immigration.xtra.net Open in urlscan Pro
172.67.69.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://immigration.xtra.net/
Submission: On December 02 via api (December 2nd 2025, 6:21:43 pm UTC) from US — Scanned from PT

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 42 HTTP transactions. The main IP is 172.67.69.158, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is immigration.xtra.net.
TLS certificate: Issued by WE1 on November 7th 2025. Valid for: 3 months.

This is the only time immigration.xtra.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	172.67.69.158 172.67.69.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	57.144.248.128 57.144.248.128	32934 (FACEBOOK) (FACEBOOK)
2	23.219.149.35 23.219.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.80.73 104.16.80.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
42	10

23 172.67.69.158 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

immigration.xtra.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

7 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 57.144.248.128 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.219.149.35 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-149-35.deploy.static.akamaitechnologies.com

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.16.80.73 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
23	xtra.net immigration.xtra.net	166 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 800	204 KB
3	gstatic.com fonts.gstatic.com	107 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 5030 log.pinterest.com — Cisco Umbrella Rank: 7135	19 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 261	77 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 166	220 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 97	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 407	7 KB
42	8

	Domain	Requested by
23	immigration.xtra.net	immigration.xtra.net static.cloudflareinsights.com
7	fundingchoicesmessages.google.com	immigration.xtra.net pagead2.googlesyndication.com
3	fonts.gstatic.com	immigration.xtra.net fonts.googleapis.com
2	assets.pinterest.com	immigration.xtra.net assets.pinterest.com
2	connect.facebook.net	immigration.xtra.net connect.facebook.net
2	pagead2.googlesyndication.com	immigration.xtra.net pagead2.googlesyndication.com
1	log.pinterest.com
1	fonts.googleapis.com
1	static.cloudflareinsights.com	immigration.xtra.net
42	9

This site contains no links.

Subject Issuer	Validity	Valid
immigration.xtra.net WE1	`2025-11-07` - `2026-02-05`	3 months	crt.sh
*.google.com WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh
*.g.doubleclick.net WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh
*.facebook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-09-11` - `2025-12-10`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-07-23` - `2026-08-23`	a year	crt.sh
cloudflareinsights.com WE1	`2025-10-22` - `2026-01-20`	3 months	crt.sh
upload.video.google.com WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh
*.gstatic.com WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://immigration.xtra.net/
Frame ID: 1FDF005EF5512BD9D7FC29C9652162E9
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

See the World, One Dream at a Time - Xtra.net

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript libraries) Expand

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

807 kB
Transfer

2554 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
immigration.xtra.net/ 106 KB
25 KB 234ms
157ms Document
text/html 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f389550fc7906cc54b4b49ee8b96305c8b4776635de6729b8f660f812d166d0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000, must-revalidate
cf-cache-status: MISS
cf-ray: 9a7cd87e79c81bc5-MAD
content-encoding: zstd
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
content-type: text/html; charset=utf-8
date: Tue, 02 Dec 2025 18:21:44 GMT
expect-ct: max-age=86400, enforce
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
priority: u=0,i
referrer-policy: no-referrer, strict-origin
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LZHa5eBIZ4zvcgQHBxTfnpb8aWwxeOjV6rRnCIF1pV%2BzAx%2BFxMQfQ4jPvaXMvLFkhDzATR6FYfL3EwoDT4GN2%2B5YhPHJXJtzDfBqO7of%2BsZdE5rw"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="MISS" cfEdge;dur=14,cfOrigin;dur=84 cfExtPri
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 speculation
immigration.xtra.net/cdn-cgi/ 128 B
587 B 68ms
68ms Other
application/speculationrules+json 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/cdn-cgi/speculation

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mDm2eFMfHiojbRdo%2FYsJ6PJta%2B4YPnFZyzgCWu9%2Bd%2BWZ64Dyxl5gzWNQtqEWzrJ7XOd%2FiabUrfejak3JYmAF78aUzz11kGQEhSEFdTsLth3ueLwi"}]}
x-content-type-options: nosniff
cf-ray: 9a7cd87f79de1bc5-MAD
access-control-allow-origin: https://immigration.xtra.net
content-length: 128
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/speculationrules+json
vary: Origin, accept-encoding
server: cloudflare

GET
H3 200 jquery.min.js Show response
immigration.xtra.net/wp-includes/js/jquery/ 86 KB
32 KB 115ms
115ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-includes/js/jquery/jquery.min.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"4faaa9d1e8ac6b951abd4ab674ea9ec1"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rafwciw3HnfU3ZwwF6UQwa0dDdvG5Hedrx00szKNdpPInySOHPGGPW2va%2B3rAbm6WhoI9nMP1FQscZDXO5m9WQc3mh4iY2pZZxoyWe2tO7f5wapv"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd88019f81bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 front.js Show response
immigration.xtra.net/wp-content/plugins/wp-security-hardening/modules/js/ 59 B
827 B 113ms
113ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/wp-security-hardening/modules/js/front.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33275705e60d7f9f4ed1667e4ca1ad0ba8acf6036d74538670467be8dad7f81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"0555cb37a801d54f094118628cdbc31a"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fF1sS2fRd%2Bf1MrsZ2EIYjpNsZnYttU2dxr0pPAZbXOPlXUyeNqIMl9D2vvwM5Z7YJXo8CGXztBTa9iDYAPLskOCRnL4iTmBEK7BSQ3MhZOPC9pPF"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd88019f71bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 pub-9280041663830136 Show response
fundingchoicesmessages.google.com/i/ 214 KB
69 KB 308ms
103ms Script
application/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-9280041663830136?ers=1

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

48a1c1e3f9debed954992a95dd17f7e4b5cff20f776541529ac98dc521e70388

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-myWUb_uvAfBMldLOWfXKqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsCoxSXF4KMhxdB68xzrdCDuWnSedQ4QGypcYnUG4g_1l1l_AHGRxBXWFiD-VHWDVaT6BmsS-03WEiA287vNagfE1e5ebM1AbOvvw-YKxN-Kfdk4SnzZ9v33ZTsGxHtz_NiOAnFmpx9bIRCvvunHthmIV3j5s20AYT9_th1ALMTDsePOnpNsAis6_h1jUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDI1NDIw1DMwiy8wAAAt5krD"
content-security-policy: script-src 'report-sample' 'nonce-myWUb_uvAfBMldLOWfXKqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
54 KB 191ms
104ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9280041663830136

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3eb397369455cedb6a5dc04bfcd2c3e8b6e16bcf67c4c35b127ea0a24b7247d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

content-encoding: br
etag: 3724282651533206785
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 18:21:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55177
x-xss-protection: 0
server: cafe

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 230ms
85ms Script
application/x-javascript 57.144.248.128
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.248.128 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

e0a6ebe2cb44c63df4d81ca77f6bcd7af1372651005e6b7b0f9d35369a4f6cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

content-md5: zlOP2Payr2+suOXpUxBb9Q==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "d8b2b112dd532456c5570a5f345d678d"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 18:38:45 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 81d9b0698a8cf8bdff2f8a7b33b2203b
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=90, rtx=0, c=23, mss=1232, tbw=4990, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: 0RczY3JvzPL4HMsXOnPOAd+Jsi9EeydRMJIIu7swxHmdje/OL5mnyAvOwQnKE4o8KrTEc9b7XrUZrnj6vM/oeQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
content-length: 1684
origin-agent-cluster: ?1

GET
H3 200 public-powerkit-basic-elements.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/basic-elements/public/js/ 1 KB
1 KB 119ms
118ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"d157a6d8eeb9e10d3a50357d06772111"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QcV3fdfOX%2B4qd%2Bqgg1T7btta5KgmlMer3JmVUN1rYqT4l%2FRa0zbwy1AqWj9lr%2FusfFcV3eI0%2FpOmE2H0Yaly5g6l8xka7u%2BiiJG464%2F1MaovjtRe"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a061bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 jquery.justifiedGallery.min.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ 18 KB
6 KB 134ms
132ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"5e7d8ef3e8081922d7563907a6d51fd1"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=G5M0Oyrtm2L42UgZiFXlajAmbEFRGspIj%2B5B5RnyJca12a4DQKazRLaTPovrCZcLIW0GuoyJJQkG%2FbIWZ%2BZGd%2FkoIIJ%2BftmvXgzcirRqgbCcqlI%2F"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a071bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 public-powerkit-justified-gallery.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ 2 KB
1 KB 160ms
158ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"7b43d990507495c246616c2a65df6506"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CJFvKAgtwMagD0yTJtTNOj4mSvSHoyHbFwN6UxhmPWgLt28jy20k4UvBQ9EWOPYdLrAwepG%2F%2BKWT%2FGRr6U1wRhPaNH%2Bucg4P5nuuSmLmfEZ579i6"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a081bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 lazysizes.config.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/lazyload/public/js/ 693 B
1 KB 140ms
138ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/lazyload/public/js/lazysizes.config.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6830ba17d855942d0a59fff731a23829fa94dcedd9032ae2be475598d6abd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"5ef74d363a384244281bf99fa1dcd479"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HFumu6PlFuj%2FdF4ifCqMy12Y30YDUuvgnxcJWOaj0Y0bS1guG7qfo%2FHUSKxLw2%2Fxshev1Q8pnMJBdNuJ5SkxTP5bS%2BdaJT96RdjZ9rH8hkBNknsX"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a091bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 lazysizes.min.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/lazyload/public/js/ 7 KB
4 KB 114ms
111ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/lazyload/public/js/lazysizes.min.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"5585cddeba417fa69b3bed5ac456e869"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=15wm9k2ejJip6%2FVDcRfADtJ0qnIcJb08P1yfI7heid9WV%2F%2FT970UQQnumF2cxt2dOUp0KSAaxc26Ijls%2F278V4BpqQpm9L60YLwDwI8C62IwLw9e"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a0b1bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 imagesloaded.min.js Show response
immigration.xtra.net/wp-includes/js/ 5 KB
3 KB 110ms
108ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-includes/js/imagesloaded.min.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"720479cd62e2634dcaca6f3e3ada5537"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oymTPvhn69a49m7bmL5SR7X5CymkCJk1IUjxKEJpdlUF%2FB02g%2FLEp3L46Yd3I2FHmdpn5Cv8uW4Fbt7uvGInFMm35Jk52%2B8z735rRpJFq07OhbcE"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a0a1bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 glightbox.min.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/lightbox/public/js/ 55 KB
17 KB 142ms
140ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"f82140894470473141a71a8c28843249"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MkT4RhxBAK7wL7SVOV9geyt6trzaGUGpjezh%2Fx0p%2Bmcnl3xcCCGks52lkn7aqP5CqJDDND%2Fs9jEY1lqsaVLyNvqR9QARnVSTHrmkCemsElw%2BXZL0"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a0c1bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 public-powerkit-lightbox.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/lightbox/public/js/ 4 KB
2 KB 171ms
169ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"88d6144a1a50c79875bed5d5d7bc8737"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=y8Z0jkEQ7QeI1eX%2BAtPeMHw6JrCxwPdQcBVAUqAVMNnd%2Ft3uFOpy9SwArGi2dCobaiAUMV6zBKs5x09k4UR1eqDq%2BcauZbuDFCjAvEKII7OTxtBL"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a0d1bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 public-powerkit-opt-in-forms.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ 2 KB
1 KB 125ms
124ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c4420928bed1b1ea94a393a8b7d2dc6dedfe0057e8e42a6682a4ed2aaf9ffb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"b4d9fc791a18e6eeb4588494656f01a5"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1oj3QTbUC%2B1mz8d686TNMUlD4Wjjnw2fsuksF4%2FDiltYsJJZdixLIFucDDGpAkHy%2BaSzAkrxvHSPy6u%2ByfBRzp0mbA3cdtOscS%2B9TbAjeAkCG5WY"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a101bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
461 B 323ms
86ms Script
application/javascript 23.219.149.35
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: immigration.xtra.net
URL: https://immigration.xtra.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.149.35 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

access-control-max-age: 86400
cache-control: max-age=238
timing-allow-origin
content-encoding: br
access-control-expose-headers: X-CDN
etag: "62d32c28f14783b94192cd8d35bc010d"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
access-control-allow-origin: *
content-length: 203
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Origin

GET
H3 200 public-powerkit-pin-it.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/pinterest/public/js/ 5 KB
2 KB 122ms
120ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/pinterest/public/js/public-powerkit-pin-it.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ebf830ab30802bb8a6e9929e4ab59ef403ee5d98aebe086b9f3615a09fad3b4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"c62eb485a57a521e5ea64c65f50b29f7"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AXdvF1sWba8R8Ey9BiqZ8wJhhpq5buWqzVDkJdFKMCCZJw%2Bk7QwKKdcOQTMV96PfJ48ipD%2BrfloQOEOkp8k4blkLfyjG%2FxYPZTJRasH4kw5%2BwbcZ"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a0e1bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 public-powerkit-scroll-to-top.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ 507 B
1 KB 121ms
120ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"ffb60a8ccf0d14c437361e6e8a0fda4d"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0hfUEjW2Hu7fy2PXVxoOIZA7EkvOsihVKVA5ior4kLyd6JU1YpdWVk%2BQI7aACNYpEah8ybS7w0PibBm7vjUxahMEoPFhPCzP6s4xCroVlsPBK0gP"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a0f1bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 flickity.pkgd.min.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ 53 KB
15 KB 127ms
126ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"fc07f94d8b1841facbac512e7dfd681d"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BrShzGbjApnPUnE5t8TtmZZfC3e3aVvTppr9M6YDrOBNawwGkIbD4I7zyksFOSiBww3ponpTEpDAJT7LHl7olgzV9%2FuHDmL04D8JPcHWfAFbke%2FN"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a121bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 public-powerkit-slider-gallery.js Show response
immigration.xtra.net/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ 2 KB
2 KB 161ms
160ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/modules/slider-gallery/public/js/public-powerkit-slider-gallery.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50c65d09bcac0e138d268b7ddb4bbad014becccdba7c1eb07af05cf4dff244c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"5141d2efe819d1d12a46c5135168226f"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hhvNei614TqcDsWtfdAEqzhedjdPWxfEEn29i2FlKLgRvfV0VlLBV%2BJE0Emioya6ZPXi6Rurc5FYDEdgD3eOJN7zeg6QuOI7IGwhXLywlLsLe4DL"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a111bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 colcade.js Show response
immigration.xtra.net/wp-content/themes/overflow/js/ 9 KB
4 KB 105ms
103ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/themes/overflow/js/colcade.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"ca66de7b7cdbf27d6808e847b8a86276"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hQoMDZt7DyMKB75C%2Fr%2BGe9zGozOyrI%2BiVGEpTVqSzqgzzZT4IQdZ6DRsnal3aYSKh%2FIrlUn82FWicUQHPzmf4YWlO5eKnMRkB2QMss0cWEVZ5mYk"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a131bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ofi.min.js Show response
immigration.xtra.net/wp-content/themes/overflow/js/ 3 KB
2 KB 120ms
118ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/themes/overflow/js/ofi.min.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"32544fe7cafdf85c1883935f1e2a7267"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=L%2FzzSxMnNt3EbORA7mk0Aa8Cv%2FqvKpDxkFiM%2BIfCIcHvK9%2FMnuTZjt1%2BWYi0EHoCoEw6qUrZ%2FVsYGfk7PivpBOCfjhmib4taa5%2BhWUiXTlBqg4UG"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a141bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 scripts.js Show response
immigration.xtra.net/wp-content/themes/overflow/js/ 36 KB
10 KB 225ms
224ms Script
application/javascript 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/themes/overflow/js/scripts.js

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ccfb3029fef2c5017e334527f4e3a5f3c1d398759f2465bcfc09917757eb0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"6f0af23320b1ba91356c518524fd54d9"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zK7%2FszFcl%2Frep5o73oRnFwkZF5weQQBzoboLcZnjDhb7ZbW9bbf0GzDWDqfQ42t7Y36q0WBNAli5JtNvfJP%2FdlXsihlDbmcpVHNLfheEOay7rd8o"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript
vary: accept-encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8813a151bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 213ms
69ms Script
text/javascript 104.16.80.73
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: immigration.xtra.net
URL: https://immigration.xtra.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.80.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 9a7cd8821e6648ab-LIS
access-control-allow-origin: *
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated Show response
/ 372 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccb41e2860410ebc9c9a5f4fdcbf0b01a029b23ef1156e3666b540e731c72900

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 165 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32d70a24ed7519c9cf8f269ddd314baaf387da7a9609aee6c4dc28c1626ff0f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 164 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf9adfa9722a13acb3961b03078e8f3a9250e8e2ab23d5315098837f72f83b85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 327 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0a816c1e56f2a63b2dacb25e4b97c7e237c57549864063b41688a499dd7711a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 122 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aed7708632c8b217a1aadc78448958eee4f424aaf7d8d59e4ac0ab4bbe284984

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 171 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53fb67dafbfcc690a1fde6139b3ded8d1570d2107e44c9917ced99b3da1e74f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 30 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffbacf19af71f6a57857b51aa5e310dc2681ec28fa55a88ab26bafde62aa73af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 307 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ed1fd20b3c84a02aedcf2ee6ff2e0c5183df88c68b504e9e03d63b4a3511d06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 228 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4b6511908a62b8ab7682435f1bb4e3ffbcc9c6a3a3c49af793df29a8469f81a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 260 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29bcbf0e169b27c419dbf6af5fd6b8d889615a8cbebcf7dd0d88ec6c127a82b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 54 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95616bb8bf60bea4a3bcee27a0324a86a0e9dfeeb53b453538d640ebe49dc784

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 94 B
0 Script
text/javascript

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc1810ae8388f003169e4c4aeb0a70b268111ec45df9034ec7aed7317e120879

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: text/javascript

GET
H3 200 icons.ttf
immigration.xtra.net/wp-content/themes/overflow/css/icons/ 12 KB
6 KB 139ms
139ms Font
font/ttf 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/themes/overflow/css/icons/icons.ttf

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705975eb5f525d68e54fb71a5c7d2707ae28940e29b02b7e318ab701b5bd0529

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"fe0830ac769f218e6c003569d4ab5ca9"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8e%2B0eRQVRgjI3dCTg5fUaRYuTaCprGk947YP1Sw0H2ojLPo7SKeajbHSqlP564ibSRiAW%2BggdNNvM%2B8fuFg7Ajn6okTrl%2BNhF%2Bz3I2zt3xBbGMB4"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: font/ttf
vary: accept-encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8815a171bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 powerkit-icons.woff
immigration.xtra.net/wp-content/plugins/powerkit/assets/fonts/ 26 KB
27 KB 159ms
158ms Font
font/woff 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c6d3932e39c4744e079c7a9df9c4ee60001f7a52b1ca0a8b146459a8fcb2bf2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

cf-cache-status: MISS
etag: "12801b3c872f2f0a7f13f90322ceeca3"
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1Usz%2FEoqpsN3MLIJZMtB4QoZsrxrlmoqZNF9vfgmXzmnB9wqrPzWrRZBrfCS2MdjDrGMTXvyUeK8gH6Fddx2dUITFyujxSVmxj9O%2F8tknM%2FyMPGA"}]}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: font/woff
vary: accept-encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
cache-control: public, max-age=31536000, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
referrer-policy: no-referrer, strict-origin
cf-ray: 9a7cd8815a181bc5-MAD
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26620
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 256 KB
75 KB 85ms
85ms Script
application/x-javascript 57.144.248.128
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8d9216ed7b00507dc7199a2471f29707

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.248.128 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

b123a3f00664ca73460fef757fbd72fcd300baa20372469eb8c42bb9e0be4df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

content-md5: 8c9bq1ce29zii7FhIbT6GA==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "5ef9b3c433ff0538f77a6b7296e00bdc"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 02 Dec 2026 17:05:36 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: b420634593bbab53503e750de56fcf16
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=87, rtx=0, c=27, mss=1232, tbw=8846, tp=14, tpl=0, uplat=0, ullat=-1
x-fb-debug: hcySRa6KIgArOPW9VgGnW0vahJtMg1gubMQuo1nzd0tUNy+HKUXFGIXGVAowTL8CYk47xcULSya9odRKy6bRfw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
content-length: 76919
origin-agent-cluster: ?1

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511120101/ 505 KB
166 KB 87ms
86ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511120101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9280041663830136

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8bf73cbf11eab9f74ac440180025f241fb9079727ad7592f870843ab1debc852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: br
etag: 9780944016848928500
age: 33295
x-content-type-options: nosniff
expires: Tue, 16 Dec 2025 09:06:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 02 Dec 2025 09:06:49 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 170351
x-xss-protection: 0
server: cafe

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 87ms
86ms Script
application/javascript 23.219.149.35
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.015601422928933517
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.149.35 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-219-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 79e9f1410dfcf6f141bae90a3c3195c275ec390f5d35fce5bcba4b4927a1a7e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

access-control-max-age: 86400
cache-control: max-age=148
timing-allow-origin
content-encoding: br
access-control-expose-headers: X-CDN
etag: "539011b799990d9851f6350858332e47"
x-cdn: akamai
access-control-allow-methods: GET
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18698
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

POST
H3 204 AGSKWxVvJ67PcRdeZ9yZJeJfdH1xr8uBFXqtH2D3gZKmWVzAgHQPNYaPIp-WgbCgNQW-cjO3Hvnek3j0Bkn97j3o49llgxb1Z_Rrwy1WtXo5YygCuLUWncVAXIANiamKGGUwZKc9i0bf7A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 221ms
133ms XHR
text/html 142.250.185.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvJ67PcRdeZ9yZJeJfdH1xr8uBFXqtH2D3gZKmWVzAgHQPNYaPIp-WgbCgNQW-cjO3Hvnek3j0Bkn97j3o49llgxb1Z_Rrwy1WtXo5YygCuLUWncVAXIANiamKGGUwZKc9i0bf7A==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pt_PT.Un1pSnfBNIs.es5.O/d=1/rs=AJlcJMzOdu4XMM9fXkNGdvz9l8phLz-ALw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DX91l_nsZQId33eAC9l6oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://immigration.xtra.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tDikmLw1ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiC_s9WO7AcSrb_qxbQZiIW6OnXf2nGQTmHBtBquSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjU0MjDUMzCPLzAAAA4DOBA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DX91l_nsZQId33eAC9l6oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://immigration.xtra.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvJ67PcRdeZ9yZJeJfdH1xr8uBFXqtH2D3gZKmWVzAgHQPNYaPIp-WgbCgNQW-cjO3Hvnek3j0Bkn97j3o49llgxb1Z_Rrwy1WtXo5YygCuLUWncVAXIANiamKGGUwZKc9i0bf7A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FYNhRV21FRtO_LuVVH8nHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://immigration.xtra.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tDikmJw0ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiM_v9WO7DsSrb_qxbQZiIW6OnXf2nGQT2NF5gEPJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRoaGRjqGZjHFxgAAAmiOAs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FYNhRV21FRtO_LuVVH8nHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://immigration.xtra.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxV6p-mMG2dARDneIRpOfdQUOMnzgq9OPYaT__qtci-sfzTGPb5-JUhOIx0RqFNS6JN9M6VvHXgOUXdXn32Qr5oDrP8JTdKYZN-rpu_dtWCq89mZTCDpwm70RCj3-SP359v9AbBo7w== Show response
fundingchoicesmessages.google.com/f/ 452 KB
67 KB 127ms
126ms Script
application/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV6p-mMG2dARDneIRpOfdQUOMnzgq9OPYaT__qtci-sfzTGPb5-JUhOIx0RqFNS6JN9M6VvHXgOUXdXn32Qr5oDrP8JTdKYZN-rpu_dtWCq89mZTCDpwm70RCj3-SP359v9AbBo7w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzY0Njk5NzA0LDg1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9pbW1pZ3JhdGlvbi54dHJhLm5ldC8iLG51bGwsW1s4LCJVbjFwU25mQk5JcyJdLFs5LCJwdC1QVCJdLFsxOSwiMSJdLFsyNCwiIl0sWzI5LCJmYWxzZSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

612f3b4ed407eb596bb7740cad3db6495d8dddff3ad9cab32243b599e81c01c6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-drO3TYoMOvIAszIdarQK1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:44 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsCoxSXFEKQhxdB68xzrdCDuWnSedQ4QGypcYnUG4g_1l1l_AHGRxBXWFiD-VHWDVaT6BmsS-03WEiA287vNagfE1e5ebM1AbOvvw-YKxN-Kfdk4SnzZ9v33ZTsGxHtz_NiOAnFmpx9bIRCvvunHthmIV3j5s20AYT9_th1ALMTDsePOnpNsAgu2r9zFrKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRqaGRgqGdgFl9gAAAookqQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-drO3TYoMOvIAszIdarQK1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 123 KB
6 KB 266ms
97ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.pt_PT.Un1pSnfBNIs.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzOdu4XMM9fXkNGdvz9l8phLz-ALw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

ESF /

Resource Hash

ebde3ba46d00e32f8233799e8b8fab3328268056920492034669a230953ec17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 18:21:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 02 Dec 2025 18:21:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2
fonts.gstatic.com/s/roboto/v48/ 20 KB
20 KB 197ms
111ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v48/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

age: 38222
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 02 Dec 2026 07:44:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 07:44:43 GMT
last-modified: Thu, 29 May 2025 23:35:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20612
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 157ms
79ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: immigration.xtra.net
URL: https://immigration.xtra.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://immigration.xtra.net/

Response headers

age: 427035
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 27 Nov 2026 19:44:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 27 Nov 2025 19:44:30 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvJ67PcRdeZ9yZJeJfdH1xr8uBFXqtH2D3gZKmWVzAgHQPNYaPIp-WgbCgNQW-cjO3Hvnek3j0Bkn97j3o49llgxb1Z_Rrwy1WtXo5YygCuLUWncVAXIANiamKGGUwZKc9i0bf7A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ljj8yGkeYXolMbSGI58mSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://immigration.xtra.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctDikmJw05Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiFff9GPbDMRC3Bw77-w5ySbwYc99ByWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkamhkYKhnYB5fYAAAQIM0_w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ljj8yGkeYXolMbSGI58mSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://immigration.xtra.net
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVvJ67PcRdeZ9yZJeJfdH1xr8uBFXqtH2D3gZKmWVzAgHQPNYaPIp-WgbCgNQW-cjO3Hvnek3j0Bkn97j3o49llgxb1Z_Rrwy1WtXo5YygCuLUWncVAXIANiamKGGUwZKc9i0bf7A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vStZl62tYYIWrDmF1ETaQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://immigration.xtra.net/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:45 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctDikmJw0pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiC29fdhcwXivTl-bEeBOLPTj60QiFff9GPbDMRC3Bw77-w5ySbQ8fhhmJJLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyNTQyMNQzMI8vMAAAMgA00g"
content-security-policy: script-src 'report-sample' 'nonce-vStZl62tYYIWrDmF1ETaQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://immigration.xtra.net
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 ca-pub-9280041663830136 Show response
fundingchoicesmessages.google.com/i/ 214 KB
68 KB 119ms
119ms Script
application/javascript 142.250.185.206
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9280041663830136?href=https%3A%2F%2Fimmigration.xtra.net&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511120101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

ESF /

Resource Hash

1f1b881a6a5e8ae24899327594e0a3a7b568faab9313aed340986b9ec4e0a878

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Pj2rOwU3rpST0yhmtDgxWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 02 Dec 2025 18:21:45 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjmsGoxSXFEKAhxXDi1m2mC0DcevMc63Qg7lp0nnUOEBsqXGJ1BuIP9ZdZfwBxkcQV1hYg_lR1g1Wk-gZrEvtN1hIgNvO7zWoHxNXuXmzNQGzr78PmCsTfin3ZOEp82fb992U7BsR7c_zYjgJxZqcfWyEQr77px7YZiFd4-bNtAOKNfv5sO4FYiJtj5509J9kEOla88VbSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyNTQyMNQzMIsvMAAAx7lPSA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Pj2rOwU3rpST0yhmtDgxWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v50/ 39 KB
39 KB 78ms
78ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://immigration.xtra.net
Referer: https://fonts.googleapis.com/

Response headers

age: 601357
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 25 Nov 2026 19:19:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 25 Nov 2025 19:19:08 GMT
last-modified: Tue, 18 Nov 2025 19:00:07 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40128
x-xss-protection: 0
server: sffe

POST
H3 204 rum Show response
immigration.xtra.net/cdn-cgi/ 0
462 B 55ms
54ms XHR
text/plain 172.67.69.158
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://immigration.xtra.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.69.158 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type: application/json
Referer: https://immigration.xtra.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-max-age: 86400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST,OPTIONS
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Mh1eeLR12atwlVrIeX90Lw9rQpyBLtoQaoRA61HYZGsmlyEk34J2EHzXLiVgLJRYrdm23RB0%2Bc8hYCz4BuAHn1oAfy60pnxA1%2BaRCzyLMkrgLE5s"}]}
cf-ray: 9a7cd8873a781bc5-MAD
access-control-allow-origin: https://immigration.xtra.net
server-timing: cfExtPri
date: Tue, 02 Dec 2025 18:21:45 GMT
content-type: text/plain
vary: Origin, accept-encoding
server: cloudflare
priority: u=1,i

GET
H2 200 /
log.pinterest.com/ 0
388 B 192ms
91ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=KVsg3cBiwjbF&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=pt&nvl=pt-PT&via=https%3A%2F%2Fopportunities.insurancegrades.com%2F&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://immigration.xtra.net/

Response headers

access-control-max-age: 86400
x-pinterest-rid-128bit: 9f20471de313b61d5cca1fc8dae74412
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
x-cache: MISS
date: Tue, 02 Dec 2025 18:21:46 GMT
x-served-by: cache-lis1490022-LIS
x-cache-hits: 0
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-timer: S1764699706.052893,VS0,VE47
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-pinterest-rid: 6686191544311432
server: envoy

Verdicts & Comments Add Verdict or Comment

77 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xtra.net/	1970-01-21 19:33:15	Name: FCCDCF Value: %5Bnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C%5B%5B32%2C%22%5B%5C%22156969df-2be9-4ac0-b529-361a17e31046%5C%22%2C%5B1764699704%2C833000000%5D%5D%22%5D%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.pinterest.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
immigration.xtra.net
log.pinterest.com
pagead2.googlesyndication.com
static.cloudflareinsights.com
104.16.80.73
142.250.185.130
142.250.185.131
142.250.185.206
142.250.185.74
151.101.192.84
172.67.69.158
23.219.149.35
57.144.248.128
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1f1b881a6a5e8ae24899327594e0a3a7b568faab9313aed340986b9ec4e0a878
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
29bcbf0e169b27c419dbf6af5fd6b8d889615a8cbebcf7dd0d88ec6c127a82b1
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
32d70a24ed7519c9cf8f269ddd314baaf387da7a9609aee6c4dc28c1626ff0f5
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3eb397369455cedb6a5dc04bfcd2c3e8b6e16bcf67c4c35b127ea0a24b7247d4
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
48a1c1e3f9debed954992a95dd17f7e4b5cff20f776541529ac98dc521e70388
48c4420928bed1b1ea94a393a8b7d2dc6dedfe0057e8e42a6682a4ed2aaf9ffb
50c65d09bcac0e138d268b7ddb4bbad014becccdba7c1eb07af05cf4dff244c0
53fb67dafbfcc690a1fde6139b3ded8d1570d2107e44c9917ced99b3da1e74f7
57ccfb3029fef2c5017e334527f4e3a5f3c1d398759f2465bcfc09917757eb0f
5c6d3932e39c4744e079c7a9df9c4ee60001f7a52b1ca0a8b146459a8fcb2bf2
612f3b4ed407eb596bb7740cad3db6495d8dddff3ad9cab32243b599e81c01c6
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
705975eb5f525d68e54fb71a5c7d2707ae28940e29b02b7e318ab701b5bd0529
79e9f1410dfcf6f141bae90a3c3195c275ec390f5d35fce5bcba4b4927a1a7e1
7b6830ba17d855942d0a59fff731a23829fa94dcedd9032ae2be475598d6abd0
7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bf73cbf11eab9f74ac440180025f241fb9079727ad7592f870843ab1debc852
8ed1fd20b3c84a02aedcf2ee6ff2e0c5183df88c68b504e9e03d63b4a3511d06
95616bb8bf60bea4a3bcee27a0324a86a0e9dfeeb53b453538d640ebe49dc784
9ebf830ab30802bb8a6e9929e4ab59ef403ee5d98aebe086b9f3615a09fad3b4
aed7708632c8b217a1aadc78448958eee4f424aaf7d8d59e4ac0ab4bbe284984
b123a3f00664ca73460fef757fbd72fcd300baa20372469eb8c42bb9e0be4df5
b4b6511908a62b8ab7682435f1bb4e3ffbcc9c6a3a3c49af793df29a8469f81a
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
bc1810ae8388f003169e4c4aeb0a70b268111ec45df9034ec7aed7317e120879
c0a816c1e56f2a63b2dacb25e4b97c7e237c57549864063b41688a499dd7711a
c33275705e60d7f9f4ed1667e4ca1ad0ba8acf6036d74538670467be8dad7f81
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccb41e2860410ebc9c9a5f4fdcbf0b01a029b23ef1156e3666b540e731c72900
cf9adfa9722a13acb3961b03078e8f3a9250e8e2ab23d5315098837f72f83b85
e0a6ebe2cb44c63df4d81ca77f6bcd7af1372651005e6b7b0f9d35369a4f6cff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa
e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9
e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10
ebde3ba46d00e32f8233799e8b8fab3328268056920492034669a230953ec17b
f389550fc7906cc54b4b49ee8b96305c8b4776635de6729b8f660f812d166d0f
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f
ffbacf19af71f6a57857b51aa5e310dc2681ec28fa55a88ab26bafde62aa73af

immigration.xtra.net Open in urlscan Pro 172.67.69.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

100 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

10 IPs

3 Countries

807 kBTransfer

2554 kBSize

1 Cookies

0 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

immigration.xtra.net Open in urlscan Pro
172.67.69.158 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

807 kB
Transfer

2554 kB
Size

1
Cookies

42 HTTP transactions
12 data transactions