142.250.64.78
167.89.118.74
40.127.8.237
03e6193dbe931a241257a9ce380e95ee79daf666ca982c42f9620dbbe9365427
06b52ceec973855bc439a6d643093b5d51bdb31a11d86516e8e0ab05ff70adbb
0ffe8b89ec5fbf33d13baecddb6fa72b1a20a34c5c64605c3ef146c1b1ce12f4
1ac2799b995a2699dcab36a8dc359a5f766925a4f357bc6f0f9dfb76adb9b68a
288574134a26c5b5f21f0e118a36d3a93244f26873108579312edf2c51bb917a
36187585f95e0932ec82a619838cff4a4a16e71473fffe7d57eaaaea0e16f928
3b783e58f730a84417dff348f6b323d2e9a8f301e2a78dbca0241601e9beb676
3fead38b856c28734c4c0be423bc20f81b89d1df98b4b98c5d65253f0270c626
6547659e1acba0f098b4f31bbefd05360409685cee5b16f27f699bd8ca4cc594
7a4e589b47551f81909277a284db06e72225a2acd6d9c63e1d6bea6e1084921c
9b12ef9fe161b6c1887f8d504818dcf039a07651f2c0c43fa3b38b3b1fb8bd21
9d2324da115b05d11b9876e759bb7bd2589fa772abde237c9dbdb572f6e2d5fe
ae8bd3776d4d4e55ed853e48c0946a65f52470e7b49df2d62fe692423e94492e
d284de2e1f4f04e4bdc2a74458526dc09e00f7599114e5b8b0deabe7e784cef4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfee1fe127c3a828a6f88e3ef6e8d1d7f8a3750e6f9d9e24520992a2294696a6
f567764d47d26b355e5fb8de39a3417151fc39f6d75b1450ed48f2d689046069

travelit.tvst.travel Open in urlscan Pro 40.127.8.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

528 kBTransfer

832 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

travelit.tvst.travel Open in urlscan Pro
40.127.8.237 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

528 kB
Transfer

832 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions