fnb.thomalex.travel
Open in
urlscan Pro
40.121.51.62
Public Scan
Effective URL: https://fnb.thomalex.travel/Account/LogOn
Submission: On July 11 via api from ZA — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 7th 2023. Valid for: a year.
This is the only time fnb.thomalex.travel was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 12 | 40.121.51.62 40.121.51.62 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 52.239.169.4 52.239.169.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:303... 2606:4700:3035::6815:600c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 5 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
fnb.thomalex.travel |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
resvoyage.blob.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
thomalex.travel
2 redirects
fnb.thomalex.travel |
1 MB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
2 |
windows.net
resvoyage.blob.core.windows.net |
10 KB |
1 |
covidchecker.com
www.covidchecker.com |
|
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108 |
885 B |
16 | 5 |
Domain | Requested by | |
---|---|---|
12 | fnb.thomalex.travel |
2 redirects
fnb.thomalex.travel
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | resvoyage.blob.core.windows.net |
fnb.thomalex.travel
|
1 | www.covidchecker.com |
fnb.thomalex.travel
|
1 | fonts.googleapis.com |
fnb.thomalex.travel
|
16 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
thomalex.com |
www.sitata.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.thomalex.travel Go Daddy Secure Certificate Authority - G2 |
2023-12-07 - 2025-01-07 |
a year | crt.sh |
*.blob.core.windows.net Microsoft RSA TLS CA 01 |
2023-09-27 - 2024-09-27 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
www.covidchecker.com WE1 |
2024-06-29 - 2024-09-27 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://fnb.thomalex.travel/Account/LogOn
Frame ID: 4C54826828652CEB4142C2282A55991E
Requests: 15 HTTP requests in this frame
Frame:
https://www.covidchecker.com/embed
Frame ID: 0910766081F479CC8695A94C7D1A94D2
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
AccountPage URL History Show full URLs
-
https://fnb.thomalex.travel/
HTTP 302
https://fnb.thomalex.travel/Account/InitialPageResolver?ReturnUrl=%2f HTTP 302
https://fnb.thomalex.travel/Account/LogOn Page URL
Detected technologies
Semantic UI (UI frameworks) ExpandDetected patterns
- <link[^>]+semantic(?:\.min)\.css"
- /semantic(?:-([\d.]+))?(?:\.min)?\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Thomalex
Search URL Search Domain Scan URL
Title: Sitata
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fnb.thomalex.travel/
HTTP 302
https://fnb.thomalex.travel/Account/InitialPageResolver?ReturnUrl=%2f HTTP 302
https://fnb.thomalex.travel/Account/LogOn Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
LogOn
fnb.thomalex.travel/Account/ Redirect Chain
|
24 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.min.css
fnb.thomalex.travel/Content/Semantic_UI/ |
614 KB 615 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waitscreen.css
fnb.thomalex.travel/Content/ |
403 B 489 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logon.css
fnb.thomalex.travel/Content/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
fnb.thomalex.travel/Scripts/ |
91 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
79751a6ac92e438996b7f526b1c6e562.png
resvoyage.blob.core.windows.net/africa/client-images/login/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
fnb.thomalex.travel/Scripts/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
antiforgery.js
fnb.thomalex.travel/Scripts/Plugins/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
waitscreen.js
fnb.thomalex.travel/Scripts/Plugins/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.min.js
fnb.thomalex.travel/Scripts/ |
269 KB 269 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 885 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed
www.covidchecker.com/ Frame 0910 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icons.woff2
fnb.thomalex.travel/Content/Semantic_UI/themes/default/assets/fonts/ |
55 KB 56 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2f6d72c03b3e4f32bb2d2bf8763b3126.jpg
resvoyage.blob.core.windows.net/africa/client-images/client-site-item/ |
6 KB 6 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| Vue string| returnUrl object| app function| $ function| jQuery10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
fnb.thomalex.travel/ | Name: __RequestVerificationToken Value: cCoVwTuMOeQPuFtzFWvBRLrDUj5atP49525vR1wJDDdh-1rGyyF24elvvHDgXYDcx7ZVGaxALAWu7LlFIOrKPD1EC6iDflCCjfkQhlNGurTaOAITUgfIf6xNcdlI-_BmzUQKv7aSXAc3gA64heOUXw2 |
|
.tiktok.com/ | Name: _ttp Value: 2j68z33aOOn5eWGggDgJ70WlU2b |
|
.twitter.com/ | Name: guest_id_marketing Value: v1%3A172069642425543891 |
|
.twitter.com/ | Name: guest_id_ads Value: v1%3A172069642425543891 |
|
.twitter.com/ | Name: personalization_id Value: "v1_mQRJIDulHMcy1qZrxokgeg==" |
|
.twitter.com/ | Name: guest_id Value: v1%3A172069642425543891 |
|
.t.co/ | Name: muc_ads Value: bab8ea1e-53eb-4377-9cce-ccb5328d1e4c |
|
.linkedin.com/ | Name: bcookie Value: "v=2&57a0e91f-b063-4169-897b-28f33790b808" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MjA2OTY0MjQ7MjswMjENcp8X5tVXq47JYawf1/qQd20y8Rv/atYeuH+pDKSmYQ== |
|
.linkedin.com/ | Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3397:u=1:x=1:i=1720696424:t=1720782824:v=2:sig=AQHPjZ7D4O4cGenDGT4fws-6JNIAlJfI" |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fnb.thomalex.travel
fonts.googleapis.com
fonts.gstatic.com
resvoyage.blob.core.windows.net
www.covidchecker.com
2606:4700:3035::6815:600c
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
40.121.51.62
52.239.169.4
324a10c6d3d78249a021f49cc5a9b3dee7134a739571f0fee53028b4a6f668ee
3966ecd9d6d3203b9b853ad3b2c1f05b29cbfe8152d2396cdd0629bf5ee81830
3a1e31233360ad661f9f48a9bb08138405f09f31ada00ef97f5554a33cc8574b
442d7fc83fee4902f7fbfd707adde6e71896479b2ae4c7bfe463de2520cfc697
5e245f87c91e4cc60c4f66311f2691f187b9f710259f5f75cd6beff7598d6ddd
6e014a2ea215f8b2bf9ba11d0e47cf7b6f91d0194ada4df98d340eed148c0b25
7c7c72980b57eeeb3ac6593419b8aeacb2952e95499eebf8e61412596e875f5e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cacd6851dd67a005c0b95433fc00807bd604bf07776216a99cfb9b49768a9b00
ebd713db9a49554980ca78b058c8255e510e11e658ba1983f076e3e7c8024bb6
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
ff7715fbd5eac476d8fdc0daa2dc700ac455d6b1c71cf5bf91013457e9bf4919