dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog Open in urlscan Pro
2a00:1450:4001:80b::2001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicktime.symantec.com/15uBY2Y7JXcBnbJriCvfi?h=SczOp2G1CgImaGdigMR7897uqewlt6vgB1s3n6WHvto=&u=https://track.mailalert.i...
Effective URL:
https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=e...
Submission: On November 16 via manual (November 16th 2022, 3:40:50 pm UTC) from CO — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 13 domains to perform 14 HTTP transactions. The main IP is 2a00:1450:4001:80b::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog.
TLS certificate: Issued by GTS CA 1C3 on October 25th 2022. Valid for: 3 months.

This is the only time dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	16.170.61.31 16.170.61.31	16509 (AMAZON-02) (AMAZON-02)
1 1	185.58.42.195 185.58.42.195	24971 (MASTER-AS...) (MASTER-AS Czech Republic www.master.cz)
1 1	2606:4700::68... 2606:4700::6811:90c8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.239.5.157 34.239.5.157	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	9

1 16.170.61.31 (Stockholm, Sweden) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-16-170-61-31.eu-north-1.compute.amazonaws.com

clicktime.symantec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.58.42.195 (Havířov, Czech Republic) 1 redirects

ASN24971 (MASTER-AS Czech Republic www.master.cz, CZ)
PTR: d4108.masterinter.net

track.mailalert.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:90c8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hubs.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.5.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-5-157.compute-1.amazonaws.com

jebcco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1734 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

w3s.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bafybeidys6dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a.ipfs.w3s.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2222 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 712	53 KB
3	w3s.link 1 redirects w3s.link — Cisco Umbrella Rank: 240629 bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link bafybeidys6dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a.ipfs.w3s.link	12 KB
2	gstatic.com www.gstatic.com	34 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 304	60 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	7 KB
1	google.com translate.google.com — Cisco Umbrella Rank: 1251	26 KB
1	translate.goog dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog	37 KB
1	jebcco.com 1 redirects jebcco.com — Cisco Umbrella Rank: 385281	692 B
1	hubs.ly 1 redirects hubs.ly — Cisco Umbrella Rank: 114830	555 B
1	mailalert.io 1 redirects track.mailalert.io	345 B
1	symantec.com 1 redirects clicktime.symantec.com — Cisco Umbrella Rank: 72043	368 B
0	jquery.com Failed code.jquery.com Failed
14	13

	Domain	Requested by
2	www.gstatic.com	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
2	stackpath.bootstrapcdn.com	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
2	ajax.googleapis.com	bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
1	bafybeidys6dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a.ipfs.w3s.link	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
1	cdn.jsdelivr.net	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
1	maxcdn.bootstrapcdn.com	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
1	cdnjs.cloudflare.com	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
1	translate.google.com	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
1	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog	bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link
1	bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link
1	w3s.link	1 redirects
1	jebcco.com	1 redirects
1	hubs.ly	1 redirects
1	track.mailalert.io	1 redirects
1	clicktime.symantec.com	1 redirects
0	code.jquery.com Failed	dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
14	16

This site contains no links.

Subject Issuer	Validity	Valid
w3s.link Cloudflare Inc ECC CA-3	`2022-07-18` - `2023-07-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB
Frame ID: B8594BCEBB23CD17CB9EEC2B4598D5EA
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Access

Page URL History Show full URLs

https://clicktime.symantec.com/15uBY2Y7JXcBnbJriCvfi?h=SczOp2G1CgImaGdigMR7897uqewlt6vgB1s3n6WHvto=&u=https... HTTP 307
https://track.mailalert.io/t/28265bbf-62f9-4acb-8300-be8526e62acb/?url=https%3A%2F%2Fhubs.ly%2FQ01s7Mv50 HTTP 302
https://hubs.ly/Q01s7Mv50 HTTP 301
https://jebcco.com/click?redirect=https%3A%2F%2Fw3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4i... HTTP 301
https://w3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye/K332.shtml HTTP 301
https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml Page URL
https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

14
Requests

93 %
HTTPS

75 %
IPv6

13
Domains

16
Subdomains

9
IPs

4
Countries

230 kB
Transfer

716 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicktime.symantec.com/15uBY2Y7JXcBnbJriCvfi?h=SczOp2G1CgImaGdigMR7897uqewlt6vgB1s3n6WHvto=&u=https://track.mailalert.io/t/28265bbf-62f9-4acb-8300-be8526e62acb/?url%3Dhttps%253A%252F%252Fhubs.ly%252FQ01s7Mv50%23diego.zabala%40avianca.com%26100-22 HTTP 307
https://track.mailalert.io/t/28265bbf-62f9-4acb-8300-be8526e62acb/?url=https%3A%2F%2Fhubs.ly%2FQ01s7Mv50 HTTP 302
https://hubs.ly/Q01s7Mv50 HTTP 301
https://jebcco.com/click?redirect=https%3A%2F%2Fw3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye/K332.shtml&utm_campaign=New&utm_source=metacafe&utm_medium=social HTTP 301
https://w3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye/K332.shtml HTTP 301
https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml Page URL
https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://clicktime.symantec.com/15uBY2Y7JXcBnbJriCvfi?h=SczOp2G1CgImaGdigMR7897uqewlt6vgB1s3n6WHvto=&u=https://track.mailalert.io/t/28265bbf-62f9-4acb-8300-be8526e62acb/?url%3Dhttps%253A%252F%252Fhubs.ly%252FQ01s7Mv50%23diego.zabala%40avianca.com%26100-22 HTTP 307
https://track.mailalert.io/t/28265bbf-62f9-4acb-8300-be8526e62acb/?url=https%3A%2F%2Fhubs.ly%2FQ01s7Mv50 HTTP 302
https://hubs.ly/Q01s7Mv50 HTTP 301
https://jebcco.com/click?redirect=https%3A%2F%2Fw3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye/K332.shtml&utm_campaign=New&utm_source=metacafe&utm_medium=social HTTP 301
https://w3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye/K332.shtml HTTP 301
https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

K332.shtml Show response
bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/
Redirect Chain

https://clicktime.symantec.com/15uBY2Y7JXcBnbJriCvfi?h=SczOp2G1CgImaGdigMR7897uqewlt6vgB1s3n6WHvto=&u=https://track.mailalert.io/t/28265bbf-62f9-4acb-8300-be8526e62acb/?url%3Dhttps%253A%252F%252Fhu...
https://track.mailalert.io/t/28265bbf-62f9-4acb-8300-be8526e62acb/?url=https%3A%2F%2Fhubs.ly%2FQ01s7Mv50
https://hubs.ly/Q01s7Mv50
https://jebcco.com/click?redirect=https%3A%2F%2Fw3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye/K332.shtml&utm_campaign=New&utm_source=metacafe&utm_medium=social
https://w3s.link/ipfs/bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye/K332.shtml
https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml

25 KB
12 KB

547ms
518ms

Document
text/html

2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b78e5c7dedb1572c82efea1132f5450d2b7b3e45288ca5e3442a40390013af4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: public, max-age=29030400, immutable
cf-ray: 76b153ae9fc19a21-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 16 Nov 2022 15:40:45 GMT
etag: W/"bafkreialpds4pxw3cvzmqlx6uejs6vcq2k33hzcsrdff4nccuqbzaaj26q"
server: cloudflare
server-timing: request;dur=459
vary: Accept-Encoding
x-dotstorage-anchor: 0ceb7b3479b445b2e3e81abd1cc16f9db1b6c9cb9563cff953a70d1eb5c2b15f
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 1.5.3

Redirect headers

access-control-allow-origin: *
access-control-expose-headers: Link
cf-ray: 76b153ae1ebd9a21-FRA
content-length: 0
date: Wed, 16 Nov 2022 15:40:45 GMT
location: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml
server: cloudflare
server-timing: request;dur=0
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 73ms
16ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link
URL: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 16 Nov 2022 10:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 10:40:53 GMT

GET
H2 200 Primary Request K32.shtml Show response
dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/ 79 KB
37 KB 334ms
255ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB

Requested by

Host: bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link
URL: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2079107d022d28609d6ff4a92a354eb723af99ad8a0f91db1e4a0b64b9e367e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.translate.goog
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-security-policy: frame-ancestors *.translate.goog
content-type: text/html
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 15:40:47 GMT
expires: Wed, 16 Nov 2022 15:40:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: ESF
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 0

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 162ms
54ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:40:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 12636912
cdn-cachedat: 08/03/2021 15:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 72292ca7a393da9d388c402f68f6a70c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76b153c03db8902e-FRA
cdn-requestpullsuccess: True

GET
H2 200 m=ajaxproxy Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/ 69 KB
24 KB 136ms
29ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=ajaxproxy

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43e6b995ed4fbb716c2d08e748b34bed7fb238d794f697eaee07edf5e0c5105b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Nov 2022 19:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24096
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 19:25:02 GMT

GET
H2 200 m=navigationui Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/ 25 KB
11 KB 132ms
25ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=navigationui

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20c856ae759f9e5e00bba1afce2a1e8a361fd6fe736288af1be7ae1e5993871e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Nov 2022 19:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10414
x-xss-protection: 0
last-modified: Sun, 23 Oct 2022 01:11:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 19:25:02 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 75 KB
26 KB 145ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-GB&client=wt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

566275637d8147ee770cebc0fef38827f8253a6dee0fa645531cae2d82da72dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Wed, 16 Nov 2022 15:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 164ms
58ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 16 Nov 2022 15:40:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 674, 718, 718
age: 25515943
cdn-cachedat: 2021-06-08 05:11:08
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d57b249fbc897a386cb949167a1340aa
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 76b153c03dbc902e-FRA
cdn-requestpullsuccess: True

GET jquery-3.2.1.slim.min.js
code.jquery.com/ 0
0

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 159ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
Origin: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 16 Nov 2022 15:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1187228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ptzve7HqKLTJDCdYUliOskyjjkBxfvcfrEHzJpAJpJGXq2Fr9O%2FgTTgBp7GItRlxNMNHLBJwhXyyM%2FqgKU9z4P4MKn0dnATF55X2%2F3F1lkHl8E%2FEtcS4fV%2B9gXZ%2BtQCBgC7BPT0uipANIH5Z7jLYl7uf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76b153c03fb89b39-FRA
expires: Mon, 06 Nov 2023 15:40:48 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 161ms
56ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
Origin: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 16 Nov 2022 15:40:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
cdn-cachedat: 08/20/2022 02:32:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 377a7a9cae4603341c43523fa17d7f16
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76b153c02e28bbd7-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 16 Nov 2022 15:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2023 15:13:08 GMT

GET
H2 200 jquery.session.min.js Show response
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ 2 KB
2 KB 158ms
53ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 16 Nov 2022 15:40:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20758538
x-jsd-version: 1.0.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-hhn4031-HHN
x-jsd-version-type: version
server: cloudflare
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwwFwmPrN3RW%2BVO0eKOHlDsyoQm4f6AoK9RcjuPSjfIaRSvN1cFwaRfW321L6t67XQnBFwhguqCTVYNLnWx8%2FtQx41JnOf3HnnHYvFwtxyn9jDa%2FzwUZwmeyr5M%2BtFj0aUejeXrAIMBppFrbMYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 76b153c02e4e9b74-FRA

GET
H2 502 bg-image.jpg
bafybeidys6dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a.ipfs.w3s.link/img/ 11 B
108 B 1483ms
1442ms Image
text/html 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafybeidys6dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a.ipfs.w3s.link/img/bg-image.jpg
Requested by: Host: dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bc36331ef8b0fc6c198c090bdd4acc3c01185392d2c4d4cd1963fc8b00bde11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:40:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Link
server-timing: request;dur=1377
cf-ray: 76b153c0f9209a21-FRA
content-length: 11

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.slim.min.js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link/K332.shtml(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=ajaxproxy, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.Vc127tLVbBs.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfqoYtoeI2Vx8ajgyv27S_f2gtExlQ/m=navigationui, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-GB&client=wt, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog/K32.shtml?diego.zabala@avianca.com+&_x_tr_hp=bafybeidys6&_x_tr_sl=auto&_x_tr_tl=en-GB&_x_tr_hl=en-GB(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://bafybeidys6dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a.ipfs.w3s.link/img/bg-image.jpg Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bafybeicgyringasqovelpek2x6uhny4ifkosxfueghvvrgtoktizjum2ye.ipfs.w3s.link
bafybeidys6dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a.ipfs.w3s.link
cdn.jsdelivr.net
cdnjs.cloudflare.com
clicktime.symantec.com
code.jquery.com
dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog
hubs.ly
jebcco.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
track.mailalert.io
translate.google.com
w3s.link
www.gstatic.com
code.jquery.com
16.170.61.31
185.58.42.195
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700::6811:90c8
2606:4700::6812:1734
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:82b::200e
34.239.5.157
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b78e5c7dedb1572c82efea1132f5450d2b7b3e45288ca5e3442a40390013af4
2079107d022d28609d6ff4a92a354eb723af99ad8a0f91db1e4a0b64b9e367e8
20c856ae759f9e5e00bba1afce2a1e8a361fd6fe736288af1be7ae1e5993871e
43e6b995ed4fbb716c2d08e748b34bed7fb238d794f697eaee07edf5e0c5105b
566275637d8147ee770cebc0fef38827f8253a6dee0fa645531cae2d82da72dd
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bc36331ef8b0fc6c198c090bdd4acc3c01185392d2c4d4cd1963fc8b00bde11
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog Open in urlscan Pro 2a00:1450:4001:80b::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

75 %IPv6

13 Domains

16 Subdomains

9 IPs

4 Countries

230 kBTransfer

716 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

13 Console Messages

Indicators

dcwdjexyu3juqtnijbatuk3mn3m2fefv7fy5m47hvx5axk3a-ipfs-w3s-link.translate.goog Open in urlscan Pro
2a00:1450:4001:80b::2001 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

75 %
IPv6

13
Domains

16
Subdomains

9
IPs

4
Countries

230 kB
Transfer

716 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions