urlscan.io logo urlscan.io
SecurityTrails logo

travelbyinvestec.co.za Open in urlscan Pro
2606:4700::6812:4ea  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://insurance.travelbyinvestec.co.za/
Effective URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Submission: On February 23 via manual from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 30 HTTP transactions. The main IP is 2606:4700::6812:4ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is travelbyinvestec.co.za.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2021. Valid for: a year.
This is the only time travelbyinvestec.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 54.155.222.85 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 52.212.232.57 16509 (AMAZON-02)
1 15.236.176.210 16509 (AMAZON-02)
1 1 54.194.191.134 16509 (AMAZON-02)
30 7
17    2606:4700::6812:4ea (United States)

ASN13335 (CLOUDFLARENET, US)
insurance.travelbyinvestec.co.za
www.travelbyinvestec.co.za
travelbyinvestec.co.za
3    2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
7    2606:4700::6812:5ea (United States)

ASN13335 (CLOUDFLARENET, US)
travelbyinvestec.co.za
3    54.155.222.85 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-222-85.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.212.232.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
investec.demdex.net
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
invbnk.d3.sc.omtrdc.net
1    54.194.191.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com
cm.everesttech.net
Apex Domain
Subdomains		 Transfer
24 travelbyinvestec.co.za
insurance.travelbyinvestec.co.za
www.travelbyinvestec.co.za
travelbyinvestec.co.za
223 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
investec.demdex.net
6 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 505
84 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 881
517 B
1 omtrdc.net
invbnk.d3.sc.omtrdc.net
321 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
26 KB
30 6
Domain Requested by
21 travelbyinvestec.co.za travelbyinvestec.co.za
3 dpm.demdex.net 1 redirects
3 assets.adobedtm.com travelbyinvestec.co.za
assets.adobedtm.com
2 insurance.travelbyinvestec.co.za 1 redirects
1 cm.everesttech.net 1 redirects
1 invbnk.d3.sc.omtrdc.net assets.adobedtm.com
1 investec.demdex.net assets.adobedtm.com
1 connect.facebook.net assets.adobedtm.com
1 www.travelbyinvestec.co.za 1 redirects
30 9

This site contains links to these domains. Also see Links.

Domain
www.investec.co.za
www.investec.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-27 -
2022-06-26		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-02 -
2022-03-02		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Frame ID: 94ABD4695684B751F4C938882E902121
Requests: 29 HTTP requests in this frame

Frame: https://investec.demdex.net/dest5.html?d_nsid=0
Frame ID: 9DA539EB485ED9805EF6316020312D83
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found : Travel By Investec

Page URL History Show full URLs

  1. http://insurance.travelbyinvestec.co.za/ HTTP 301
    https://insurance.travelbyinvestec.co.za/ Page URL
  2. https://www.travelbyinvestec.co.za/uat-insurance/insurance.php HTTP 301
    https://travelbyinvestec.co.za/uat-insurance/insurance.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

30
Requests

93 %
HTTPS

50 %
IPv6

6
Domains

9
Subdomains

7
IPs

4
Countries

338 kB
Transfer

965 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://insurance.travelbyinvestec.co.za/ HTTP 301
    https://insurance.travelbyinvestec.co.za/ Page URL
  2. https://www.travelbyinvestec.co.za/uat-insurance/insurance.php HTTP 301
    https://travelbyinvestec.co.za/uat-insurance/insurance.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://insurance.travelbyinvestec.co.za/ HTTP 301
  • https://insurance.travelbyinvestec.co.za/
Request Chain 16
  • https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1645600592366 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1645600592366
Request Chain 28
  • https://cm.everesttech.net/cm/dd?d_uuid=23007804349383482570594284101239915794 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhXfUAAAAFw_QgQp

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
insurance.travelbyinvestec.co.za/
Redirect Chain
  • http://insurance.travelbyinvestec.co.za/
  • https://insurance.travelbyinvestec.co.za/
224 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insurance.travelbyinvestec.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 23 Feb 2022 07:16:31 GMT
content-type
text/html; charset=UTF-8
last-modified
Tue, 18 Dec 2018 09:42:33 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e1eab4f4981917c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Wed, 23 Feb 2022 07:16:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 23 Feb 2022 08:16:31 GMT
Location
https://insurance.travelbyinvestec.co.za/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6e1eab4eca915b92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request insurance.php
travelbyinvestec.co.za/uat-insurance/
Redirect Chain
  • https://www.travelbyinvestec.co.za/uat-insurance/insurance.php
  • https://travelbyinvestec.co.za/uat-insurance/insurance.php
18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.15
Resource Hash
59f49b3cabedf35d30a38bf57f276c66f3b10de446312baeb8a692ac7c34ac0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://insurance.travelbyinvestec.co.za/

Response headers

date
Wed, 23 Feb 2022 07:16:32 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.15
expires
0
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e1eab539c26917c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 23 Feb 2022 07:16:31 GMT
content-type
text/html; charset=UTF-8
location
https://travelbyinvestec.co.za/uat-insurance/insurance.php
x-powered-by
PHP/7.4.15
expires
0
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-redirect-by
WordPress
strict-transport-security
max-age=10886400; includeSubDomains
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6e1eab51e847917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
travelbyinvestec.co.za/wp-includes/css/dist/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-includes/css/dist/block-library/style.min.css?ver=5.7.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"e33b-5ce2988bc31ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab556913917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
styles.css
travelbyinvestec.co.za/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 13 Feb 2022 10:44:43 GMT
server
cloudflare
etag
W/"aab-5d7e3fcd918ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab556914917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
slick.css
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/css/ 		2 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/css/slick.css?ver=5.7.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de15b2ac3708bdc4b8201206b5028157b3955e1eea3f07f7f96f8b296818609
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"6bd-5ce2988b51592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab556916917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
jquery.min.js
travelbyinvestec.co.za/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"15d98-5ce2988beba5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab556917917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
jquery-migrate.min.js
travelbyinvestec.co.za/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"2bd8-5ce2988beaea5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab55691a917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
tracking-script.js
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/js/ 		5 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/js/tracking-script.js?ver=5.7.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b76d9c09c7517f90142ea947983f07a048a2de42a5fdc453e2fe4c8a932f68
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"121f-5ce2988b53ca3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab55691d917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
launch-ENd6668700e6ad4d64a37c3d34c489ee03.min.js
assets.adobedtm.com/ 		239 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-ENd6668700e6ad4d64a37c3d34c489ee03.min.js?ver=5.7.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b9c9ef28aeda2fefa374d598822b27832ea87ae88a026fec23cdb47c6f7531a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 11:17:28 GMT
server
AkamaiNetStorage
etag
"59949506f2786385a65229d525e2fdd3:1634901448.607796"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://travelbyinvestec.co.za
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
70790
expires
Wed, 23 Feb 2022 08:16:32 GMT
style.css
travelbyinvestec.co.za/wp-content/themes/investec/ 		86 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55fb413da62d1a5946374ca5447bb214948f29ea35d3408d1ea6b98de98df087
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 09:40:56 GMT
server
cloudflare
etag
W/"157ae-5d303de919b40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab55691e917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
email-decode.min.js
travelbyinvestec.co.za/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Feb 2022 13:46:32 GMT
server
cloudflare
etag
W/"620d0038-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6e1eab556920917c-FRA
vary
Accept-Encoding
expires
Fri, 25 Feb 2022 07:16:32 GMT
wp-polyfill.min.js
travelbyinvestec.co.za/wp-includes/js/dist/vendor/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"183ee-5ce2988bea2ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab556921917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
index.js
travelbyinvestec.co.za/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 13 Feb 2022 10:44:43 GMT
server
cloudflare
etag
W/"25f8-5d7e3fcd9288c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab556923917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
slick.min.js
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/js/slick.min.js?ver=1.0.0
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"a76f-5ce2988b53ca3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab557942917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
main.js
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/js/main.js?ver=1.0.0
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3464641b01c56d67f3fb1501e763812e40dcb75114464d51551cb6fbe55e5fc
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Nov 2021 13:43:02 GMT
server
cloudflare
etag
W/"1b64-5d19d27476cbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab557944917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
wp-embed.min.js
travelbyinvestec.co.za/wp-includes/js/ 		1 KB
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-includes/js/wp-embed.min.js?ver=5.7.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"592-5ce2988c13718"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab557946917c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
wp-emoji-release.min.js
travelbyinvestec.co.za/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-includes/js/wp-emoji-release.min.js?ver=5.7.5
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/uat-insurance/insurance.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"3795-5ce2988c13b00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab561d975c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1645600592366
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1645600592366
367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1645600592366
Protocol
HTTP/1.1
Server
54.155.222.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-222-85.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
67b6864f35d4c8b6e2c050efff575d23a3329cb45f1647a86c8b903ef3a811f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v028-0fdc66182.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ZqWhVyU4Rv8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://travelbyinvestec.co.za
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
309
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v028-098796982.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://travelbyinvestec.co.za
X-TID
sOZ9HAJMRgA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=38AC7FBA57E2AF467F000101%40AdobeOrg&d_nsid=0&ts=1645600592366
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd6668700e6ad4d64a37c3d34c489ee03.min.js?ver=5.7.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"820eb42f3120ddf65e303b24a8285815:1634593036.305122"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://travelbyinvestec.co.za
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12200
expires
Wed, 23 Feb 2022 08:16:32 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd6668700e6ad4d64a37c3d34c489ee03.min.js?ver=5.7.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://travelbyinvestec.co.za
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Wed, 23 Feb 2022 08:16:32 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd6668700e6ad4d64a37c3d34c489ee03.min.js?ver=5.7.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
3Gz+QvmP03TW3NbfGVjDnsDisCO0QtAxULhgPTDrT0l1aEARH2KdsDQLQvfb9T9i/9Y7jZdE8C81StPPtsSngw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 23 Feb 2022 07:16:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
HelveticaNeueLTStd-Bd_1.ttf
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/ 		27 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/HelveticaNeueLTStd-Bd_1.ttf
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83a634ef4581ef370145a79ecd3668eb4e297ef7d870f65d227a00b19579a1e3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Referer
https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Origin
https://travelbyinvestec.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"6c04-5ce2988b52533"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-sfnt
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab567e8f5c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
HelveticaNeueLTStd-Lt_1.ttf
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/ 		27 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/HelveticaNeueLTStd-Lt_1.ttf
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1d111837540aab42c90d89b36c265dfc1b79ba5a9ba235c593b692c2a76425
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Referer
https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Origin
https://travelbyinvestec.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"6cc4-5ce2988b52533"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-sfnt
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab567e925c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
investec-travel.woff2
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/investec-travel.woff2
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e157ec8174729d6efbf2ed782ae34fe8351ae0fd98dd7e13c9338c7fcc391095
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Referer
https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Origin
https://travelbyinvestec.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
"1418-5ce2988b52d03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
accept-ranges
bytes
cf-ray
6e1eab567e955c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5144
expires
0
HelveticaNeueLTStd-Roman_1.ttf
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/ 		27 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/HelveticaNeueLTStd-Roman_1.ttf
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4173f68f96e3a589a9dc417046c25b46c6f06455b478de884f927aa5020c3e9
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Referer
https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Origin
https://travelbyinvestec.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"6b08-5ce2988b5291b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-sfnt
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab567e965c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
HelveticaNeueLTStd-Md.ttf
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/ 		27 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/HelveticaNeueLTStd-Md.ttf
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47293b53bf27a0f6f2b60693a80c5191e2694caa43fd3af3c04ca25a29981dbb
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Referer
https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Origin
https://travelbyinvestec.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"6bd8-5ce2988b5291b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-sfnt
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab567e995c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
BauerBodoniStd-Roman.woff
travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://travelbyinvestec.co.za/wp-content/themes/investec/travel-by-investec/fonts/BauerBodoniStd-Roman.woff
Requested by
Host: travelbyinvestec.co.za
URL: https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973d44fa8eed322e9b6a3dc2deda695479435d73a32ab8b3288086fc1da89b1c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains

Request headers

Referer
https://travelbyinvestec.co.za/wp-content/themes/investec/style.css
Origin
https://travelbyinvestec.co.za
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Feb 2022 07:16:32 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Oct 2021 15:31:06 GMT
server
cloudflare
etag
W/"7b60-5ce2988b5214b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=10886400; includeSubDomains
cf-ray
6e1eab567e9b5c2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
dest5.html
investec.demdex.net/ Frame 9DA5 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://investec.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd6668700e6ad4d64a37c3d34c489ee03.min.js?ver=5.7.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.232.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Wed, 23 Feb 2022 07:16:32 GMT
DCS
dcs-prod-irl1-1-v028-0b93e6370.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 14 Feb 2022 15:45:14 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
hXq6exN8RMw=
Content-Length
2791
Connection
keep-alive
id
invbnk.d3.sc.omtrdc.net/ 		2 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invbnk.d3.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=38AC7FBA57E2AF467F000101%40AdobeOrg&mid=22532920599432172020618150457761968065&ts=1645600592658
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENd6668700e6ad4d64a37c3d34c489ee03.min.js?ver=5.7.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://travelbyinvestec.co.za/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 23 Feb 2022 07:16:32 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-cdfbd77b-hzsqb
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://travelbyinvestec.co.za
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YhXfUAAAAFw_QgQp
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=23007804349383482570594284101239915794
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhXfUAAAAFw_QgQp
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhXfUAAAAFw_QgQp
Protocol
HTTP/1.1
Server
54.155.222.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-222-85.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://travelbyinvestec.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v028-0d490b61c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vJakiixuRk8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YhXfUAAAAFw_QgQp
Date
Wed, 23 Feb 2022 07:16:32 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer string| page_location object| path_array object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| fbq function| _fbq object| adobeDataLayer object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wpcf7 function| removeLoader object| wp number| x function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| twemoji object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| dc object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd

8 Cookies

Domain/Path Name / Value
.travelbyinvestec.co.za/ Name: __cf_bm
Value: yihybSmi_51lEWpOeSNqHlmb7f9DCuuZLNGvylFXy7I-1645600591-0-AaqlIKXK9fMeirPu3+bx7W/icDT4KgWa1VL6U0dAih0vWYXvS6i0MZKjYS4qJuJUtncdn6UXhRIw6zkWMmdOJ1U=
www.travelbyinvestec.co.za/ Name: PHPSESSID
Value: 3uhtste09ukdpc3soj6337n1m6
travelbyinvestec.co.za/ Name: PHPSESSID
Value: mpqlbks9n8u1fjp46k05vi9m21
.demdex.net/ Name: demdex
Value: 23007804349383482570594284101239915794
.travelbyinvestec.co.za/ Name: AMCVS_38AC7FBA57E2AF467F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YhXfUAAAAFw_QgQp
.dpm.demdex.net/ Name: dpm
Value: 23007804349383482570594284101239915794
.travelbyinvestec.co.za/ Name: AMCV_38AC7FBA57E2AF467F000101%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19047%7CMCMID%7C22532920599432172020618150457761968065%7CMCAAMLH-1646205392%7C6%7CMCAAMB-1646205392%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1645607792s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19054%7CvVersion%7C5.3.0

1 Console Messages

Source Level URL
Text
network error URL: https://travelbyinvestec.co.za/uat-insurance/insurance.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
insurance.travelbyinvestec.co.za
invbnk.d3.sc.omtrdc.net
investec.demdex.net
travelbyinvestec.co.za
www.travelbyinvestec.co.za
15.236.176.210
2606:4700::6812:4ea
2606:4700::6812:5ea
2a02:26f0:6c00:299::1e80
2a03:2880:f01c:8012:face:b00c:0:3
52.212.232.57
54.155.222.85
54.194.191.134
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0de15b2ac3708bdc4b8201206b5028157b3955e1eea3f07f7f96f8b296818609
18b76d9c09c7517f90142ea947983f07a048a2de42a5fdc453e2fe4c8a932f68
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47293b53bf27a0f6f2b60693a80c5191e2694caa43fd3af3c04ca25a29981dbb
55fb413da62d1a5946374ca5447bb214948f29ea35d3408d1ea6b98de98df087
59f49b3cabedf35d30a38bf57f276c66f3b10de446312baeb8a692ac7c34ac0a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67b6864f35d4c8b6e2c050efff575d23a3329cb45f1647a86c8b903ef3a811f9
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83a634ef4581ef370145a79ecd3668eb4e297ef7d870f65d227a00b19579a1e3
973d44fa8eed322e9b6a3dc2deda695479435d73a32ab8b3288086fc1da89b1c
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
b9c9ef28aeda2fefa374d598822b27832ea87ae88a026fec23cdb47c6f7531a1
bd1d111837540aab42c90d89b36c265dfc1b79ba5a9ba235c593b692c2a76425
c4173f68f96e3a589a9dc417046c25b46c6f06455b478de884f927aa5020c3e9
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
e157ec8174729d6efbf2ed782ae34fe8351ae0fd98dd7e13c9338c7fcc391095
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3464641b01c56d67f3fb1501e763812e40dcb75114464d51551cb6fbe55e5fc