urlscan.io logo urlscan.io
SecurityTrails logo

www.avianca.com Open in urlscan Pro
2a02:26f0:6c00:286::1874  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://praamountplus.com/
Effective URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commissio...
Submission: On November 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 17 domains to perform 53 HTTP transactions. The main IP is 2a02:26f0:6c00:286::1874, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.avianca.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 16th 2021. Valid for: a year.
This is the only time www.avianca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.224.182.251 133618 (TRELLIAN-...)
1 5 103.224.182.206 133618 (TRELLIAN-...)
1 1 49.12.0.235 24940 (HETZNER-AS)
1 1 78.46.197.88 24940 (HETZNER-AS)
2 157.90.169.168 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 3 52.208.250.7 16509 (AMAZON-02)
1 1 107.180.41.165 26496 (AS-26496-...)
3 3 89.207.16.72 41041 (VCLK-EU-SE)
1 5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 142.250.74.202 15169 (GOOGLE)
3 40.76.192.15 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 152.199.19.160 15133 (EDGECAST)
53 9
1    103.224.182.251 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-251.above.com
praamountplus.com
5    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
1redirb.com
1    49.12.0.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.0.12.49.clients.your-server.de
rtpnt.xyz
1    78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de
clever-redirect.com
2    157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de
lookandfind.me
1    2606:4700:3036::ac43:872c (United States)

ASN13335 (CLOUDFLARENET, US)
utkv6nyu.de
3    52.208.250.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-250-7.eu-west-1.compute.amazonaws.com
lamp.glopss.com
1    107.180.41.165 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-41-165.ip.secureserver.net
track.glopss.com
3    89.207.16.72 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
www.kqzyfj.com
cj.dotomi.com
www.emjcd.com
5    2a02:26f0:6c00:286::1874 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.avianca.com
2    142.250.74.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net
fonts.googleapis.com
3    40.76.192.15 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
app-digitalgate-prd-ol.azurewebsites.net
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
Domain Requested by
5 www.avianca.com 1 redirects www.avianca.com
5 1redirb.com 1 redirects 1redirb.com
3 app-digitalgate-prd-ol.azurewebsites.net www.avianca.com
app-digitalgate-prd-ol.azurewebsites.net
1redirb.com
3 lamp.glopss.com 2 redirects lookandfind.me
2 ajax.aspnetcdn.com www.avianca.com
2 fonts.googleapis.com www.avianca.com
2 lookandfind.me 1redirb.com
1 cdnjs.cloudflare.com www.avianca.com
1 www.emjcd.com 1 redirects
1 cj.dotomi.com 1 redirects
1 www.kqzyfj.com 1 redirects
1 track.glopss.com 1 redirects
1 utkv6nyu.de 1 redirects
1 clever-redirect.com 1 redirects
1 rtpnt.xyz 1 redirects
1 praamountplus.com 1 redirects
0 assets.adobedtm.com Failed www.avianca.com
0 accounts.google.com Failed www.avianca.com
53 18

This site contains no links.

Subject Issuer Validity Valid
lookandfind.me
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
lamp.glopss.com
Amazon		 2021-11-02 -
2022-11-30		 a year crt.sh
www.avianca.com
DigiCert SHA2 Extended Validation Server CA		 2021-03-16 -
2022-03-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 02		 2021-07-07 -
2022-07-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2021-08-06 -
2022-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Frame ID: D8CAD49EDEC874FE1830A270039F4E55
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://praamountplus.com/ HTTP 302
    http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9... Page URL
  2. http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D437136484%26sid%3D... HTTP 302
    https://rtpnt.xyz/v6/r?s=r7d&s3=437136484&sid=2021111207383019bb626f0981e745a0 HTTP 302
    https://clever-redirect.com/s/r6?s=r7d&s2=&s3=437136484 HTTP 302
    https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=avianca.com&s1=r7d&s2=&s3=4... Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3... Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=2222a4d174e656872d680e9bb... HTTP 302
    https://lamp.glopss.com/aff_c?offer_id=852&aff_id=1403&aff_sub=at107999_a129845_m12_p134708_cDE_s222... HTTP 302
    https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D8... Page URL
  5. https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&redirect_pass=1&url=http%3A%2F%2Ftrack.glopss... HTTP 302
    http://track.glopss.com/?p1=852&p2=1403&p3=at107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9... HTTP 302
    http://www.kqzyfj.com/click-100480189-13622837?sid=1027307fd112fd32ab3649dfa52fbe&url=%7Bredirect%7D HTTP 302
    https://cj.dotomi.com/6i104y1A9S/18D/RTWSSYTX/RQQUYQRYZ/Q/Q/Q?c=gB1w%3DKJLQMJQywKKLywMLtuMPNSwytOL... HTTP 302
    https://www.emjcd.com/2581wktsC/krw/9BEAAGBF/988CG89GH/8/C88G8CBHFECGDFFCE9:UFan4buwLDa4/DEiCijAFC... HTTP 302
    https://www.avianca.com/es/es?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&u... HTTP 301
    https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&... Page URL

Page Statistics

53
Requests

28 %
HTTPS

21 %
IPv6

17
Domains

18
Subdomains

9
IPs

5
Countries

522 kB
Transfer

3255 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://praamountplus.com/ HTTP 302
    http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G Page URL
  2. http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D437136484%26sid%3D2021111207383019bb626f0981e745a0&s=j&enc=MUQzME5XWlVZN0kwZFhUY0xWYmZBbjQ5Zm5Ka1UyTnFWMDV3VURCMk9WcHBSMngyYjJkRVpuUjFkbVo0WnpSaE5uRlFjR2xOUTNGdmJEWkdZVEZFUjFaSWVUWk9kVkJ4U25oNlRtWkRaMWwwTjNWVlVsSk5Xak5PZUVSS2MzVTJlaXRwVld4R2JFUkpSbTF4Yld3elp6Y3hRVTUwVWpJNVYzUTRjRUZ3U0ZkclpYbzNNUzlyZFU5dlQwMDBVbTVhVWtGMlpXbGFUMmxSWVROS1VFbG5TMWhwY2k5MlNXVTRaVFY1VG10NVZuTnFVbmRZUkhKd2JUa3hhaXRqZW1JM1Z6QTFlRW92T0dGRlRGSTRRVGxJU21VeVNVVnhNSGxNWmpKTU1HOUZjV1ZuTWxRd01EVlNhSE51ZVhsMGIyOTJVelJWY1ZScVRGUXphVElyU0Vkd05XNDFaMjByY25oWFZXUmxPV1F5VUhOMWR6RmhUeXQxZGt4MFR6aEdibTU2YkZSYWJWcFdVRmsxUkV4d1dGWjVkVk4wVVdsdmRFNUJSbHBrZUdSeFFsaFRPRFJuTjA1c1RVUnRWekJPZDJscGRsSlJUbXg0VldoeVNsSTNTVEZQVFN0NFlUVkpURVZXV0hRcmRVeFZNa2xzYnpGa01rZ3ZhRkZCYVV0aVlrWlBjbGxFV0hCQ1dEWkpOR2N2T1V0clMzcElTbU5CUzJGblIwRlpUSFJoTVd4b0swdFVhRk4yWm5SMVRrdEZhVmRMU2pnMWRXNW1SVkJJTmpkcWJrbEhORUZ2UWxkT1psUmtVakppU1RkbVIwc3ZZa0UwVmxKWFJGVkJNMmxZZEdOMWRsWk9WV04xT0hSSlowZEJWRzVMY1ZZMlJVWlBVMlJQWTJnMFdFOXZNa2RETW5STGN6QXpWMVYzYkM4MmJISTVkWEV5UXpSSllVZDRTamRQZUdSSFVFMXRTVmM0TUROMFJVRnBTVlZqYkZZNVEzTlBVamRMYWt0SWVHdFJNM2R5TjI1UGMxTjJhblJ6VVRaSlZVZHlVRzUwYUhjeGMxRmlOM0JSYUdSUFIwbHFWR2R2WkV4Q1NXbHlVVzlyTWsxeFltWTFRbHBETWk4NFFqQktXVkoyTUZGQlJuRnFlVWxPU1U1clFrSmpVRXRZWTJOM2JUbFRaa3BqZWtOYU1WQmlibmhSYlRWamJ6ZGhibTE1TVhjeWFYRmxNVTRyYzAxT2RXZzRVa2RtTnpCdE4xZEZUREZNVldRM09YZzNkbFJyVTBnNWJXbEVTbUp2Y0V4bFpsVnBkRFJaV2tkU1lXTXhhMjlzU1VkYVZuVlROR05NVURCRlJGYzBlRk5IWm5jeVJWaE1NRlVyTkdoWmFISkRVM1ZhZHpGdWNHd3JMMGRZVmpoeGN6azVWMmhKY1Rkd1F6WTVSVzFhWTBKblMyZzVPRmRaVTJaRFYwTjBabmhsV25wT1NqbHVWVVpwZWtaNE1IbFlXblpYZG01SVVFcz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
    https://rtpnt.xyz/v6/r?s=r7d&s3=437136484&sid=2021111207383019bb626f0981e745a0 HTTP 302
    https://clever-redirect.com/s/r6?s=r7d&s2=&s3=437136484 HTTP 302
    https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=avianca.com&s1=r7d&s2=&s3=437136484&s5=4 Page URL
  3. https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D2222a4d174e656872d680e9bb2f2a02b%26url%3Dhttps%253A%252F%252Fwww.avianca.com%252F&h=74a459abcb9cc52cf73a7ba00631364e Page URL
  4. https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=2222a4d174e656872d680e9bb2f2a02b&url=https%3A%2F%2Fwww.avianca.com%2F HTTP 302
    https://lamp.glopss.com/aff_c?offer_id=852&aff_id=1403&aff_sub=at107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b HTTP 302
    https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3Dhttp%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3D%7Bredirect%7D&urlauth=578154324404011416552459434338 Page URL
  5. https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&redirect_pass=1&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3Dhttp%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3D%7Bredirect%7D&urlauth=578154324404011416552459434338 HTTP 302
    http://track.glopss.com/?p1=852&p2=1403&p3=at107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b&p4=&p5=1027307fd112fd32ab3649dfa52fbe&p6=http://track.glopss.com/?p1=852&p2=1403&p3=at107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b&p4=&p5=1027307fd112fd32ab3649dfa52fbe&p6={redirect} HTTP 302
    http://www.kqzyfj.com/click-100480189-13622837?sid=1027307fd112fd32ab3649dfa52fbe&url=%7Bredirect%7D HTTP 302
    https://cj.dotomi.com/6i104y1A9S/18D/RTWSSYTX/RQQUYQRYZ/Q/Q/Q?c=gB1w%3DKJLQMJQywKKLywMLtuMPNSwytOLyux%26DA4%3D%25QUAxw1AxvC%25QW%3c%3c0CC8%3A%2F%2FFFF.39IHy2.v75%3ARJ%2Fv41v3-KJJNRJKRS-KMPLLRMQ%3c%3cZ%3c%3c%3cK%3cK%3cJ%3cJ%3cJ%3c HTTP 302
    https://www.emjcd.com/2581wktsC/krw/9BEAAGBF/988CG89GH/8/C88G8CBHFECGDFFCE9:UFan4buwLDa4/DEiCijAFCBAn99mkGBDliB8B8i9G8D9B?e=v5vq%3DEDFKGDKsqEEFsqGFnoGJHMqsnIFsor%2674y%3D%25KO4rqv4rp6%25KQ%3cpw1!ALoJ-B1H6BEz%3cu662%3A%2F%2F999.x3CBsw.p1z%3ALD%2Fpyvpx-EDDHLDELM-EGJFFLGK%3c%3cT%3c%3cEGqsoFFM-LqsG-HJEn-MDqL-MMnKEMMooFIH%3cE%3cE%3cD%3cD%3cD%3c HTTP 302
    https://www.avianca.com/es/es?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513 HTTP 301
    https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://praamountplus.com/ HTTP 302
  • http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
Request Chain 4
  • http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D437136484%26sid%3D2021111207383019bb626f0981e745a0&s=j&enc=MUQzME5XWlVZN0kwZFhUY0xWYmZBbjQ5Zm5Ka1UyTnFWMDV3VURCMk9WcHBSMngyYjJkRVpuUjFkbVo0WnpSaE5uRlFjR2xOUTNGdmJEWkdZVEZFUjFaSWVUWk9kVkJ4U25oNlRtWkRaMWwwTjNWVlVsSk5Xak5PZUVSS2MzVTJlaXRwVld4R2JFUkpSbTF4Yld3elp6Y3hRVTUwVWpJNVYzUTRjRUZ3U0ZkclpYbzNNUzlyZFU5dlQwMDBVbTVhVWtGMlpXbGFUMmxSWVROS1VFbG5TMWhwY2k5MlNXVTRaVFY1VG10NVZuTnFVbmRZUkhKd2JUa3hhaXRqZW1JM1Z6QTFlRW92T0dGRlRGSTRRVGxJU21VeVNVVnhNSGxNWmpKTU1HOUZjV1ZuTWxRd01EVlNhSE51ZVhsMGIyOTJVelJWY1ZScVRGUXphVElyU0Vkd05XNDFaMjByY25oWFZXUmxPV1F5VUhOMWR6RmhUeXQxZGt4MFR6aEdibTU2YkZSYWJWcFdVRmsxUkV4d1dGWjVkVk4wVVdsdmRFNUJSbHBrZUdSeFFsaFRPRFJuTjA1c1RVUnRWekJPZDJscGRsSlJUbXg0VldoeVNsSTNTVEZQVFN0NFlUVkpURVZXV0hRcmRVeFZNa2xzYnpGa01rZ3ZhRkZCYVV0aVlrWlBjbGxFV0hCQ1dEWkpOR2N2T1V0clMzcElTbU5CUzJGblIwRlpUSFJoTVd4b0swdFVhRk4yWm5SMVRrdEZhVmRMU2pnMWRXNW1SVkJJTmpkcWJrbEhORUZ2UWxkT1psUmtVakppU1RkbVIwc3ZZa0UwVmxKWFJGVkJNMmxZZEdOMWRsWk9WV04xT0hSSlowZEJWRzVMY1ZZMlJVWlBVMlJQWTJnMFdFOXZNa2RETW5STGN6QXpWMVYzYkM4MmJISTVkWEV5UXpSSllVZDRTamRQZUdSSFVFMXRTVmM0TUROMFJVRnBTVlZqYkZZNVEzTlBVamRMYWt0SWVHdFJNM2R5TjI1UGMxTjJhblJ6VVRaSlZVZHlVRzUwYUhjeGMxRmlOM0JSYUdSUFIwbHFWR2R2WkV4Q1NXbHlVVzlyTWsxeFltWTFRbHBETWk4NFFqQktXVkoyTUZGQlJuRnFlVWxPU1U1clFrSmpVRXRZWTJOM2JUbFRaa3BqZWtOYU1WQmlibmhSYlRWamJ6ZGhibTE1TVhjeWFYRmxNVTRyYzAxT2RXZzRVa2RtTnpCdE4xZEZUREZNVldRM09YZzNkbFJyVTBnNWJXbEVTbUp2Y0V4bFpsVnBkRFJaV2tkU1lXTXhhMjlzU1VkYVZuVlROR05NVURCRlJGYzBlRk5IWm5jeVJWaE1NRlVyTkdoWmFISkRVM1ZhZHpGdWNHd3JMMGRZVmpoeGN6azVWMmhKY1Rkd1F6WTVSVzFhWTBKblMyZzVPRmRaVTJaRFYwTjBabmhsV25wT1NqbHVWVVpwZWtaNE1IbFlXblpYZG01SVVFcz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
  • https://rtpnt.xyz/v6/r?s=r7d&s3=437136484&sid=2021111207383019bb626f0981e745a0 HTTP 302
  • https://clever-redirect.com/s/r6?s=r7d&s2=&s3=437136484 HTTP 302
  • https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=avianca.com&s1=r7d&s2=&s3=437136484&s5=4
Request Chain 6
  • https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=2222a4d174e656872d680e9bb2f2a02b&url=https%3A%2F%2Fwww.avianca.com%2F HTTP 302
  • https://lamp.glopss.com/aff_c?offer_id=852&aff_id=1403&aff_sub=at107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b HTTP 302
  • https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3Dhttp%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3D%7Bredirect%7D&urlauth=578154324404011416552459434338

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
r2.php
1redirb.com/
Redirect Chain
  • http://praamountplus.com/
  • http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oX...
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
85f6b64e4a10574520dd797ce37301d48190aa97cd1139ec0630fe40d67a1c90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 11 Nov 2021 20:38:31 GMT
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2256
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 11 Nov 2021 20:38:30 GMT
Server
Apache/2.4.25 (Debian)
Location
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
jscheck.js
1redirb.com/javascript/ 		899 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/javascript/jscheck.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 20:38:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 05:45:18 GMT
Server
Apache/2.4.25 (Debian)
ETag
"383-5ccf39a190b38-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
405
swfobject.js
1redirb.com/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/javascript/swfobject.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 20:38:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Sep 2021 05:15:56 GMT
Server
Apache/2.4.25 (Debian)
ETag
"27ef-5ccf33113950a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3949
jscheck.php
1redirb.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://1redirb.com/jscheck.php?enc=MUQzME5XWlVZN0kwZFhUY0xWYmZBbjQ5Zm5Ka1UyTnFWMDV3VURCMk9WcHBSMngyYjJkRVpuUjFkbVo0WnpSaE5uRlFjR2xOUTNGdmJEWkdZVEZFUjFaSWVUWk9kVkJ4U25oNlRtWkRaMWwwTjNWVlVsSk5Xak5PZUVSS2MzVTJlaXRwVld4R2JFUkpSbTF4Yld3elp6Y3hRVTUwVWpJNVYzUTRjRUZ3U0ZkclpYbzNNUzlyZFU5dlQwMDBVbTVhVWtGMlpXbGFUMmxSWVROS1VFbG5TMWhwY2k5MlNXVTRaVFY1VG10NVZuTnFVbmRZUkhKd2JUa3hhaXRqZW1JM1Z6QTFlRW92T0dGRlRGSTRRVGxJU21VeVNVVnhNSGxNWmpKTU1HOUZjV1ZuTWxRd01EVlNhSE51ZVhsMGIyOTJVelJWY1ZScVRGUXphVElyU0Vkd05XNDFaMjByY25oWFZXUmxPV1F5VUhOMWR6RmhUeXQxZGt4MFR6aEdibTU2YkZSYWJWcFdVRmsxUkV4d1dGWjVkVk4wVVdsdmRFNUJSbHBrZUdSeFFsaFRPRFJuTjA1c1RVUnRWekJPZDJscGRsSlJUbXg0VldoeVNsSTNTVEZQVFN0NFlUVkpURVZXV0hRcmRVeFZNa2xzYnpGa01rZ3ZhRkZCYVV0aVlrWlBjbGxFV0hCQ1dEWkpOR2N2T1V0clMzcElTbU5CUzJGblIwRlpUSFJoTVd4b0swdFVhRk4yWm5SMVRrdEZhVmRMU2pnMWRXNW1SVkJJTmpkcWJrbEhORUZ2UWxkT1psUmtVakppU1RkbVIwc3ZZa0UwVmxKWFJGVkJNMmxZZEdOMWRsWk9WV04xT0hSSlowZEJWRzVMY1ZZMlJVWlBVMlJQWTJnMFdFOXZNa2RETW5STGN6QXpWMVYzYkM4MmJISTVkWEV5UXpSSllVZDRTamRQZUdSSFVFMXRTVmM0TUROMFJVRnBTVlZqYkZZNVEzTlBVamRMYWt0SWVHdFJNM2R5TjI1UGMxTjJhblJ6VVRaSlZVZHlVRzUwYUhjeGMxRmlOM0JSYUdSUFIwbHFWR2R2WkV4Q1NXbHlVVzlyTWsxeFltWTFRbHBETWk4NFFqQktXVkoyTUZGQlJuRnFlVWxPU1U1clFrSmpVRXRZWTJOM2JUbFRaa3BqZWtOYU1WQmlibmhSYlRWamJ6ZGhibTE1TVhjeWFYRmxNVTRyYzAxT2RXZzRVa2RtTnpCdE4xZEZUREZNVldRM09YZzNkbFJyVTBnNWJXbEVTbUp2Y0V4bFpsVnBkRFJaV2tkU1lXTXhhMjlzU1VkYVZuVlROR05NVURCRlJGYzBlRk5IWm5jeVJWaE1NRlVyTkdoWmFISkRVM1ZhZHpGdWNHd3JMMGRZVmpoeGN6azVWMmhKY1Rkd1F6WTVSVzFhWTBKblMyZzVPRmRaVTJaRFYwTjBabmhsV25wT1NqbHVWVVpwZWtaNE1IbFlXblpYZG01SVVFcz0%3D&rand=0.6740798743055196
Requested by
Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 11 Nov 2021 20:38:32 GMT
Server
Apache/2.4.25 (Debian)
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
a
lookandfind.me/s/
Redirect Chain
  • http://1redirb.com/r.php?u=https%3A%2F%2Frtpnt.xyz%2Fv6%2Fr%3Fs%3Dr7d%26s3%3D437136484%26sid%3D2021111207383019bb626f0981e745a0&s=j&enc=MUQzME5XWlVZN0kwZFhUY0xWYmZBbjQ5Zm5Ka1UyTnFWMDV3VURCMk9WcHBSM...
  • https://rtpnt.xyz/v6/r?s=r7d&s3=437136484&sid=2021111207383019bb626f0981e745a0
  • https://clever-redirect.com/s/r6?s=r7d&s2=&s3=437136484
  • https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=avianca.com&s1=r7d&s2=&s3=437136484&s5=4
429 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=avianca.com&s1=r7d&s2=&s3=437136484&s5=4
Requested by
Host: 1redirb.com
URL: http://1redirb.com/javascript/jscheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
429
content-type
text/html; charset=UTF-8
date
Thu, 11 Nov 2021 20:38:32 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy
no-referrer
x-powered-by
PHP/7.4.24
location
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=avianca.com&s1=r7d&s2=&s3=437136484&s5=4
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 11 Nov 2021 20:38:32 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
r
lookandfind.me/s/ 		345 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D2222a4d174e656872d680e9bb2f2a02b%26url%3Dhttps%253A%252F%252Fwww.avianca.com%252F&h=74a459abcb9cc52cf73a7ba00631364e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.168.169.90.157.clients.your-server.de
Software
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/a?t=1&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=avianca.com&s1=r7d&s2=&s3=437136484&s5=4

Response headers

referrer-policy
strict-origin-when-cross-origin
x-powered-by
PHP/7.4.24
content-length
345
content-type
text/html; charset=UTF-8
date
Thu, 11 Nov 2021 20:38:32 GMT
server
Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24
aff_r
lamp.glopss.com/
Redirect Chain
  • https://utkv6nyu.de/redir/clickGate.php?u=JRhaDii6&p=ECZMhxN0n7&m=12&s=2222a4d174e656872d680e9bb2f2a02b&url=https%3A%2F%2Fwww.avianca.com%2F
  • https://lamp.glopss.com/aff_c?offer_id=852&aff_id=1403&aff_sub=at107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b
  • https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%...
541 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3Dhttp%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3D%7Bredirect%7D&urlauth=578154324404011416552459434338
Requested by
Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D2222a4d174e656872d680e9bb2f2a02b%26url%3Dhttps%253A%252F%252Fwww.avianca.com%252F&h=74a459abcb9cc52cf73a7ba00631364e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.250.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-250-7.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2b867006f87fa2e7ccac4836324f13f7e4d8a49537bba4aa781986becf6b9c7d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lookandfind.me/s/r?u=https%3A%2F%2Futkv6nyu.de%2Fredir%2FclickGate.php%3Fu%3DJRhaDii6%26p%3DECZMhxN0n7%26m%3D12%26s%3D2222a4d174e656872d680e9bb2f2a02b%26url%3Dhttps%253A%252F%252Fwww.avianca.com%252F&h=74a459abcb9cc52cf73a7ba00631364e

Response headers

Server
nginx
Date
Thu, 11 Nov 2021 20:38:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Access-Control-Allow-Origin
*
X-Request-Id
0edc0dcab0a1bcd93690ecd828b80e82
Access-Control-Allow-Headers
Tune-SDK-Version
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 11 Nov 2021 20:38:33 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
651
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
/aff_r?offer_id=852&aff_id=1403&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3Dhttp%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3D%7Bredirect%7D&urlauth=578154324404011416552459434338
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Tracking_id
1027307fd112fd32ab3649dfa52fbe
Access-Control-Allow-Origin
*
X-Request-Id
d5127f1a9651ef0722bbd2a8002b7a93
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request /
www.avianca.com/es/es/
Redirect Chain
  • https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&redirect_pass=1&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb...
  • http://track.glopss.com/?p1=852&p2=1403&p3=at107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b&p4=&p5=1027307fd112fd32ab3649dfa52fbe&p6=http://track.glopss.com/?p1=852&p2=1403&p3=at1...
  • http://www.kqzyfj.com/click-100480189-13622837?sid=1027307fd112fd32ab3649dfa52fbe&url=%7Bredirect%7D
  • https://cj.dotomi.com/6i104y1A9S/18D/RTWSSYTX/RQQUYQRYZ/Q/Q/Q?c=gB1w%3DKJLQMJQywKKLywMLtuMPNSwytOLyux%26DA4%3D%25QUAxw1AxvC%25QW%3c%3c0CC8%3A%2F%2FFFF.39IHy2.v75%3ARJ%2Fv41v3-KJJNRJKRS-KMPLLRMQ%3c%...
  • https://www.emjcd.com/2581wktsC/krw/9BEAAGBF/988CG89GH/8/C88G8CBHFECGDFFCE9:UFan4buwLDa4/DEiCijAFCBAn99mkGBDliB8B8i9G8D9B?e=v5vq%3DEDFKGDKsqEEFsqGFnoGJHMqsnIFsor%2674y%3D%25KO4rqv4rp6%25KQ%3cpw1!AL...
  • https://www.avianca.com/es/es?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649...
  • https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab364...
2 MB
310 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::1874 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Avianca /
Resource Hash
24d6163f69e0920b79ff52113d26196052bb4ceecea4b3e526923e2c367b0560
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lamp.glopss.com/aff_r?offer_id=852&aff_id=1403&url=http%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3Dhttp%3A%2F%2Ftrack.glopss.com%2F%3Fp1%3D852%26p2%3D1403%26p3%3Dat107999_a129845_m12_p134708_cDE_s2222a4d174e656872d680e9bb2f2a02b%26p4%3D%26p5%3D1027307fd112fd32ab3649dfa52fbe%26p6%3D%7Bredirect%7D&urlauth=578154324404011416552459434338

Response headers

server
Avianca
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff nosniff
referrer-policy
strict-origin
accept-ranges
bytes
service-worker-allowed
/
x-via-nscopi
1.0
content-type
text/html;charset=utf-8
x-akamai-transformed
9 - 0 pmb=mTOE,3mRUM,2
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=900
expires
Thu, 11 Nov 2021 20:53:34 GMT
date
Thu, 11 Nov 2021 20:38:34 GMT
server-timing
cdn-cache; desc=REVALIDATE edge; dur=1 origin; dur=101
access-control-expose-headers
AVReg
access-control-max-age
86400
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
avreg
EU
avlong
8.68
avlat
50.12
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload

Redirect headers

server
AkamaiGHost
content-length
0
location
https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
cache-control
max-age=900
expires
Thu, 11 Nov 2021 20:53:33 GMT
date
Thu, 11 Nov 2021 20:38:33 GMT
server-timing
cdn-cache; desc=HIT edge; dur=1
access-control-expose-headers
AVReg
access-control-max-age
86400
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
erc
OTH
avreg
EU
avlong
8.68
avlat
50.12
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
css
fonts.googleapis.com/ 		3 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900&display=swap
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
ESF /
Resource Hash
43a3c6b6833c09b3117dd30af4ef3d2d45e9cc575ab34515d96c44c44dd37e8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.avianca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 20:03:53 GMT
server
ESF
date
Thu, 11 Nov 2021 20:38:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Nov 2021 20:38:35 GMT
icon
fonts.googleapis.com/ 		1 KB
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
ESF /
Resource Hash
e8120d43a865e09ee0b77f8fc8d56b2b613bd797e83785baecfbd8e504d584f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.avianca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 20:38:35 GMT
server
ESF
date
Thu, 11 Nov 2021 20:38:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Nov 2021 20:38:35 GMT
digital-gate.js
app-digitalgate-prd-ol.azurewebsites.net/digitalGate/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-digitalgate-prd-ol.azurewebsites.net/digitalGate/digital-gate.js
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.192.15 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2029aedc34af61c2c1f47bbc2f7bd5ef72ac0a0972892c1f30bb431ed7411d9d
Security Headers
Name Value
Content-Security-Policy default-src https:; font-src *;img-src * data:;script-src https: 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.avianca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-powered-by
ASP.NET
content-length
2142
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Tue, 24 Aug 2021 03:10:11 GMT
server
Microsoft-IIS/10.0
date
Thu, 11 Nov 2021 20:38:34 GMT
content-type
application/x-javascript
cache-control
no-cache, no-store, must-revalidate
feature-policy
sync-xhr *;payment 'none'
etag
"1fd2398d9598d71:0"
content-security-policy
default-src https:; font-src *;img-src * data:;script-src https: 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges
bytes
pouchdb.min.js
cdnjs.cloudflare.com/ajax/libs/pouchdb/7.2.2/ 		133 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pouchdb/7.2.2/pouchdb.min.js
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d54b1b6deafc6ae2c5548e6dd9f335600271ad7835779e8af86fb965e604ef4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avianca.com/
Origin
https://www.avianca.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:38:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4331267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37428
timing-allow-origin
*
last-modified
Mon, 27 Jul 2020 12:46:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f1ecc8b-21243"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfkGv1fbP%2B3%2Bl%2BfVhXWMyQViiIMf0AfzgbECT5vXe9tFJnc%2BF6ThujTRZfL5hzqx0u1WIY7o1nH38Oe%2F%2BbqR9LDW1AuLtaG%2BQoLNWTURYLURDAHPWf9IMcocK3Lq%2BbnwIWTVBP2NzbFHQmfhrwQbAGUP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6aca5333f9364a85-FRA
expires
Tue, 01 Nov 2022 20:38:34 GMT
clientlib-sw-init.min.js
www.avianca.com/apps/avianca/clientlibs/ 		0
0
client
accounts.google.com/gsi/ 		0
0
jquery-1.12.4.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		95 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.4.min.js
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F90) /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avianca.com/
Origin
https://www.avianca.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3957295
x-cache
HIT
content-length
43298
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:10:52 GMT
server
ECAcc (frc/8F90)
etag
"851dbc6cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
jquery-migrate-1.1.0.min.js
ajax.aspnetcdn.com/ajax/jquery.migrate/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.migrate/jquery-migrate-1.1.0.min.js
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6A) /
Resource Hash
a337873f0ea2fc855f452ad8d2030d3e5a2a359ed562a7ec18f4fa76a693ac35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.avianca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 20:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14484449
x-cache
HIT
content-length
3530
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:12:42 GMT
server
ECAcc (frc/8F6A)
etag
"79fe1748cc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
clientlib-dependencies-home.min.js
www.avianca.com/apps/avianca/clientlibs/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avianca.com/apps/avianca/clientlibs/clientlib-dependencies-home.min.js
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::1874 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Avianca /
Resource Hash
cb32224b2cfbbc806bd9a29575aab2c98a81a050c34a6d68b6c03f1e6c1a693f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.avianca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

erc
OTH, OTH
date
Thu, 11 Nov 2021 20:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
access-control-allow-methods
GET,POST
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
600
x-xss-protection
1; mode=block
service-worker-allowed
/
avlat
9.93, 50.12
referrer-policy
strict-origin
last-modified
Tue, 10 Aug 2021 03:17:50 GMT
server
Avianca
avreg
NA, EU
x-frame-options
SAMEORIGIN
etag
"417-5c92bf2553380"
access-control-max-age
86400
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
avlong
-84.05, 8.68
access-control-allow-origin
*
access-control-expose-headers
AVReg
cache-control
max-age=21600
access-control-allow-credentials
false
accept-ranges
bytes
content-type
application/javascript;charset=utf-8
access-control-allow-headers
*
expires
Fri, 12 Nov 2021 02:38:34 GMT
clientlib-dependencies-home.min.css
www.avianca.com/apps/avianca/clientlibs/ 		88 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avianca.com/apps/avianca/clientlibs/clientlib-dependencies-home.min.css
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::1874 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Avianca /
Resource Hash
a6220bcfac13e2d5b9a875be4fba7494985aee4e4f55f5a22677e6d791b241cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.avianca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

erc
OTH, OTH
date
Thu, 11 Nov 2021 20:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
access-control-allow-methods
GET,POST
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
14667
x-xss-protection
1; mode=block
service-worker-allowed
/
avlat
10.98, 50.12
referrer-policy
strict-origin
last-modified
Tue, 10 Aug 2021 03:20:35 GMT
server
Avianca
avreg
SA, EU
x-frame-options
SAMEORIGIN
etag
"15e33-5c92bfc2ae6c0-gzip"
access-control-max-age
86400
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
avlong
-74.80, 8.68
access-control-allow-origin
*
access-control-expose-headers
AVReg
cache-control
max-age=21600
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css;charset=utf-8
access-control-allow-headers
*
expires
Fri, 12 Nov 2021 02:38:34 GMT
clientlib-home.min.css
www.avianca.com/apps/avianca/clientlibs/ 		791 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avianca.com/apps/avianca/clientlibs/clientlib-home.min.css
Requested by
Host: www.avianca.com
URL: https://www.avianca.com/es/es/?utm_campaign=eur_es_por_afi_cj_des_esp_ftr_20181015comissionjunction&utm_source=commission-junction&utm_medium=cpa&utm_content=4705670_100480189_1027307fd112fd32ab3649dfa52fbe&cjevent=56a4ab27432f11ec835da3030a180513
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:286::1874 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Avianca /
Resource Hash
474c28230642ad9f1efc9314cf7e23ecac91f441ccaf1adb02983303eb39342d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.avianca.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

erc
OTH, OTH
date
Thu, 11 Nov 2021 20:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
access-control-allow-methods
GET,POST
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
94477
x-xss-protection
1; mode=block
service-worker-allowed
/
avlat
4.60, 50.12
referrer-policy
strict-origin
last-modified
Thu, 11 Nov 2021 08:06:02 GMT
server
Avianca
avreg
SA, EU
x-frame-options
SAMEORIGIN
etag
"c5ada-5d07ed0420e80-gzip"
access-control-max-age
86400
strict-transport-security
max-age=15768000 ; includeSubDomains ; preload
avlong
-74.08, 8.68
access-control-allow-origin
*
access-control-expose-headers
AVReg
cache-control
max-age=21600
access-control-allow-credentials
false
accept-ranges
bytes
content-type
text/css;charset=utf-8
access-control-allow-headers
*
expires
Fri, 12 Nov 2021 02:38:34 GMT
launch-ENdbb6b75f586e466ba950b934a607faea.min.js
assets.adobedtm.com/ 		0
0
6fa2cc4f
www.avianca.com/akam/11/ 		0
0
infCookie.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/ 		0
0
aviancaApp.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/ 		0
0
digital-gate.js
app-digitalgate-prd-ol.azurewebsites.net/digitalGate/ 		0
0
launch-ENdbb6b75f586e466ba950b934a607faea.min.js
assets.adobedtm.com/ 		0
0
cerrarApp.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/ 		0
0
avianca_airlines_logo_white.svg
www.avianca.com/content/dam/avianca_new/logos/ 		0
0
logo-avianca-minimal.svg
www.avianca.com/content/dam/avianca_new/logos/ 		0
0
logo-av-red.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/logo/ 		0
0
logo-avianca-mini-blanco.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/logo/ 		0
0
biocare.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
cambio-de-vuelo.png
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
logo-avianca-mini-rojo.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/logo/ 		0
0
ic-etiqueta.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
map.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
work.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
receipt.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
play.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
info.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/alerts/ 		0
0
ic-bell-close.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/marquesina/ 		0
0
ic_life_milles_02.png
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
reloj-ic-dos.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
experiencia.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0
Logo_Av1.png
www.avianca.com/content/dam/avianca_new/logos/ 		0
0
viajes-a-guayaquil-para-conocer-el-farolde-serro-santa-ana.jpg
www.avianca.com/content/dam/avianca_new/contenido/banner-home/gye/ 		0
0
viajes-con-soporte-de-centro-de-ayuda.jpg
www.avianca.com/content/dam/avianca_new/contenido/banner-home/genericos/ 		0
0
digital-gate-widget.esm.js
app-digitalgate-prd-ol.azurewebsites.net/digitalGate/app/digital-gate-widget/ 		576 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-digitalgate-prd-ol.azurewebsites.net/digitalGate/app/digital-gate-widget/digital-gate-widget.esm.js
Requested by
Host: app-digitalgate-prd-ol.azurewebsites.net
URL: https://app-digitalgate-prd-ol.azurewebsites.net/digitalGate/digital-gate.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.192.15 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1e881d25804304f137d521c296aeeb7918a5a61786ddf56f06f3974163f722c2
Security Headers
Name Value
Content-Security-Policy default-src https:; font-src *;img-src * data:;script-src https: 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avianca.com/
Origin
https://www.avianca.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-powered-by
ASP.NET
content-length
576
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Tue, 24 Aug 2021 03:09:23 GMT
server
Microsoft-IIS/10.0
date
Thu, 11 Nov 2021 20:38:34 GMT
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
feature-policy
sync-xhr *;payment 'none'
etag
"c5fc35709598d71:0"
content-security-policy
default-src https:; font-src *;img-src * data:;script-src https: 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges
bytes
p-254153a0.js
app-digitalgate-prd-ol.azurewebsites.net/digitalGate/app/digital-gate-widget/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-digitalgate-prd-ol.azurewebsites.net/digitalGate/app/digital-gate-widget/p-254153a0.js
Requested by
Host: 1redirb.com
URL: http://1redirb.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yLAb%2Fkyb%2BuzmuKfrFd3Vi9GzJQ57JCeDyq3YXykTZB9irhnQoComCrZS0hkQDIcHMgRgM%2FswQ1ePpUt%2FPIE5ufzUD0B6Jwh9adAc8WGW6JQ%2FpLA%2FjbOLak9hBnLsd7aPNLaAk55oXgL%2FQanpNPHApxXatw5EIwr4f%2FZ6WViXF9npbUh1OFT2pdPA2jsnzOwH3e%2FEGRlCgA7WqIalwntzKF3EtwNvk7p6lwbldYR%2BNqr3K8v9A9h2RVmjGs8H2YjMxSJbyvLpWEs79TQBMrZwN5vkHyutC9jtF%2B72hjKmSmZdmQhT2CyioNblDtBpD2GE83IKJioKkdbteAFPX6WOt%2FcjGxNKQRuV6di196%2B%2BLeprE9uXQTW4CYEBT6IDAyK%2BWh%2BabrOJHylmwhY0lApqRVkM3e6S5MpynrQl5ZwPvnUGyo2WCfwwwIsIKkWgdvkuvuGKRjL2D82jlp8XE3C3X4QfLsSLiGt120GQTNbTVhvtPDuJ%2BJzEXhxnS1hnhKfOQxGTtqSkIydwyoVkncDtWRDC62B8y7Mie%2FNyVAj50P89Zn2iUb1JCRZzQaIxmtnA3gABtpg%2FNxzU%2B5xEjPSMUjB1BHMDnvDmXgWCz4MNFzGkK6YnDF95viTre%2B5AFdy8RjnjDL%2BdiofCtbQ1qxMn9JeqosAGfnDsp%2BosoXBHDs3c0JAwAuB8HD4%2F%2Fi0IGo9u56T1ypr3AdnO%2BMWkGR7nJfGaxjkzWaqG45qrqIssaG4G
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.76.192.15 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4a90fa5afa231329f13fc801f79009b77580366da0bb4bf20f49545ecd910fd4
Security Headers
Name Value
Content-Security-Policy default-src https:; font-src *;img-src * data:;script-src https: 'unsafe-eval'; style-src https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app-digitalgate-prd-ol.azurewebsites.net/
Origin
https://www.avianca.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
ASP.NET
content-length
4369
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin
last-modified
Tue, 24 Aug 2021 03:09:23 GMT
server
Microsoft-IIS/10.0
date
Thu, 11 Nov 2021 20:38:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
feature-policy
sync-xhr *;payment 'none'
etag
"80f328709598d71:0"
content-security-policy
default-src https:; font-src *;img-src * data:;script-src https: 'unsafe-eval'; style-src https: 'unsafe-inline'
accept-ranges
bytes
success.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/alerts/ 		0
0
illustration.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/check-in/ 		0
0
error.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/check-in/ 		0
0
warning.svg
www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/alerts/ 		0
0
icono-avianca-alas.svg
www.avianca.com/content/dam/avianca_new/icons/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.avianca.com
URL
https://www.avianca.com/apps/avianca/clientlibs/clientlib-sw-init.min.js
Domain
accounts.google.com
URL
https://accounts.google.com/gsi/client
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/launch-ENdbb6b75f586e466ba950b934a607faea.min.js
Domain
www.avianca.com
URL
https://www.avianca.com/akam/11/6fa2cc4f
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/infCookie.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/aviancaApp.svg
Domain
app-digitalgate-prd-ol.azurewebsites.net
URL
https://app-digitalgate-prd-ol.azurewebsites.net/digitalGate/digital-gate.js
Domain
assets.adobedtm.com
URL
https://assets.adobedtm.com/launch-ENdbb6b75f586e466ba950b934a607faea.min.js
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/cerrarApp.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/logos/avianca_airlines_logo_white.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/logos/logo-avianca-minimal.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/logo/logo-av-red.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/logo/logo-avianca-mini-blanco.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/biocare.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/cambio-de-vuelo.png
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/logo/logo-avianca-mini-rojo.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/ic-etiqueta.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/map.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/work.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/receipt.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/play.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/alerts/info.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/marquesina/ic-bell-close.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/ic_life_milles_02.png
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/reloj-ic-dos.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/experiencia.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/logos/Logo_Av1.png
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/contenido/banner-home/gye/viajes-a-guayaquil-para-conocer-el-farolde-serro-santa-ana.jpg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/contenido/banner-home/genericos/viajes-con-soporte-de-centro-de-ayuda.jpg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/alerts/success.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/check-in/illustration.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/images/check-in/error.svg
Domain
www.avianca.com
URL
https://www.avianca.com/etc.clientlibs/avianca/clientlibs/clientlib-site/resources/icons/alerts/warning.svg
Domain
www.avianca.com
URL
https://www.avianca.com/content/dam/avianca_new/icons/icono-avianca-alas.svg

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| loadScripts function| appendTag function| sendChannelAction object| digitalGate function| PouchDB

14 Cookies

Domain/Path Name / Value
praamountplus.com/ Name: __tad
Value: 1636663110.3455694
.1redirb.com/ Name: __dsnsid
Value: 2021111207383019bb626f0981e745a0
utkv6nyu.de/ Name: PHPSESSID
Value: rpqjdf9l6g3nc4onn9ecjqeuo7
lamp.glopss.com/ Name: enc_aff_session_852
Value: ENC038c28985f4e0e1cba96333b30d1e3bd4acaa1c2c126623fcb1c45f1b7f00fb47ca157f8b95faea460f8ca57d2a20e287bef0d6895b78ffa6aa3b0462ae3a2cf82297214c22c83601d59afcf3a7084f451f0dadee667e28fbc1e074cf8eb53974c54c43d091e26729bcd3c2eb5c5a45459c6932c8f461f718c145f2b9248d25687823958dea1cf3b0de06a75e8ff72047d659f0c8ffa7f46172f3417c6bd5097f26a5f9146345a1101d9695124e31e4763b49a2717c3af080438cadfacaeb2a02ccc24f34d243b9a646ff402fe1956449e321d4e184521da2ca9242d20a6a301a50e314c3f
lamp.glopss.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5NS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
.dotomi.com/ Name: cjae
Value: M7SfxTmoD5Sx
.dotomi.com/ Name: DotomiUser
Value: 400804397648577461$0$1
.dotomi.com/ Name: LCLK
Value: cjo!x8b6-yo4ty1m
.emjcd.com/ Name: S
Value: 400804397648577461:M7SfxTmoD5Sx
.emjcd.com/ Name: LCLK
Value: cjo!x8b6-yo4ty1m
.avianca.com/ Name: _abck
Value: 59BD446AF862DD64706B1267B4B52652~-1~YAAQf7oQAgTSQAx9AQAA/Ti5EAZ4a1/lF7udn+n7784cMr/GRaCi1h3gYNGdezQBJkAoQ3/WzGzdvjUMeoJmmAZXn2aW++83sESDqWEMbh+j02zRqc9IBKnqQWQaLqZzjD/Lu3aCdVRDdZdDNFrD+n/yORJNKwNZjnLlnK3eS14A7RI7g7r62iai5EkcMQ14a9Mi3UJgSl7CqRVh7dCGd2OAP3mOfhhOjFG90cE7j0AjgVB4I+1e2B97xWMqG0j0nahPiOb5uzypru/6zKTjs9eZrBMmWHwSmpyHNcq2Qg6NdyMLQpzaMkCB9+4CZg/RQso99QbliKWpNAHY/JXWQE1cM/0KK0YUNHpRX85BHLlgqv+f9NcPIrH7Soij~-1~-1~-1
.avianca.com/ Name: bm_sz
Value: 76F5C68CA0DED61904C8C2867A1511FC~YAAQf7oQAgXSQAx9AQAA/Ti5EA2u7qDzfK3C4jSvhgQUHmJTA+TgY5726Bf8zcepEQjNfhaEiTW7DgENnI79BfzuIsrf3LVe5DadSc2/lKcteQOjQSzuUxQWe0gOeHP4qFAmBKgPRKbMNp61tclBB+7f3d7kZvLEuhVLowQ9WbmRSh5GvrM0/IGKarKaZiM7z3h8YfyJTpjEVN8prrVbBH4gudlobuFnqbhlhdsKninND8RKZn4ja3K3RinDDFf11ZjVqLAXAiIbsXOgvfLaCKtA3hWynpW8JUtAgQdsEmnHJJy3~3424560~3359030
.avianca.com/ Name: ak_bmsc
Value: EED809A9915DDDBB46664F5BA6B95B43~000000000000000000000000000000~YAAQf7oQAgfSQAx9AQAAVDy5EA1cOPxFSvH0v8oGYmLo1lZo+xNK+lZ+3nqyM8+l/E8AMxIvP64sJPGU0WfftLPa5swDXDK4g7iETGQQH7q+buGm9PQMW6Z6ldqV6B2SlQp3Pvro5EcE7BuTYfl9hH3FOu8GqCc8z+bwmqEvbAddILYxSQYrZc+E4BSg+dPL+Ju7JSp4sefLl3Q0ERxDFLACTaebUd3blOSzimsjmTU2DKrBtTc8Vwb+xmxo3XnyYWjqnL0v6lTPScm3qeKBZFfvBNZZ////Iv33e4c5WF6J8jOEZrPd268sUCS/0DFmx4OkSJ8721MN8fhMvJthwM2EaqEAul+Mo1B/RRZh7l0iVaOTX3cR7im6tdpjAmGaa7wLtUEAsJc6+kSunCrGJUjw
.app-digitalgate-prd-ol.azurewebsites.net/ Name: ARRAffinitySameSite
Value: 3941941b309be5ca8d13dda38902c88ba45cf588f9bea3e5b964df7a10fab670

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirb.com
accounts.google.com
ajax.aspnetcdn.com
app-digitalgate-prd-ol.azurewebsites.net
assets.adobedtm.com
cdnjs.cloudflare.com
cj.dotomi.com
clever-redirect.com
fonts.googleapis.com
lamp.glopss.com
lookandfind.me
praamountplus.com
rtpnt.xyz
track.glopss.com
utkv6nyu.de
www.avianca.com
www.emjcd.com
www.kqzyfj.com
accounts.google.com
app-digitalgate-prd-ol.azurewebsites.net
assets.adobedtm.com
www.avianca.com
103.224.182.206
103.224.182.251
107.180.41.165
142.250.74.202
152.199.19.160
157.90.169.168
2606:4700:3036::ac43:872c
2606:4700::6810:125e
2a02:26f0:6c00:286::1874
40.76.192.15
49.12.0.235
52.208.250.7
78.46.197.88
89.207.16.72
0d54b1b6deafc6ae2c5548e6dd9f335600271ad7835779e8af86fb965e604ef4
1e881d25804304f137d521c296aeeb7918a5a61786ddf56f06f3974163f722c2
2029aedc34af61c2c1f47bbc2f7bd5ef72ac0a0972892c1f30bb431ed7411d9d
24d6163f69e0920b79ff52113d26196052bb4ceecea4b3e526923e2c367b0560
2b867006f87fa2e7ccac4836324f13f7e4d8a49537bba4aa781986becf6b9c7d
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
43a3c6b6833c09b3117dd30af4ef3d2d45e9cc575ab34515d96c44c44dd37e8a
474c28230642ad9f1efc9314cf7e23ecac91f441ccaf1adb02983303eb39342d
4a90fa5afa231329f13fc801f79009b77580366da0bb4bf20f49545ecd910fd4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
85f6b64e4a10574520dd797ce37301d48190aa97cd1139ec0630fe40d67a1c90
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a337873f0ea2fc855f452ad8d2030d3e5a2a359ed562a7ec18f4fa76a693ac35
a6220bcfac13e2d5b9a875be4fba7494985aee4e4f55f5a22677e6d791b241cd
cb32224b2cfbbc806bd9a29575aab2c98a81a050c34a6d68b6c03f1e6c1a693f
e8120d43a865e09ee0b77f8fc8d56b2b613bd797e83785baecfbd8e504d584f4