urlscan.io logo urlscan.io
SecurityTrails logo

esta-apply.us.com Open in urlscan Pro
104.156.58.63  Public Scan

Go To Rescan Add Verdict Report
URL: https://esta-apply.us.com/application/
Submission Tags: @phishunt_io
Submission: On December 19 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 25 HTTP transactions. The main IP is 104.156.58.63, located in Tampa, United States and belongs to HVC-AS, US. The main domain is esta-apply.us.com.
TLS certificate: Issued by R3 on December 18th 2022. Valid for: 3 months.
This is the only time esta-apply.us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.156.58.63 29802 (HVC-AS)
10 151.139.128.10 20446 (STACKPATH...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:24f... 16509 (AMAZON-02)
1 108.138.106.124 16509 (AMAZON-02)
1 54.234.82.237 14618 (AMAZON-AES)
1 18.164.96.87 16509 (AMAZON-02)
1 108.138.128.58 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.49.37.246 16509 (AMAZON-02)
1 54.220.154.0 16509 (AMAZON-02)
25 12
4    104.156.58.63 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: server.xamark.com
esta-apply.us.com
10    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
m3s2g6n8.stackpathcdn.com
images.dmca.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2600:9000:24f0:4e00:f:fd8f:b000:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1l6p2sc9645hc.cloudfront.net
1    108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com
1    54.234.82.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-82-237.compute-1.amazonaws.com
data.gosquared.com
1    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
1    108.138.128.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-58.jfk50.r.cloudfront.net
vars.hotjar.com
1    2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
2    52.49.37.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-246.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    54.220.154.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-154-0.eu-west-1.compute.amazonaws.com
ws30.hotjar.com
Apex Domain
Subdomains		 Transfer
9 stackpathcdn.com
m3s2g6n8.stackpathcdn.com
563 KB
6 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 643
script.hotjar.com — Cisco Umbrella Rank: 811
vars.hotjar.com — Cisco Umbrella Rank: 936
in.hotjar.com — Cisco Umbrella Rank: 1734
ws30.hotjar.com — Cisco Umbrella Rank: 66381
74 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
www.cloudflare.com — Cisco Umbrella Rank: 5290
63 KB
4 us.com
esta-apply.us.com
408 KB
1 gosquared.com
data.gosquared.com — Cisco Umbrella Rank: 42049
77 B
1 cloudfront.net
d1l6p2sc9645hc.cloudfront.net
5 KB
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 12988
9 KB
25 7
Domain Requested by
9 m3s2g6n8.stackpathcdn.com esta-apply.us.com
m3s2g6n8.stackpathcdn.com
4 esta-apply.us.com 1 redirects esta-apply.us.com
3 cdnjs.cloudflare.com esta-apply.us.com
2 in.hotjar.com script.hotjar.com
1 ws30.hotjar.com script.hotjar.com
1 www.cloudflare.com cdnjs.cloudflare.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 data.gosquared.com d1l6p2sc9645hc.cloudfront.net
1 static.hotjar.com esta-apply.us.com
1 d1l6p2sc9645hc.cloudfront.net esta-apply.us.com
1 images.dmca.com esta-apply.us.com
25 12

This site contains links to these domains. Also see Links.

Domain
www.cbp.gov
uscode.house.gov
www.govinfo.gov
www.congress.gov
travel.state.gov
www.uscis.gov
Subject Issuer Validity Valid
whm.esta-apply.us.com
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-04 -
2023-05-31		 a year crt.sh
images.dmca.com
R3		 2022-11-14 -
2023-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
gosquared.com
Amazon		 2022-10-24 -
2023-11-23		 a year crt.sh
www.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-27 -
2023-09-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://esta-apply.us.com/application/
Frame ID: 2EEED138963204C8B6850A542B874583
Requests: 26 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 7DFF80EB9ED911E253B68223D343BD26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online Application — ESTA Apply Assistance

Page URL History Show full URLs

  1. https://esta-apply.us.com/application HTTP 301
    https://esta-apply.us.com/application/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

27 %
IPv6

7
Domains

12
Subdomains

12
IPs

2
Countries

1122 kB
Transfer

2561 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://esta-apply.us.com/application HTTP 301
    https://esta-apply.us.com/application/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
esta-apply.us.com/application/
Redirect Chain
  • https://esta-apply.us.com/application
  • https://esta-apply.us.com/application/
297 KB
298 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://esta-apply.us.com/application/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.156.58.63 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
server.xamark.com
Software
Apache /
Resource Hash
d06657c38d018f7c74023873c04e52108b3640cd6598d772bfb04f1a19c8d039

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Dec 2022 05:20:55 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
246
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 19 Dec 2022 05:20:55 GMT
Keep-Alive
timeout=5, max=100
Location
https://esta-apply.us.com/application/
Server
Apache
vendor.min.css
m3s2g6n8.stackpathcdn.com/application/assets/css/ 		175 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/css/vendor.min.css
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
784e37f6094cae44a378f0c921cbfb15cc959c412ace32fcb23501ff50341fec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMiFgJ0GEogBCiRjMTE4NWFkNi05NWVjLTQ4MzAtOWFmZi1iOGUyZGE2MDQxNWUQwLf8/5TQ+wIaBgi36f+cBiINNS4xODEuMjM0LjEzNCi0hgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiRlNThhNDA5NS1hZjExLTQxNDUtODBiYS0zYWUzYmJlYzRhZWIY4fsKIhoIAhIUY2RzMjE4Lm55My5od2Nkbi5uZXQYCQ==.jd9Bqfvvl/QxKMvZC9MlEeucMl+3lYJG0hEblFGEqaM=
last-modified
Sat, 22 Oct 2022 16:14:07 GMT
server
Apache
etag
"1666455247"
x-hw
1671427255.cds210.ny3.hn,1671427255.cds218.ny3.sc,1671427256.cds218.ny3.p
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
theme.min.css
m3s2g6n8.stackpathcdn.com/application/assets/css/ 		619 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/css/theme.min.css
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
21ee66bbd3152900fe23af32f8781cbe1425716da85b3bfcf4deef4edaf00f4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMiFgJ0GEogBCiQ2ZGVkNjljMC1iZDEzLTRjNWUtYjJkYi1hMjIxZDQzYjZkZWUQwLf8/5TQ+wIaBgi36f+cBiINNS4xODEuMjM0LjEzNCi0hgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiQ5NTJlMzljMC0yYzA4LTQwZjMtODFmNC0zMmFkNzAwNjM4NTkY+9omIhoIAhIUY2RzMjE3Lm55My5od2Nkbi5uZXQYCQ==.YLiqXr0DtHKqGLmU2O9E3HMKkxrEJkcAdLGsI1aBG1A=
last-modified
Sat, 17 Dec 2022 14:25:39 GMT
server
Apache
etag
"1671287139"
x-hw
1671427255.cds210.ny3.hn,1671427255.cds217.ny3.sc,1671427256.cds217.ny3.p
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
intlTelInput.min.js
esta-apply.us.com/application/assets/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esta-apply.us.com/application/assets/js/intlTelInput.min.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.156.58.63 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
server.xamark.com
Software
Apache /
Resource Hash
a35e3a9a0748bb6338f8235cabcc6e9419d52d3db7ab4b991738d76902c83ef4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/application/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 19 Dec 2022 05:20:55 GMT
Last-Modified
Tue, 25 Oct 2022 05:58:42 GMT
Server
Apache
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
89338
utils.js
m3s2g6n8.stackpathcdn.com/application/assets/js/ 		245 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/js/utils.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
2c70f3d32d8ed2924ff688ad77a9b8f65663a433b5b0e5f4ba38879956961652

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMeFgJ0GEogBCiRlM2RmYTM1ZS0yODUwLTQwNDAtODdmOC0zNWEzMTA5MTljMDgQwLf8/5TQ+wIaBgi36f+cBiINNS4xODEuMjM0LjEzNCi0hgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiRlNmQ2NmU1OC05MzYwLTRmYzMtYWQ0Ny01Mjg2MmUyMjcyZGIY0KkPIhoIAhIUY2RzMjQyLm55My5od2Nkbi5uZXQYCQ==.KzGEqq5pqjeC9Adr9iERouwm+WZCcgXBl0wa+T8+v5o=
last-modified
Tue, 25 Oct 2022 05:58:42 GMT
server
Apache
etag
"1666677522"
x-hw
1671427255.cds210.ny3.hn,1671427255.cds242.ny3.sc,1671427255.cds242.ny3.p
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
esta-application.js
m3s2g6n8.stackpathcdn.com/application/assets/js/ 		184 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/js/esta-application.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
4238bd5272d46560602bc3b4045b660cf0d65c23f901c06d3432a5ea09022a27

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMiFgJ0GEogBCiQ3MGZkYjI2ZS0wZmQ5LTQ5MWEtYWQyNC01OWE3MjdkZTc4MTEQwLf8/5TQ+wIaBgi36f+cBiINNS4xODEuMjM0LjEzNCi0hgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiRjNWE3ZTkzOC03MDA0LTQxZjAtOTM3OC00OTE2YzZiMzY3NTMYtrwLIhoIAhIUY2RzMjA4Lm55My5od2Nkbi5uZXQYCQ==.KDo4keZETTkSiWceOHuPqsyk0SwNZ6hhDgZBKpSW18M=
last-modified
Wed, 14 Dec 2022 06:11:32 GMT
server
Apache
etag
"1670998292"
x-hw
1671427255.cds210.ny3.hn,1671427255.cds208.ny3.sc,1671427256.cds208.ny3.p
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
esta-apply-logo.svg
esta-apply.us.com/application/assets/img/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esta-apply.us.com/application/assets/img/esta-apply-logo.svg
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.156.58.63 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
server.xamark.com
Software
Apache /
Resource Hash
4825ee15d4f767e7719ed6cbe69966abf6dc970d0dd776f865e6c18bfb7f907e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/application/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 19 Dec 2022 05:20:56 GMT
Last-Modified
Thu, 20 Oct 2022 06:14:31 GMT
Server
Apache
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
21977
ssl.png
m3s2g6n8.stackpathcdn.com/application/assets/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/img/ssl.png
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
edd788535e039ca8e1c3106a629175d9e17903bcd5f61f8f0a0fdb721df4f85d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
x-sp-metadata
HS256.CMiFgJ0GEogBCiQ2MmM5YWYxZC0xZTFmLTQzOTktYjI1YS0yMDBhMTcyMjYxZGUQwLf8/5TQ+wIaBgi46f+cBiINNS4xODEuMjM0LjEzNCi0hgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiQwN2MxNTExMy00MTg0LTQxNWYtOTI5OC1iMzMxNWMyY2I1YWIYsuYBIhoIAhIUY2RzMDA1Lm55My5od2Nkbi5uZXQYCQ==.ZlfvTH1UekOKLVtO7udEEkjc0gx1zVSZ8FDExF3Mlu0=
last-modified
Wed, 26 Oct 2022 09:58:35 GMT
server
Apache
etag
"1666778315"
x-hw
1671427256.cds210.ny3.hn,1671427256.cds005.ny3.sc,1671427256.cds005.ny3.p
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
29490
dmca-badge-w250-5x1-09.png
images.dmca.com/Badges/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca-badge-w250-5x1-09.png
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1b5bc090c0d56902da3e233e5e852204a2ab220296d1573fe69003619759e8e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
x-sp-metadata
HS256.CMiFgJ0GEogBCiRiZjUzNWI5ZC0xOGJmLTQ0ZDktYjQ0Ny1lNGYxZjBmNjU0MGYQiIH5mNew+wIaBgi46f+cBiINNS4xODEuMjM0LjEzNCjEhgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGQyY2RmNDkzLTljMDMtNDA5ZS1hOTgzLWZmMTA3Yjg2YWVjMBiXRCIYCAISFGNkczIwMy5ueTMuaHdjZG4ubmV0.OT6Z6m7FEwrVGtBWesr2b462N9R2t8cUHD3EOmyk7LM=
last-modified
Mon, 25 Jul 2016 19:39:16 GMT
server
Microsoft-IIS/10.0
etag
"8b5e9b3aace6d11:0"
x-powered-by
ASP.NET
x-hw
1671427256.cds201.ny3.hn,1671427256.cds203.ny3.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/dmca-badge-w250-5x1-09.png>; rel="canonical"
content-length
8727
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4423475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ic%2BlE1rrGuQzTkWYb6QdFrvklBKt2DAD19GfvFv4m0sJwX8LyqhsKkC0XTUY23qZvWoetXwaj1xfql8esnrDUe3EVEVykK7oWAd2OhRAG39LUU43sY17ldYSy8yjjw6bTAbCR6xSd3cDctfOIVVG6U%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77bdb11f0f3632e2-EWR
expires
Sat, 09 Dec 2023 05:20:56 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/bootstrap.min.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2168347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14425
last-modified
Tue, 22 Nov 2022 08:05:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"637c82db-3859"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcwsEIbyDsmRFzBkNgJWfVnwS2C8W1dUaTYzBQ%2Bc6V5JjiwS2szc9bNPLWhF2XlgS%2BGlrE7WjjHVTh5rrcqNRIjP90ZSJ7U9tVYdVbqytIyAyEZSAyH5O%2BdALzRtRcEZcJ4sMZQl7dKB2rPVJOnZKPOC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77bdb11f0f3b32e2-EWR
expires
Sat, 09 Dec 2023 05:20:56 GMT
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/ 		79 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/bootstrap.bundle.min.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2312508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20756
last-modified
Tue, 22 Nov 2022 08:05:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"637c82db-5114"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s16Th9osUFHvXRhbNK51CGrl7HkM27GnsFkUBZUyTHL6Glq9QeyORYIC%2FzE%2F2AjEgzFAC7KXKRZiVR1qvtJEx14Rpf%2FBLdoPSkN1ELVtFlemQblNmDrya1GJkCnv799T1pa7Kh9sRyAZ4r7JxD7anyRt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77bdb11f0f3e32e2-EWR
expires
Sat, 09 Dec 2023 05:20:56 GMT
theme.min.js
m3s2g6n8.stackpathcdn.com/application/assets/js/ 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/js/theme.min.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
9e9df77ccc38933f0502ce6dd83cbb60e9f620f4109d40c0f5bde2202a2c3933

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
gzip
x-sp-metadata
HS256.CMiFgJ0GEogBCiQzMDQyNmI3Zi1hNDRlLTQ0MzYtODBhNS0wZGQ3ZDMzODhlNTUQwLf8/5TQ+wIaBgi46f+cBiINNS4xODEuMjM0LjEzNCi0hgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiQ4ODM3MTI3ZC0xMmEwLTQ3MDctYTM2Yy1mZjVlMTc2OWM3Y2IYx8sDIhoIAhIUY2RzMDA1Lm55My5od2Nkbi5uZXQYCQ==.jNKZL4xOMrWZj1kpS//gWMC4lLhrSyVsFpiHTtSz+Hk=
last-modified
Sun, 31 Jul 2022 15:06:51 GMT
server
Apache
etag
"1659280011"
x-hw
1671427256.cds210.ny3.hn,1671427256.cds005.ny3.sc,1671427256.cds005.ny3.p
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
passport-sample.png
m3s2g6n8.stackpathcdn.com/application/assets/img/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/img/passport-sample.png
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
83a5768ed31f263b76a96d0805126ea2b1948be54381be542017fea2bec24b60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
x-sp-metadata
HS256.CMiFgJ0GEogBCiQ4MDk4ZTMzNy02NTg1LTRmY2QtOTBhMi00ODliMGFiODVmMmQQwLf8/5TQ+wIaBgi46f+cBiINNS4xODEuMjM0LjEzNCi0hgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiRjY2M0NTZkYi0yZmMxLTRlYTAtODMyNS1hMGY0YTJjZjhmNzgYpPwLIhoIAhIUY2RzMjI3Lm55My5od2Nkbi5uZXQYCQ==.xANb926nyoQirRvm+PuDeC8kteXckfVHVGlN8ePH1hs=
last-modified
Thu, 20 Oct 2022 14:54:39 GMT
server
Apache
etag
"1666277679"
x-hw
1671427256.cds210.ny3.hn,1671427256.cds227.ny3.sc,1671427256.cds227.ny3.p
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
196132
gosquared.js
d1l6p2sc9645hc.cloudfront.net/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1l6p2sc9645hc.cloudfront.net/gosquared.js
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4e00:f:fd8f:b000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d4e5c022d52caba75f29a29803840b4baae4b84d97ea7c71659c5d7820c5225

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 02:32:55 GMT
content-encoding
br
via
1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
last-modified
Tue, 27 Sep 2022 13:58:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
10082
etag
W/"31131264e2cfa1aee92d40169011f571"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=UTF-8
cache-control
max-age=43200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
c_gcKZxSGhdLOaeo7Nvlua_HpraY8Wvb00InwC8IYOLvcugsKOcp9g==
hotjar-3265036.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3265036.js?sv=6
Requested by
Host: esta-apply.us.com
URL: https://esta-apply.us.com/application/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
6cecec824a491ffe4bd1a94a3a04216c104e6e1da7659874593aff1dc7680dc1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 87fe250b32fc87699b1f30c0c5ab6004.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/7b46ab348029a0ad12770e747ae1420f
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
47Kz_BarbUup1DmyW-llxHwYAHJG9-DsZM-dyIRTJ1IFt-DwN8YeYA==
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		183 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1232f4a50a1519803d3c742d48dc7b2ce1dd3160b770eb0090d38f3faa57d05d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
219223da086a755e2996d49d593d3cf6.woff2
m3s2g6n8.stackpathcdn.com/application/assets/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/fonts/219223da086a755e2996d49d593d3cf6.woff2
Requested by
Host: m3s2g6n8.stackpathcdn.com
URL: https://m3s2g6n8.stackpathcdn.com/application/assets/css/theme.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
41b7ebade329b1b751ef4067aadb8cee15a28624b727905c20d72ee967bc8c2e

Request headers

Referer
https://m3s2g6n8.stackpathcdn.com/application/assets/css/theme.min.css
Origin
https://esta-apply.us.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
x-sp-metadata
HS256.CMiFgJ0GEogBCiQ1M2VjZjA2OS04ZWU2LTRjN2UtOWFhYy01NWM3YzAyMGYzYmUQwLf8/5TQ+wIaBgi46f+cBiINNS4xODEuMjM0LjEzNCjKhgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiRiZDAwMDFjZC0xNGE2LTQyYTYtOGEyYi00MDYzOWQ1YWEwNzIYzNEBIhoIAhIUY2RzMDUxLm55My5od2Nkbi5uZXQYCQ==.8Kd3dl3YuS/WJXyq+Rl9/M9NM+g2VpBZ6bO7r1of9vw=
last-modified
Thu, 20 Oct 2022 04:58:32 GMT
server
Apache
etag
"1666241912"
x-hw
1671427256.cds215.ny3.hn,1671427256.cds051.ny3.sc,1671427256.cds051.ny3.p
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
26828
bootstrap-icons%EF%B9%968d200481aa7f02a2d63a331fc782cfaf.woff2
m3s2g6n8.stackpathcdn.com/application/assets/css/fonts/ 		110 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m3s2g6n8.stackpathcdn.com/application/assets/css/fonts/bootstrap-icons%EF%B9%968d200481aa7f02a2d63a331fc782cfaf.woff2
Requested by
Host: m3s2g6n8.stackpathcdn.com
URL: https://m3s2g6n8.stackpathcdn.com/application/assets/css/vendor.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache /
Resource Hash
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764

Request headers

Referer
https://m3s2g6n8.stackpathcdn.com/application/assets/css/vendor.min.css
Origin
https://esta-apply.us.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
x-sp-metadata
HS256.CMiFgJ0GEogBCiQwZDg0NGVkZS1iZDMyLTRmNzMtYmJjNy1jOTdjOWE1ODU0MmQQwLf8/5TQ+wIaBgi46f+cBiINNS4xODEuMjM0LjEzNCjKhgIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRoqEiRlYjVhZDkwOC0wOGIwLTQ3YjgtYTdmYi1jNzA1NmZiNzE1ZGYYuO4GIhoIAhIUY2RzMDU1Lm55My5od2Nkbi5uZXQYCQ==.ygBoO2SIQ/gvwJ6XLTVNsbpPz71GkpaEq3jo7ExVTTA=
last-modified
Sun, 31 Jul 2022 15:04:48 GMT
server
Apache
etag
"1659279888"
x-hw
1671427256.cds215.ny3.hn,1671427256.cds055.ny3.sc,1671427256.cds055.ny3.p
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
112440
pv
data.gosquared.com/ 		8 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.gosquared.com/pv?cs=UTF-8&cd=24&la=en-US&sw=1600&sh=1200&dp=1&tp=0&pu=https%3A%2F%2Festa-apply.us.com%2Fapplication%2F&pt=Online%20Application%20%E2%80%94%20ESTA%20Apply%20Assistance&ri=0&ru=-&re=0&vi=1&pv=1&lv=0&vw=1600&vh=1200&dw=1600&dh=1915&st=0&sl=0&tz=0&rc=1&cb=0&a=GSN-349734-J&id=b8ad591905dae175f2a5424c20f37d3d&tv=6.6.1935
Requested by
Host: d1l6p2sc9645hc.cloudfront.net
URL: https://d1l6p2sc9645hc.cloudfront.net/gosquared.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.82.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-82-237.compute-1.amazonaws.com
Software
/
Resource Hash
c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-length
8
content-type
text/javascript
modules.bc1117deb4413903e9ac.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3265036.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://esta-apply.us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 08:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
249050
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68859
last-modified
Fri, 16 Dec 2022 08:09:37 GMT
etag
"f13ff1e59c6576e6eab8ec5da41ce435"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
gI0Fqtojzf9UjA00ol67MdhPNWSrbU0RwhE--ywTgAkEOAwznKOLLg==
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 7DFF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3265036.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://esta-apply.us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2218250
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 13:10:06 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
x-amz-cf-id
SZmqtx1v8GS0ynXFdRO0beHgRrn0ItGxLtPh1qJAHXyBjk_pLAqU2w==
x-amz-cf-pop
JFK50-P4
x-cache
Hit from cloudfront
x-robots-tag
none
trace
www.cloudflare.com/cdn-cgi/ 		329 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c370df157eeffdb7c5130c8ff3941b177e488997f507b72f9325af920017639f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://esta-apply.us.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
77bdb1223b3e9e05-EWR
expires
Thu, 01 Jan 1970 00:00:01 GMT
visit-data
in.hotjar.com/api/v2/client/sites/3265036/ 		148 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3265036/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.37.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-37-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer
https://esta-apply.us.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 19 Dec 2022 05:20:56 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content
ws30.hotjar.com/api/v2/sites/3265036/recordings/ 		66 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws30.hotjar.com/api/v2/sites/3265036/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.154.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-154-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9ce9b78f53c8303ddfd5a0bdbb8c4e3e9c8eac2dedacdde93065dc908fba5e28

Request headers

Referer
https://esta-apply.us.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 19 Dec 2022 05:20:58 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
visit-data
in.hotjar.com/api/v2/client/sites/3265036/ 		148 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/3265036/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc1117deb4413903e9ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.37.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-37-246.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer
https://esta-apply.us.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 19 Dec 2022 05:20:57 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| hs_config object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils object| application function| load_function function| cloudflare_ping function| loading function| uploadPassportPhoto function| attach_passport function| delete_uploaded_passport function| pre_populate_passport_data function| add_previous_name_record function| add_other_issuing_country_record function| add_other_citizenship_country_record function| add_other_citizenship_country_before_record function| remove_previous_name_record function| remove_other_issuing_country_record function| remove_other_citizenship_country_record function| remove_other_citizenship_country_before_record function| move_to_step function| validate_step function| trigger_feedback function| feedback_reset function| is_email function| go function| save_step function| citizenship_country_selected function| country_a3_to_a2 function| country_a2_to_a3 function| country_a3_to_phone function| country_a2_to_phone function| prefill_form function| country_selected function| employer_country_selected function| trigger_eligibility_modal function| trigger_eligibility_switch function| sync_application_to_cloud function| sanitize function| rfc3986EncodeURIComponent function| pull_from_cloud function| prefill_form_from_cloud object| $phone_number_validator object| $employer_phone_number_validator object| $us_contact_phone_number_validator object| $emergency_contact_phone_number_validator object| $eligibility_modal object| $cloudflare_ping boolean| $applicant_event boolean| $passport_event boolean| $personal_event boolean| $social_event boolean| $employment_event boolean| $travel_event boolean| $eligibility_event boolean| $certification_event boolean| $cart_event boolean| $paid_event function| _gs function| hj object| _hjSettings function| $ function| jQuery number| uidEvent object| bootstrap object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| isObject function| mergeDeep

9 Cookies

Domain/Path Name / Value
esta-apply.us.com/ Name: PHPSESSID
Value: 7ea0e462926b437a89f7b6370866889f
esta-apply.us.com/ Name: gs_v_GSN-349734-J
Value:
esta-apply.us.com/ Name: gs_u_GSN-349734-J
Value: b8ad591905dae175f2a5424c20f37d3d:2567:5000:1671427256301
.esta-apply.us.com/ Name: _hjSessionUser_3265036
Value: eyJpZCI6IjgyNDVmZmFlLWI0YmMtNTAwNy1hOWY3LTNmMGQ1YjkwZjQ0ZCIsImNyZWF0ZWQiOjE2NzE0MjcyNTY0NzMsImV4aXN0aW5nIjpmYWxzZX0=
.esta-apply.us.com/ Name: _hjFirstSeen
Value: 1
esta-apply.us.com/ Name: _hjIncludedInSessionSample
Value: 1
.esta-apply.us.com/ Name: _hjSession_3265036
Value: eyJpZCI6IjdlN2ExZGYyLWVmNjAtNDlmMi1hOTk5LWI3YmU2Y2Q3MTkwMyIsImNyZWF0ZWQiOjE2NzE0MjcyNTY2NzksImluU2FtcGxlIjp0cnVlfQ==
esta-apply.us.com/ Name: _hjIncludedInPageviewSample
Value: 1
.esta-apply.us.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d1l6p2sc9645hc.cloudfront.net
data.gosquared.com
esta-apply.us.com
images.dmca.com
in.hotjar.com
m3s2g6n8.stackpathcdn.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
ws30.hotjar.com
www.cloudflare.com
104.156.58.63
108.138.106.124
108.138.128.58
151.139.128.10
18.164.96.87
2600:9000:24f0:4e00:f:fd8f:b000:93a1
2606:4700::6810:7b60
2606:4700::6811:190e
52.49.37.246
54.220.154.0
54.234.82.237
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1232f4a50a1519803d3c742d48dc7b2ce1dd3160b770eb0090d38f3faa57d05d
1b5bc090c0d56902da3e233e5e852204a2ab220296d1573fe69003619759e8e8
21ee66bbd3152900fe23af32f8781cbe1425716da85b3bfcf4deef4edaf00f4d
2c70f3d32d8ed2924ff688ad77a9b8f65663a433b5b0e5f4ba38879956961652
41b7ebade329b1b751ef4067aadb8cee15a28624b727905c20d72ee967bc8c2e
4238bd5272d46560602bc3b4045b660cf0d65c23f901c06d3432a5ea09022a27
4825ee15d4f767e7719ed6cbe69966abf6dc970d0dd776f865e6c18bfb7f907e
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
6cecec824a491ffe4bd1a94a3a04216c104e6e1da7659874593aff1dc7680dc1
784e37f6094cae44a378f0c921cbfb15cc959c412ace32fcb23501ff50341fec
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
83a5768ed31f263b76a96d0805126ea2b1948be54381be542017fea2bec24b60
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
9ce9b78f53c8303ddfd5a0bdbb8c4e3e9c8eac2dedacdde93065dc908fba5e28
9d4e5c022d52caba75f29a29803840b4baae4b84d97ea7c71659c5d7820c5225
9e9df77ccc38933f0502ce6dd83cbb60e9f620f4109d40c0f5bde2202a2c3933
a35e3a9a0748bb6338f8235cabcc6e9419d52d3db7ab4b991738d76902c83ef4
c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c
c370df157eeffdb7c5130c8ff3941b177e488997f507b72f9325af920017639f
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d06657c38d018f7c74023873c04e52108b3640cd6598d772bfb04f1a19c8d039
edd788535e039ca8e1c3106a629175d9e17903bcd5f61f8f0a0fdb721df4f85d