urlscan.io logo urlscan.io
SecurityTrails logo

fnb.thomalex.travel Open in urlscan Pro
40.121.51.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://fnb.thomalex.travel/Account/LogOn
Submission: On March 11 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 42 HTTP transactions. The main IP is 40.121.51.62, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fnb.thomalex.travel.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 7th 2023. Valid for: a year.
This is the only time fnb.thomalex.travel was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 40.121.51.62 8075 (MICROSOFT...)
1 52.239.169.4 8075 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
12 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
42 10
10    40.121.51.62 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
fnb.thomalex.travel
1    52.239.169.4 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
resvoyage.blob.core.windows.net
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:3031::ac43:abf3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.covidchecker.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
12    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.sitata.com
4    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
12 sitata.com
www.sitata.com
1 MB
10 thomalex.travel
fnb.thomalex.travel
1 MB
5 covidchecker.com
www.covidchecker.com
79 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
348 KB
4 gstatic.com
fonts.gstatic.com
118 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
314 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
21 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
16 KB
1 windows.net
resvoyage.blob.core.windows.net
4 KB
42 10
Domain Requested by
12 www.sitata.com www.covidchecker.com
www.sitata.com
cdnjs.cloudflare.com
10 fnb.thomalex.travel fnb.thomalex.travel
5 www.covidchecker.com 1 redirects fnb.thomalex.travel
www.covidchecker.com
4 www.googletagmanager.com www.covidchecker.com
www.googletagmanager.com
www.sitata.com
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com fnb.thomalex.travel
www.covidchecker.com
www.sitata.com
2 cdn.jsdelivr.net www.sitata.com
cdn.jsdelivr.net
1 www.google-analytics.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.covidchecker.com
1 resvoyage.blob.core.windows.net fnb.thomalex.travel
42 10

This site contains links to these domains. Also see Links.

Domain
thomalex.com
www.sitata.com
Subject Issuer Validity Valid
*.thomalex.travel
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2023-09-27 -
2024-09-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
covidchecker.com
GTS CA 1P5		 2024-02-07 -
2024-05-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
sitata.com
GTS CA 1P5		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://fnb.thomalex.travel/Account/LogOn
Frame ID: AEB30786935B5B4C35EA5BEF6CC2F5C5
Requests: 14 HTTP requests in this frame

Frame: https://www.covidchecker.com/de/embed
Frame ID: 715033F4CD6752970891D41EA79AB62B
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Account

Detected technologies

Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]+semantic(?:\.min)\.css"
  • /semantic(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

42
Requests

100 %
HTTPS

80 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

3295 kB
Transfer

7048 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.covidchecker.com/embed HTTP 302
  • https://www.covidchecker.com/de/embed

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LogOn
fnb.thomalex.travel/Account/ 		24 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ddb010de178f7e1b418d354133e5f167f8a8eff8a6cba7a4a5f2854d9bd060ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private
content-length
24533
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
semantic.min.css
fnb.thomalex.travel/Content/Semantic_UI/ 		614 KB
615 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c7c72980b57eeeb3ac6593419b8aeacb2952e95499eebf8e61412596e875f5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Fri, 13 Mar 2020 14:54:22 GMT
etag
"a6fc64847f9d51:0"
content-type
text/css
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
628886
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
waitscreen.css
fnb.thomalex.travel/Content/ 		403 B
488 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Content/waitscreen.css
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e014a2ea215f8b2bf9ba11d0e47cf7b6f91d0194ada4df98d340eed148c0b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Thu, 25 Jul 2019 10:10:46 GMT
etag
"28a8e339d142d51:0"
content-type
text/css
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
403
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
logon.css
fnb.thomalex.travel/Content/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Content/logon.css?6
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cacd6851dd67a005c0b95433fc00807bd604bf07776216a99cfb9b49768a9b00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Thu, 23 Jun 2022 08:02:16 GMT
etag
"e1aed58dd786d81:0"
content-type
text/css
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
1910
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
vue.min.js
fnb.thomalex.travel/Scripts/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Scripts/vue.min.js
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Fri, 27 Dec 2019 12:52:05 GMT
etag
"e94a1571b4bcd51:0"
content-type
application/javascript
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
93678
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
79751a6ac92e438996b7f526b1c6e562.png
resvoyage.blob.core.windows.net/africa/client-images/login/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resvoyage.blob.core.windows.net/africa/client-images/login/79751a6ac92e438996b7f526b1c6e562.png
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.169.4 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3966ecd9d6d3203b9b853ad3b2c1f05b29cbfe8152d2396cdd0629bf5ee81830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 11 Mar 2024 13:16:41 GMT
Last-Modified
Mon, 08 Nov 2021 09:59:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ECqrL9P7WAE53AZDJAANKQ==
ETag
0x8D9A29E64CACA82
Content-Type
image/png
x-ms-request-id
8870e6bd-b01e-0006-4cb6-73a4d9000000
x-ms-version
2009-09-19
Content-Length
4015
jquery-3.5.1.min.js
fnb.thomalex.travel/Scripts/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Scripts/jquery-3.5.1.min.js
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Thu, 02 Feb 2023 15:07:52 GMT
etag
"45123f1f1837d91:0"
content-type
application/javascript
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
89478
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
antiforgery.js
fnb.thomalex.travel/Scripts/Plugins/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Scripts/Plugins/antiforgery.js
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3a1e31233360ad661f9f48a9bb08138405f09f31ada00ef97f5554a33cc8574b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Thu, 25 Jul 2019 10:10:46 GMT
etag
"69302f3ad142d51:0"
content-type
application/javascript
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
2436
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
waitscreen.js
fnb.thomalex.travel/Scripts/Plugins/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Scripts/Plugins/waitscreen.js?version=1
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
324a10c6d3d78249a021f49cc5a9b3dee7134a739571f0fee53028b4a6f668ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Thu, 25 Jul 2019 10:10:46 GMT
etag
"a816323ad142d51:0"
content-type
application/javascript
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
3149
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
semantic.min.js
fnb.thomalex.travel/Scripts/ 		269 KB
269 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Scripts/semantic.min.js
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ebd713db9a49554980ca78b058c8255e510e11e658ba1983f076e3e7c8024bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Account/LogOn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Fri, 13 Mar 2020 14:54:22 GMT
etag
"36d41e4847f9d51:0"
content-type
application/javascript
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
275740
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
css
fonts.googleapis.com/ 		3 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5e245f87c91e4cc60c4f66311f2691f187b9f710259f5f75cd6beff7598d6ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 13:16:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 12:43:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 13:16:41 GMT
embed
www.covidchecker.com/de/ Frame 7150
Redirect Chain
  • https://www.covidchecker.com/embed
  • https://www.covidchecker.com/de/embed
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.covidchecker.com/de/embed
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Account/LogOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be2c4b3b689c19c28e631a972a745663ad678def6fefc493da88df0e9ba3087
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://fnb.thomalex.travel/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
862bd2087b698ed1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 13:16:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbbltL%2BiT5QEpigvkH3yeTsabk3PiNTozIBxxSy8mr%2F%2BreGW4EEEgWu8wzTb1xVMt61ytgCq6jk3dcspEeqWFzJxtwFaC0dSYxsgOhC%2Bd9%2FJ6Q3hhvkw9KmM00fZT9TwPupLILsFzmPJxt%2Fl7tRDYnEySA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
b9034a76ca94503ad1e027dbc570434f

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
862bd207ea898ed1-FRA
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 13:16:41 GMT
location
/de/embed
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17ucOCZ1e%2F8FMev7I%2BrDPYfcmUpas0TXt9A%2BxCrl1MwaP4dyYHoYloYyEyB6mKw%2FxAHvDouMiyNkyW2WWlnfCE3sUbvZ5kqiU0EuhQpdrADYE12g6wvVJTjG2nFHpqi7ykbX3uQDXWTmrjVeiHvi%2BwKe0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
7809b985c2fc5da996e5a5e8ea4bca4c
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fnb.thomalex.travel
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 23:10:45 GMT
x-content-type-options
nosniff
age
482756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 23:10:45 GMT
icons.woff2
fnb.thomalex.travel/Content/Semantic_UI/themes/default/assets/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fnb.thomalex.travel/Content/Semantic_UI/themes/default/assets/fonts/icons.woff2
Requested by
Host: fnb.thomalex.travel
URL: https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.121.51.62 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://fnb.thomalex.travel/Content/Semantic_UI/semantic.min.css
Origin
https://fnb.thomalex.travel
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Mar 2024 13:16:40 GMT
referrer-policy
unsafe-url
x-content-type-options
nosniff
last-modified
Thu, 25 Jul 2019 10:10:45 GMT
etag
"b56b9639d142d51:0"
content-type
application/font-woff2
access-control-allow-origin
https://fnb.thomalex.travel, *
access-control-expose-headers
Request-Context
accept-ranges
bytes
access-control-allow-headers
*
content-length
56780
request-context
appId=cid-v1:2bf5d0ea-4bb7-4dee-9c42-4f5c1b286ead
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fnb.thomalex.travel
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 16:06:48 GMT
x-content-type-options
nosniff
age
508193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 16:06:48 GMT
app-987b106af26bf3909f6c6e6d2bdb32a9.css
www.covidchecker.com/css/ Frame 7150 		209 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covidchecker.com/css/app-987b106af26bf3909f6c6e6d2bdb32a9.css?vsn=d
Requested by
Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b79356aa990cca4585dca5552ddd61973708d004b0c6eac5658ca0e619aa11f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/de/embed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37249
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 11 Mar 2024 02:55:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duHwvPcvhywYOA3ALdVetrrAIr%2BdgXCImT8QLXHpQhVF0mMb6XlOvZyOXr9SIZ3%2BOQAdvONe0HUvspxAc%2BS6Y1SjIqqXgp0Dujh9HOaA6wi%2FjiYnKyLaIL%2B%2BJs123FEL0uJU7BODCQwIcr57Nbi6kVwTog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
862bd208ad8f1da2-FRA
landing-713172ace8fb8d44b8367c16f938527f.css
www.covidchecker.com/css/ Frame 7150 		123 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covidchecker.com/css/landing-713172ace8fb8d44b8367c16f938527f.css?vsn=d
Requested by
Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d2612ceeb4e2fa5600aa076753b5924a166041b960566a7aa1a92153e500b46
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/de/embed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37249
cf-polished
origSize=125948
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 11 Mar 2024 02:55:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18ONbCWpYWYNXv%2FA6avk9qFbxeuv5L4GafueWnuMm7vy6LKNCYCtFIJXjJ9BUal3JuJ60Qgl0ZVLZ3eqXYErLMDCHhny%2FtvNfxq5ri3higb%2B%2B5H7J3pgatBSIeKhQLuFzc9sqihNFmxHEtb13LD4Mn5aew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
862bd208ad951da2-FRA
sitata-covid-map-v3.js
www.sitata.com/widgets/ Frame 7150 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/widgets/sitata-covid-map-v3.js
Requested by
Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9497bc97cc02ef869137ccab51b0049473c046a1921e49cadfa94820f88d6eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1556
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"4E8492A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LsT56L%2F0FW7VWZ6yfSa6VWnxLdI3Mgh3IuRHgjnlKyr526vS2UZF0LNzkPFFRGcsr6AWl6%2F5vgi6Vubc7LQ%2F1ONRgfp8zDODsH81fEFN0n94A%2B7dvC%2Foj7Li8AoMWLOB4FO4zB05ZPgKkMh%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
862bd208fa168ed6-FRA
js
www.googletagmanager.com/gtag/ Frame 7150 		181 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-32631831-1
Requested by
Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
36f39fac3496d9f3519070fbd94f1ab17feef8842cfdcdca92b6609bdcfb3536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67847
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 11 Mar 2024 13:16:41 GMT
modernizr-1b4b8536bbe44b9d705dbe2c12aed66e.js
www.covidchecker.com/js/ Frame 7150 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covidchecker.com/js/modernizr-1b4b8536bbe44b9d705dbe2c12aed66e.js?vsn=d
Requested by
Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:abf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb03c6bb471f925fe646891ce38c19a586f3a060d2f81f420e0deb24e0616349
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/de/embed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 13:16:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baXkYcG%2FenjzFZ61Znen3eVHazltXdd%2B2%2Bdu8XwtiGrC9SVzbrnYxBsiTHf7Ip%2BanodkGIoDHqSW009PYbVbnbK431F2%2BfMgfChvaR1JwA56aMLGG36DRXWnW9NLMdG3e5GNT7TwDASpGO3v0oksUTVKYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
862bd208bdb51da2-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ Frame 7150 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Requested by
Host: www.covidchecker.com
URL: https://www.covidchecker.com/css/app-987b106af26bf3909f6c6e6d2bdb32a9.css?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5489d34c6faf46a989be459cc0a3a28be86fb219aef6750c69d1410ddb9fe7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 13:16:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 12:30:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 13:16:41 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/ Frame 7150 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js
Requested by
Host: www.covidchecker.com
URL: https://www.covidchecker.com/de/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covidchecker.com/
Origin
https://www.covidchecker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5250070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15626
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-df59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqP%2BPGr%2Fb0jvwl%2F9IGKyoI7SxI92EbbU7EUxeixM9or91Bgbhk5lRe66DojY%2FU9GdVqzYd03yPDjo7mcMKvJ8bGSbB7koyZzQQ%2BLliu8%2B2pKbonrxxeRKqoHbNAtnVsPgQJsQGbcQVVV0mMauDma5Y2l"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862bd2092aa91cc5-FRA
expires
Sat, 01 Mar 2025 13:16:41 GMT
sitata-covid-map-v3.1.0.13.js
www.sitata.com/widgets/ Frame 7150 		2 MB
760 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.js
Requested by
Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae8040b1cd5d988a5269fff6502477c05431643cd0448a56ea0ea7f7629928c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1CA3CC2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eji%2BUsQ1mcALErbYA6PUXCIgkQZWtiZwO%2BqIgDRq15Gk3eZpfAfDqXdCmGB73BV4RO07HDzTAEiQKnPpJhpx5nIzauc5dCVQV01K1cPNOvGnlhkHYtyyFeS%2B4hqA1%2B7i%2BwxJtNupBCZgWFR0Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
862bd2097ab98ed6-FRA
alt-svc
h3=":443"; ma=86400
sitata-covid-map-v3.1.0.13.css
www.sitata.com/widgets/ Frame 7150 		690 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css
Requested by
Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb9e025c458a290ea6efb45935088487a9f4f8b55a1e08cb31420633108694c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3E19416"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=az9yjTEiE9%2Fz%2F4LjYIMv5cGh0pUhXr%2BOV7f2qEmnbtBrwsvcWZryFAAWiQfGxu1mZX6WyymyDbUmp0FZHzLv9%2BBI3ggmXr%2B3rZ63rkGKDKPae6cTSCYvb3GrgBW%2BK9b7lIqaZrcErDXcabekxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
862bd2097ab78ed6-FRA
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ Frame 7150 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Mar 2024 11:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5879
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 11 Mar 2024 13:38:42 GMT
js
www.googletagmanager.com/gtag/ Frame 7150 		334 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1001553572&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28929464417a29e73da7b9c8a6eb5abce1be6f0fc2b87bb81e8a5af20be1f8f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
111139
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Mar 2024 13:16:41 GMT
css
fonts.googleapis.com/ Frame 7150 		13 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Requested by
Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sitata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 11 Mar 2024 13:16:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:08:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 11 Mar 2024 13:16:41 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.x/css/ Frame 7150 		218 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css
Requested by
Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sitata.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30586
x-jsd-version
4.9.95
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230123-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"3690d-+C8LymUllOTB/eRBaefREVF0ZzU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEUscdtQEzYI8uFdBkoNIyrCoQj9HXwct5rMAamqQp%2BztA7KlC%2Feu5fDuk6yU5gCY6PELESVRmnG92vW8PmDPweCIRbJoQMRQdVFMFMmNTTYgbdxn9xIIVto0exdTBoiTOHJkCzcTHcOeIWAAOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
862bd20a6f29bbaa-FRA
check_public
www.sitata.com/api/v2/tokens/process/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,sit-widget-referer
Access-Control-Request-Method
POST
Origin
https://www.covidchecker.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,sit-widget-referer
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
862bd20b8dec373d-FRA
date
Mon, 11 Mar 2024 13:16:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKvwqWD0EgFFoZcxOQDPIdPCjQ6ztHu5fs6jxQ4rrBr0%2BhSAaj1vj8LpHHq6NtSvHRoW7u1Z1X0K5IiB1yYoUlZi1GDdKB%2FKDmTx%2B7CiVmfqY1eKDQjf6kwofrR2QRZcIxv1aciNcOmumLRtBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
593c01500615c47aaf309dd3677b7b4f
countries
www.sitata.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/countries?short=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,sit-widget-referer
Access-Control-Request-Method
GET
Origin
https://www.covidchecker.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,sit-widget-referer
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
862bd20b8de8373d-FRA
date
Mon, 11 Mar 2024 13:16:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyN8mT7DBP6rVhsh9wFbhZY35sOK3O787LCldFsVzU2kFDxPpnDyBLY%2BCv03J5LjkO4yN5ph6Mj1aulOkopkbwaSEHUYjcyb4lLBcctujj9aEzRYHM57dpMZ4TWvm%2FDi9Dn3HpfXoe8oithjzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
1271e21f3b68a39cef5fc30e863ed7fe
js
www.googletagmanager.com/gtag/ Frame 7150 		248 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T771YDHSTZ
Requested by
Host: www.sitata.com
URL: https://www.sitata.com/widgets/sitata-covid-map-v3.1.0.13.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eff5dba3dd47427e0599293f336a21548d4f59b380dba9dc97cee96c6731884b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88616
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Mar 2024 13:16:42 GMT
js
www.googletagmanager.com/gtag/ Frame 7150 		248 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T771YDHSTZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-32631831-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2f42b3bd2be3c8bd32e30d1199c79ef3e03b56b52c3a4b941e452d9afc1ac63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.covidchecker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88510
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 11 Mar 2024 13:16:42 GMT
check_public
www.sitata.com/api/v2/tokens/process/ Frame 7150 		2 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/tokens/process/check_public?token=2d811d19-a0ce-4bd8-b1d0-7404e9875831
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer
https://fnb.thomalex.travel/
Referer
https://www.covidchecker.com/
Accept-Language
de-DE,de;q=0.9
Authorization
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcsqzZl6yuAfyS3y%2FCXIKJCC6cvEPI1YwSQAipXrfQQoKpV7UG0L8%2BGsu0YLdj4VaTQdhMEkoU%2F5ZsTx0oWuKm%2BlGHfx6oQ1WSqK28oJNXRKk5Q2Nw7k1CxpindSZxk8TDMgZnJlZZNdq%2BvqWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
862bd20c3eb0373d-FRA
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
e4982e1b3a5dd3f497ae4bf37b2fac05
countries
www.sitata.com/api/v2/ Frame 7150 		558 KB
99 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/countries?short=1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0b713d62b2d139ba9868dc01ac00ff2e12dba27742aed89ba659b537f7a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer
https://fnb.thomalex.travel/
Referer
https://www.covidchecker.com/
Accept-Language
de-DE,de;q=0.9
Authorization
PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-request-id
c1af67596d8574eefc5546c422b69dbb
last-modified
Tue, 12 Dec 2023 20:06:17 GMT
server
cloudflare
etag
W/ fd0d13d594a95f36c63f6f6675da49fd
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz7Ig%2BXPr%2FEYpv2K3n9gWfLARAdOk9GqFKYSQTm%2FmPU7v8PsCsEsKNJsPV1vsrH3X5%2BivcbZ5P1nWef6Q0fB2YJ%2BZaRqVvC0evUG8Eo8f1ItUsUsl5C0%2Fgf2ou5Um4EjFNpfx%2B%2BkhI1Gz07eZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-apo-via
origin,page-rules
cf-ray
862bd20c1e94373d-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 7150 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.covidchecker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 00:50:53 GMT
x-content-type-options
nosniff
age
563149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 00:50:53 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.x/fonts/ Frame 7150 		276 KB
277 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.x/fonts/materialdesignicons-webfont.woff2?v=4.9.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css
Origin
https://www.covidchecker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18217
x-jsd-version
4.9.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
283040
x-served-by
cache-fra-eddf8230070-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"451a0-lWoSaMOlEO10NQ05k4FLah/1emU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERGjnbsE7NvL7S3TzX2mm8nyf9nSRi1sWq%2B2KUd%2FB%2FdsMcHKIZYiUCQZja6FVeWXTkl%2FHlD9CflI7kcI6IvLmdS%2BiLPx98VYiIho18IsnVQ7NB35JslLXt27pb7qaMU%2F01jDcB00eHhnGWOO2ko%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
862bd20c09de9b22-FRA
user_location
www.sitata.com/api/v2/places/ Frame 7150 		13 B
575 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/places/user_location
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f3f205265c1ac0a3af74d58628a1816a0828c4e47dd8860e02a923e4d65849
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer
https://fnb.thomalex.travel/
Referer
https://www.covidchecker.com/
Accept-Language
de-DE,de;q=0.9
Authorization
PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13
x-request-id
c9eddb63cb3f7b6928456ed1b7221f17
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXs39mP0V1PAoTuHLmZGWOZmRQfp1EXdhcu7%2ByqX1tPKNV%2Bjsw%2Bm3ec4CYTX6F9bKFQfp9rg1vbDnQVmH6gt9soVIJoBM74rUnSBIPtBcDiU2LsTK8wmLLqmGQ8khjdv4cTh6RN7UVR4f2GnIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-apo-via
origin,page-rules
cf-ray
862bd20df982373d-FRA
user_location
www.sitata.com/api/v2/places/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/places/user_location
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,sit-widget-referer
Access-Control-Request-Method
GET
Origin
https://www.covidchecker.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,sit-widget-referer
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
862bd20db905373d-FRA
date
Mon, 11 Mar 2024 13:16:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRvlQ%2FgTzVS8WnvYKKMALlGxr6G34xu6O6Ym5G5CvDqHITcWjjDBiqOJH5IBF0%2BQboeBGKAXpq4ArOQRvSbglLgn%2F%2BVu2EZ1JCFnfyYyk6YwN4l1wIH%2BKzW2IQQQru7Aq7zHC9zLRPVdAk70GA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
a380922ff7ff9457bce1721c0bc00b60
global_summary
www.sitata.com/api/v2/entry_requirements/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/entry_requirements/global_summary?departure_code=null&vaccinated=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,sit-widget-referer
Access-Control-Request-Method
GET
Origin
https://www.covidchecker.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,sit-widget-referer
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
862bd20f3b63373d-FRA
date
Mon, 11 Mar 2024 13:16:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQ5m7VqWTBl1EhNPhZbPk8mAuy%2FuYlbYgNqhvbdN80Bpd%2FmKBkM3Z1RTdkuFRJWN5%2FsnNU6e8iSSjHJhYR8JQbfX5PUn7biUmicW8PBgP6yzW%2BZKtUXI%2BO%2Fh3HnxyoidZ8KIKg3bH0yX3xHXGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-request-id
fce2bca9fa1e0660e0046a2e645a0c08
global_summary
www.sitata.com/api/v2/entry_requirements/ Frame 7150 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/api/v2/entry_requirements/global_summary?departure_code=null&vaccinated=false
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faaf8c67ad43b0cac79bac2913fb032a9425af390088084d47539b8ab026176b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Sit-Widget-Referer
https://fnb.thomalex.travel/
Referer
https://www.covidchecker.com/
Accept-Language
de-DE,de;q=0.9
Authorization
PUB 2d811d19-a0ce-4bd8-b1d0-7404e9875831
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-request-id
531737bda4bbd9b1df3f781ffc5591c2
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPovQ%2BAluAStYccl3ZiO0vMpGdDt5n%2BJavmxRactg0V%2Fp5bv91l4w8n8U%2BL8J9vwIZmVS6K74RDWf5gdPu24AQL12CnWY2X7vbCU6jgb%2Fq0E5KDZD9aUOWutHXDQP1103h3bCcBlVVXk57FcvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-apo-via
origin,page-rules
cf-ray
862bd20f6b98373d-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 7150 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.covidchecker.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:17:02 GMT
x-content-type-options
nosniff
age
583180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 19:17:02 GMT
50m_world_new_min.topojson
www.sitata.com/widgets/ Frame 7150 		304 KB
305 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sitata.com/widgets/50m_world_new_min.topojson
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.3.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524fc08454aded06ebd105d4b2e7130e5c2773d27a80649fa4b361e5f16c1205
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.covidchecker.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 13:16:42 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6C181F2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AXwBfwbeiPTMZNulHmfCXf1D780usyJxkBHKWhcFya3%2Fg2V7df27u023yLZc8ZZITt%2FS%2B627c4XsSRA0tJmhcB0NkYdsdICeYNV71ejYIF%2Fxe2PitzdBgFnQ7rpe9n46lSJqsHEAziwAMp2tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public
cf-apo-via
origin,no-cache
cf-ray
862bd20fec7c373d-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Vue string| returnUrl object| app function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
fnb.thomalex.travel/ Name: __RequestVerificationToken
Value: KnCXdPahWfGI0zSWf5d2SI_UU5-OtMiFFCOVYY4cTX1CS1opuGQN4RfTca71AZv_G1KheSPAp-7grUEU0LzgD1nzQFF1pGZ25n24I43LZcBGZgbcdDj2gsYtqqa1uF6ZFXYJj6Ag26unuYtx_VgOBA2

1 Console Messages

Source Level URL
Text
network error URL: https://www.sitata.com/api/v2/places/user_location
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fnb.thomalex.travel
fonts.googleapis.com
fonts.gstatic.com
resvoyage.blob.core.windows.net
www.covidchecker.com
www.google-analytics.com
www.googletagmanager.com
www.sitata.com
2606:4700:3031::ac43:abf3
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2008
2a00:1450:4001:828::2003
2a06:98c1:3121::3
40.121.51.62
52.239.169.4
0be2c4b3b689c19c28e631a972a745663ad678def6fefc493da88df0e9ba3087
18f3f205265c1ac0a3af74d58628a1816a0828c4e47dd8860e02a923e4d65849
1d2612ceeb4e2fa5600aa076753b5924a166041b960566a7aa1a92153e500b46
28929464417a29e73da7b9c8a6eb5abce1be6f0fc2b87bb81e8a5af20be1f8f2
3248c66efa5ff60a1088aa4ab9d39b395fcc2e77e03ae454621885aa1017f3a8
324a10c6d3d78249a021f49cc5a9b3dee7134a739571f0fee53028b4a6f668ee
36f39fac3496d9f3519070fbd94f1ab17feef8842cfdcdca92b6609bdcfb3536
3966ecd9d6d3203b9b853ad3b2c1f05b29cbfe8152d2396cdd0629bf5ee81830
3a1e31233360ad661f9f48a9bb08138405f09f31ada00ef97f5554a33cc8574b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
466372a3fa7834cc9fdb2c8286cc5fa7428cf37426bbf3fc565bc1370df3ba97
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
524fc08454aded06ebd105d4b2e7130e5c2773d27a80649fa4b361e5f16c1205
5489d34c6faf46a989be459cc0a3a28be86fb219aef6750c69d1410ddb9fe7ac
5e245f87c91e4cc60c4f66311f2691f187b9f710259f5f75cd6beff7598d6ddd
6e014a2ea215f8b2bf9ba11d0e47cf7b6f91d0194ada4df98d340eed148c0b25
7c7c72980b57eeeb3ac6593419b8aeacb2952e95499eebf8e61412596e875f5e
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
8b79356aa990cca4585dca5552ddd61973708d004b0c6eac5658ca0e619aa11f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
a410460285968ae56f3748e57fd09c6da63c17934a9f59cc7f9a6542f5cf2d3b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ae8040b1cd5d988a5269fff6502477c05431643cd0448a56ea0ea7f7629928c3
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cacd6851dd67a005c0b95433fc00807bd604bf07776216a99cfb9b49768a9b00
dd0b713d62b2d139ba9868dc01ac00ff2e12dba27742aed89ba659b537f7a96e
ddb010de178f7e1b418d354133e5f167f8a8eff8a6cba7a4a5f2854d9bd060ff
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb9e025c458a290ea6efb45935088487a9f4f8b55a1e08cb31420633108694c
e9497bc97cc02ef869137ccab51b0049473c046a1921e49cadfa94820f88d6eb
eb03c6bb471f925fe646891ce38c19a586f3a060d2f81f420e0deb24e0616349
ebd713db9a49554980ca78b058c8255e510e11e658ba1983f076e3e7c8024bb6
eff5dba3dd47427e0599293f336a21548d4f59b380dba9dc97cee96c6731884b
f2f42b3bd2be3c8bd32e30d1199c79ef3e03b56b52c3a4b941e452d9afc1ac63
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
faaf8c67ad43b0cac79bac2913fb032a9425af390088084d47539b8ab026176b