1link.travelsafe.pr.gov Open in urlscan Pro
23.23.28.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.travelsafe.pr.gov/
Effective URL:
https://1link.travelsafe.pr.gov/
Submission: On November 15 via automatic, source certstream-suspicious (November 15th 2021, 9:07:34 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 23.23.28.144, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 1link.travelsafe.pr.gov.
TLS certificate: Issued by R3 on November 15th 2021. Valid for: 3 months.

This is the only time 1link.travelsafe.pr.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.193.82.254 34.193.82.254	14618 (AMAZON-AES) (AMAZON-AES)
1 11	23.23.28.144 23.23.28.144	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
19	5

1 34.193.82.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-82-254.compute-1.amazonaws.com

app.travelsafe.pr.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.23.28.144 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-28-144.compute-1.amazonaws.com

1link.travelsafe.pr.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pr.gov 2 redirects app.travelsafe.pr.gov 1link.travelsafe.pr.gov	4 MB
6	gstatic.com www.gstatic.com fonts.gstatic.com	332 KB
3	google.com www.google.com	22 KB
19	3

	Domain	Requested by
11	1link.travelsafe.pr.gov	1 redirects 1link.travelsafe.pr.gov
4	www.gstatic.com	www.google.com www.gstatic.com
3	www.google.com	1link.travelsafe.pr.gov www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
1	app.travelsafe.pr.gov	1 redirects
19	5

This site contains no links.

Subject Issuer	Validity	Valid
travelsafe.pr.gov R3	`2021-11-15` - `2022-02-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://1link.travelsafe.pr.gov/
Frame ID: 22133BF952C562162452524926124F15
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2TOUZAAAAAKHiq0vKVIF9cIXKja51cqBz9Lua&co=aHR0cHM6Ly8xbGluay50cmF2ZWxzYWZlLnByLmdvdjo0NDM.&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=x2jo43mfd6v8
Frame ID: 706529F0963F0F1D0DD31E35DDAA8F8F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Travel Safe | Departamento de Salud

Page URL History Show full URLs

https://app.travelsafe.pr.gov/ HTTP 302
http://1link.travelsafe.pr.gov/ HTTP 301
https://1link.travelsafe.pr.gov/ Page URL

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

4105 kB
Transfer

4575 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app.travelsafe.pr.gov/ HTTP 302
http://1link.travelsafe.pr.gov/ HTTP 301
https://1link.travelsafe.pr.gov/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1link.travelsafe.pr.gov/
Redirect Chain

https://app.travelsafe.pr.gov/
http://1link.travelsafe.pr.gov/
https://1link.travelsafe.pr.gov/

2 KB
2 KB

449ms
98ms

Document
text/html

23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: 9201157dfd94f8d3e17002087dd0b97cf3e2f45b66b7b8f1f414fd30953e2bbf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.19.4
Date: Mon, 15 Nov 2021 21:07:27 GMT
Content-Type: text/html
Content-Length: 2313
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Connection: keep-alive
ETag: "61899af0-909"
Accept-Ranges: bytes

Redirect headers

Server: nginx/1.19.4
Date: Mon, 15 Nov 2021 21:07:27 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://1link.travelsafe.pr.gov/

GET
H/1.1 200
OK 2.2a6b91c2.chunk.css
1link.travelsafe.pr.gov/static/css/ 4 KB
4 KB 99ms
98ms Stylesheet
text/css 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/static/css/2.2a6b91c2.chunk.css
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: c85497b7b92c935be9fe2b49cb4601d164b22db5449fb33db4b3fe623eb72c6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:27 GMT
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Server: nginx/1.19.4
ETag: "61899af0-e5d"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3677

GET
H/1.1 200
OK main.71f36716.chunk.css
1link.travelsafe.pr.gov/static/css/ 541 KB
542 KB 290ms
190ms Stylesheet
text/css 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/static/css/main.71f36716.chunk.css
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: 9e059819c905f581d77e209be5a372fa138f483f66154a9628b15e323e9172b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:27 GMT
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Server: nginx/1.19.4
ETag: "61899af0-87547"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 554311

GET
H/1.1 200
OK 2.ba364fe9.chunk.js Show response
1link.travelsafe.pr.gov/static/js/ 2 MB
2 MB 385ms
189ms Script
application/javascript 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/static/js/2.ba364fe9.chunk.js
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: 2166e9cb7850e4b2cb7dd7114be7f9a746c0ffd87acc969f9ec097c851245700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:28 GMT
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Server: nginx/1.19.4
ETag: "61899af0-1bc83d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1820733

GET
H/1.1 200
OK main.96cdf6a0.chunk.js Show response
1link.travelsafe.pr.gov/static/js/ 430 KB
430 KB 388ms
192ms Script
application/javascript 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/static/js/main.96cdf6a0.chunk.js
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: 1a2a2d8f5031e8711a78c38ba03bed24d29fca89f1e9aa559163d0f5ef977522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:28 GMT
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Server: nginx/1.19.4
ETag: "61899af0-6b781"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 440193

GET
H/1.1 200
OK translation.json Show response
1link.travelsafe.pr.gov/locales/en/ 2 KB
2 KB 98ms
97ms Fetch
text/html 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/locales/en/translation.json
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/static/js/2.ba364fe9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: 9201157dfd94f8d3e17002087dd0b97cf3e2f45b66b7b8f1f414fd30953e2bbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:28 GMT
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Server: nginx/1.19.4
ETag: "61899af0-909"
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2313

GET
H/1.1 200
OK common.json Show response
1link.travelsafe.pr.gov/locales/en/ 330 B
575 B 98ms
98ms Fetch
application/json 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/locales/en/common.json
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/static/js/2.ba364fe9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: e8b2d7b31fbc2d3fb537843576158a34807fdf7645cad09b89b4674c3a9ac26c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:28 GMT
Last-Modified: Mon, 08 Nov 2021 21:46:34 GMT
Server: nginx/1.19.4
ETag: "61899aba-14a"
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 330

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1001 B 45ms
22ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le2TOUZAAAAAKHiq0vKVIF9cIXKja51cqBz9Lua

Requested by

Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/static/js/2.ba364fe9.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86236228a95b5ce87e9be1c173d6f0951df4e5c958f99e5a2f2660ab413a5adb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Mon, 15 Nov 2021 21:07:28 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ 348 KB
137 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le2TOUZAAAAAKHiq0vKVIF9cIXKja51cqBz9Lua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1link.travelsafe.pr.gov/
Origin: https://1link.travelsafe.pr.gov
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 20:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139079
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 15 Nov 2022 20:33:54 GMT

GET
H/1.1 200
OK Login.json Show response
1link.travelsafe.pr.gov/locales/en/ 571 B
816 B 98ms
98ms Fetch
application/json 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1link.travelsafe.pr.gov/locales/en/Login.json
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/static/js/2.ba364fe9.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: 9950ec57fe2081df3555112750dcee3fd377ea1330727686393bef5d30be1c1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:29 GMT
Last-Modified: Mon, 08 Nov 2021 21:46:34 GMT
Server: nginx/1.19.4
ETag: "61899aba-23b"
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 571

GET
H/1.1 200
OK prlogo.05e595f6.png
1link.travelsafe.pr.gov/static/media/ 155 KB
155 KB 98ms
98ms Image
image/png 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1link.travelsafe.pr.gov/static/media/prlogo.05e595f6.png
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: c1330d5ebbc6d94e12f9ff92d640be609ddcf25f1069534b3b5970bd32033027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:29 GMT
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Server: nginx/1.19.4
ETag: "61899af0-26cf5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 158965

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9b49982b27a37396df1caba8bafc63ea5309dc117ac1b01006048d503aa7089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bg3.aaa4c9d6.jpg
1link.travelsafe.pr.gov/static/media/ 835 KB
835 KB 100ms
99ms Image
image/jpeg 23.23.28.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1link.travelsafe.pr.gov/static/media/bg3.aaa4c9d6.jpg
Requested by: Host: 1link.travelsafe.pr.gov
URL: https://1link.travelsafe.pr.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.28.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-28-144.compute-1.amazonaws.com
Software: nginx/1.19.4 /
Resource Hash: b8235d258fbc4026f64ac62f10d61ea6592c69e9614733db81f2499910b2ef07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 21:07:29 GMT
Last-Modified: Mon, 08 Nov 2021 21:47:28 GMT
Server: nginx/1.19.4
ETag: "61899af0-d0c17"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 855063

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7065 41 KB
21 KB 33ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2TOUZAAAAAKHiq0vKVIF9cIXKja51cqBz9Lua&co=aHR0cHM6Ly8xbGluay50cmF2ZWxzYWZlLnByLmdvdjo0NDM.&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=x2jo43mfd6v8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e0c60734892b11dbc69b28e08321ed2f906a05c1d8599e403173240def67ae7f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c/gOGh/JD9aPq7o92vnhfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1link.travelsafe.pr.gov/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 15 Nov 2021 21:07:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-c/gOGh/JD9aPq7o92vnhfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21353
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame 7065 52 KB
26 KB 31ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2TOUZAAAAAKHiq0vKVIF9cIXKja51cqBz9Lua&co=aHR0cHM6Ly8xbGluay50cmF2ZWxzYWZlLnByLmdvdjo0NDM.&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=x2jo43mfd6v8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 17:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 15 Nov 2022 17:34:30 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame 7065 348 KB
136 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 20:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139079
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Tue, 15 Nov 2022 20:33:54 GMT

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7065 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:16:19 GMT
x-content-type-options: nosniff
age: 121870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 21 Nov 2021 11:16:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7065 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 06:41:55 GMT
x-content-type-options: nosniff
age: 397534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 06:41:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7065 15 KB
15 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:32:05 GMT
x-content-type-options: nosniff
age: 347724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 20:32:05 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7065 102 B
204 B 16ms
15ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2dbb9007b20d836955cf57abcc72f4eaaa0cf9087b5cc9d78a12ef0ca3da2ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le2TOUZAAAAAKHiq0vKVIF9cIXKja51cqBz9Lua&co=aHR0cHM6Ly8xbGluay50cmF2ZWxzYWZlLnByLmdvdjo0NDM.&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=x2jo43mfd6v8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 15 Nov 2021 21:07:29 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1link.travelsafe.pr.gov
app.travelsafe.pr.gov
fonts.gstatic.com
www.google.com
www.gstatic.com
23.23.28.144
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::2004
34.193.82.254
0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af
1a2a2d8f5031e8711a78c38ba03bed24d29fca89f1e9aa559163d0f5ef977522
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2166e9cb7850e4b2cb7dd7114be7f9a746c0ffd87acc969f9ec097c851245700
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
86236228a95b5ce87e9be1c173d6f0951df4e5c958f99e5a2f2660ab413a5adb
9201157dfd94f8d3e17002087dd0b97cf3e2f45b66b7b8f1f414fd30953e2bbf
9950ec57fe2081df3555112750dcee3fd377ea1330727686393bef5d30be1c1a
9e059819c905f581d77e209be5a372fa138f483f66154a9628b15e323e9172b8
b8235d258fbc4026f64ac62f10d61ea6592c69e9614733db81f2499910b2ef07
c1330d5ebbc6d94e12f9ff92d640be609ddcf25f1069534b3b5970bd32033027
c85497b7b92c935be9fe2b49cb4601d164b22db5449fb33db4b3fe623eb72c6e
d2dbb9007b20d836955cf57abcc72f4eaaa0cf9087b5cc9d78a12ef0ca3da2ff
e0c60734892b11dbc69b28e08321ed2f906a05c1d8599e403173240def67ae7f
e8b2d7b31fbc2d3fb537843576158a34807fdf7645cad09b89b4674c3a9ac26c
e9b49982b27a37396df1caba8bafc63ea5309dc117ac1b01006048d503aa7089

1link.travelsafe.pr.gov Open in urlscan Pro 23.23.28.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

100 %HTTPS

60 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

4105 kBTransfer

4575 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Indicators

1link.travelsafe.pr.gov Open in urlscan Pro
23.23.28.144 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

4105 kB
Transfer

4575 kB
Size

0
Cookies

19 HTTP transactions
1 data transactions