visa-authorisation.org Open in urlscan Pro
142.93.224.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.visa-authorisation.org/
Effective URL:
https://visa-authorisation.org/
Submission: On October 19 via automatic, source certstream-suspicious (October 19th 2021, 5:43:56 am UTC) — Scanned from DE

Summary HTTP 39 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 39 HTTP transactions. The main IP is 142.93.224.144, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is visa-authorisation.org.
TLS certificate: Issued by R3 on October 19th 2021. Valid for: 3 months.

This is the only time visa-authorisation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	142.93.224.144 142.93.224.144	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
11	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	5

17 142.93.224.144 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 674592.cloudwaysapps.com

www.visa-authorisation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
visa-authorisation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (United States)

ASN13335 (CLOUDFLARENET, US)

esta-cbp-gov.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	visa-authorisation.org 1 redirects www.visa-authorisation.org visa-authorisation.org	626 KB
11	zdassets.com static.zdassets.com ekr.zdassets.com	395 KB
4	gstatic.com fonts.gstatic.com	62 KB
3	zendesk.com esta-cbp-gov.zendesk.com	2 KB
0	esta-application-gov.com Failed esta-application-gov.com Failed
39	5

	Domain	Requested by
16	visa-authorisation.org	visa-authorisation.org
10	static.zdassets.com	visa-authorisation.org static.zdassets.com
4	fonts.gstatic.com	visa-authorisation.org
3	esta-cbp-gov.zendesk.com	static.zdassets.com
1	ekr.zdassets.com	static.zdassets.com
1	www.visa-authorisation.org	1 redirects
0	esta-application-gov.com Failed	visa-authorisation.org
39	7

This site contains links to these domains. Also see Links.

Domain
esta-cbp-gov.com

Subject Issuer	Validity	Valid
visa-authorisation.org R3	`2021-10-19` - `2022-01-17`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
esta-cbp-gov.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://visa-authorisation.org/
Frame ID: 039A7FAA2F7FB8EADB045D72235D154F
Requests: 28 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js
Frame ID: 13A2D9E67A9F76411A6A2613CD777093
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Einreisegenehmigung - U.S.A. Touristeninformation

Page URL History Show full URLs

https://www.visa-authorisation.org/ HTTP 301
https://visa-authorisation.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

39
Requests

87 %
HTTPS

25 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

1086 kB
Transfer

3568 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://esta-cbp-gov.com/
Title: HOME

Search URL Search Domain Scan URL

URL: https://esta-cbp-gov.com/application/
Title: NEW APPLICATION

Search URL Search Domain Scan URL

URL: https://esta-cbp-gov.com/antrag/
Title: NEUER ANTRAG

Search URL Search Domain Scan URL

URL: https://esta-cbp-gov.com/check-esta-status/
Title: CHECK ESTA STATUS

Search URL Search Domain Scan URL

URL: https://esta-cbp-gov.com/contact/
Title: CONTACT

Search URL Search Domain Scan URL

URL: https://esta-cbp-gov.com/group-select/
Title: APPLY GROUP OF APPLICATIONS

Search URL Search Domain Scan URL

URL: https://esta-cbp-gov.com/privacy/
Title: cookie- privacy |

Search URL Search Domain Scan URL

URL: https://esta-cbp-gov.com/refund-policy/
Title: refund policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.visa-authorisation.org/ HTTP 301
https://visa-authorisation.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
visa-authorisation.org/
Redirect Chain

https://www.visa-authorisation.org/
https://visa-authorisation.org/

73 KB
13 KB

34ms
26ms

Document
text/html

142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 50eaf9dc4ebc12e6c7f1e927eeb5ebe7f0263cdc8f72123dbfdef977ad341609

Request headers

:method: GET
:authority: visa-authorisation.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 19 Oct 2021 05:43:50 GMT
content-type: text/html; charset=UTF-8
content-length: 12727
link: <https://visa-authorisation.org/wp-json/>; rel="https://api.w.org/", <https://visa-authorisation.org/wp-json/wp/v2/pages/1268>; rel="alternate"; type="application/json", <https://visa-authorisation.org/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
age: 0
x-cache: HIT
accept-ranges: bytes

Redirect headers

server: nginx
date: Tue, 19 Oct 2021 05:43:50 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://visa-authorisation.org/
x-redirect-by: WordPress
age: 1
x-cache: HIT

GET
H2 200 icomoon.woff
visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 20 KB
21 KB 186ms
185ms Font
application/font-woff 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
pragma: no-cache
origin: https://visa-authorisation.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
last-modified: Fri, 15 Oct 2021 20:56:29 GMT
server: nginx
age: 0
etag: "51ac-5ce6a6dedc83d"
x-cache: MISS
content-type: application/font-woff
accept-ranges: bytes
content-length: 20908

GET
H2 200 fa-brands-400.woff2
visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 77 KB
77 KB 188ms
187ms Font
application/octet-stream 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 0a80acfa0f85d8ea233785ca14b0dd030dbe7ed229b00bc754b55dae39c7a106

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
pragma: no-cache
origin: https://visa-authorisation.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
last-modified: Fri, 15 Oct 2021 20:56:29 GMT
server: nginx
age: 0
etag: "132c4-5ce6a6ded6a7d"
x-cache: MISS
accept-ranges: bytes
content-length: 78532

GET
H2 200 fa-regular-400.woff2
visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
13 KB 184ms
184ms Font
application/octet-stream 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 41dc4f99f4101a4ae7956b5c23c2d40e04ffb928c7ebd989658d950b4e2f7c5d

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
pragma: no-cache
origin: https://visa-authorisation.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
last-modified: Fri, 15 Oct 2021 20:56:29 GMT
server: nginx
age: 0
etag: "3510-5ce6a6ded7a1d"
x-cache: MISS
accept-ranges: bytes
content-length: 13584

GET
H2 200 fa-solid-900.woff2
visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 78 KB
79 KB 187ms
187ms Font
application/octet-stream 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28

Request headers

:path: /wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://visa-authorisation.org
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
last-modified: Fri, 15 Oct 2021 20:56:29 GMT
server: nginx
age: 0
etag: "13990-5ce6a6deda8fd"
x-cache: MISS
accept-ranges: bytes
content-length: 80272

GET
H2 200 style.min.css
visa-authorisation.org/wp-includes/css/dist/block-library/ 79 KB
10 KB 31ms
30ms Stylesheet
text/css 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:32 GMT
server: nginx
etag: W/"6169eb00-13abe"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 front.min.css
visa-authorisation.org/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 37ms
36ms Stylesheet
text/css 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.8.1
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e

Request headers

:path: /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:26 GMT
server: nginx
etag: W/"6169eafa-1555"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 b77ba4ed87ec919e9378f4ebd58f7a0a.min.css
visa-authorisation.org/wp-content/uploads/fusion-styles/ 1 MB
132 KB 75ms
74ms Stylesheet
text/css 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/uploads/fusion-styles/b77ba4ed87ec919e9378f4ebd58f7a0a.min.css?ver=3.2.1
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 240d2478b6639ec76be7457f7d715d08ade33a757bfcc2512f374b429877a64f

Request headers

:path: /wp-content/uploads/fusion-styles/b77ba4ed87ec919e9378f4ebd58f7a0a.min.css?ver=3.2.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:31 GMT
server: nginx
etag: W/"6169eaff-11b802"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 front.min.js Show response
visa-authorisation.org/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 167ms
166ms Script
application/javascript 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

:path: /wp-content/plugins/cookie-notice/js/front.min.js?ver=1.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:26 GMT
server: nginx
etag: W/"6169eafa-2474"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 jquery.min.js Show response
visa-authorisation.org/wp-includes/js/jquery/ 87 KB
30 KB 180ms
179ms Script
application/javascript 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:32 GMT
server: nginx
etag: W/"6169eb00-15db1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 jquery-migrate.min.js Show response
visa-authorisation.org/wp-includes/js/jquery/ 11 KB
4 KB 182ms
181ms Script
application/javascript 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:32 GMT
server: nginx
etag: W/"6169eb00-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 43ms
17ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=ba7fa4b2-2528-48dd-9611-5d0e00e4c578

Requested by

Host: visa-authorisation.org
URL: https://visa-authorisation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: X27JTDQE0TK8AHG8
x-amz-id-2: AnRGvaEQQyb0fKy9QaXP+U/l33wi+qVguIgEx8mz24VYgUcb9SYfAu2dEKnOGLGf2OtuPbVOVOI=
last-modified: Wed, 09 Jun 2021 00:08:59 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BS8Xi3lBW3zriGtG8fNbZ1pEriWja7syL%2FKc9LK%2FDURuckPU2j%2FHbHzeBtZh94GROWripp9k7Mg6tOjKIQag1pETuDcb0P2cr4ACuyo0DBP4%2FLCW50BQReGORFrHY4327RN58Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray: 6a07b0ea4efedfcb-FRA

GET
H2 200 estalogo2.png
visa-authorisation.org/wp-content/uploads/2021/01/ 18 KB
19 KB 102ms
102ms Image
image/png 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visa-authorisation.org/wp-content/uploads/2021/01/estalogo2.png
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: ce7142f08b1d0a35d9d4cc7b9c2a0719885719250f4d64f0ab5ff821f439471f

Request headers

:path: /wp-content/uploads/2021/01/estalogo2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
last-modified: Fri, 15 Oct 2021 20:55:47 GMT
server: nginx
etag: "6169ead3-49ea"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18922
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 wp-emoji-release.min.js Show response
visa-authorisation.org/wp-includes/js/ 18 KB
5 KB 104ms
104ms Script
application/javascript 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:32 GMT
server: nginx
etag: W/"6169eb00-4705"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 wp-embed.min.js Show response
visa-authorisation.org/wp-includes/js/ 1 KB
959 B 25ms
24ms Script
application/javascript 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Fri, 15 Oct 2021 20:56:32 GMT
server: nginx
etag: W/"6169eb00-592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 551ad251f5d17bcca076b7d94a5029d0.min.js Show response
visa-authorisation.org/wp-content/uploads/fusion-scripts/ 359 KB
89 KB 35ms
34ms Script
application/javascript 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://visa-authorisation.org/wp-content/uploads/fusion-scripts/551ad251f5d17bcca076b7d94a5029d0.min.js?ver=3.2.1
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: fa0a0a21feb2cd59909cbeeaa3a01dc5fb86cc7e56142e482fda1a41d1125211

Request headers

:path: /wp-content/uploads/fusion-scripts/551ad251f5d17bcca076b7d94a5029d0.min.js?ver=3.2.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 05:43:49 GMT
server: nginx
etag: W/"616e5b15-59b32"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQUwaEQXjM.woff
fonts.gstatic.com/s/opensans/v26/ 15 KB
15 KB 33ms
8ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVQUwaEQXjM.woff

Requested by

Host: visa-authorisation.org
URL: https://visa-authorisation.org/wp-content/uploads/fusion-styles/b77ba4ed87ec919e9378f4ebd58f7a0a.min.css?ver=3.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a6843c42c461b614a635e46a0197285e6b9d3fac1ad4b9fd8ffd6b86bcba9e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:16:37 GMT
x-content-type-options: nosniff
age: 390433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15016
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Oct 2022 17:16:37 GMT

GET
H2 200 new-york-2722988_1280.jpg
visa-authorisation.org/wp-content/uploads/2021/04/ 129 KB
129 KB 85ms
85ms Image
image/jpeg 142.93.224.144
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visa-authorisation.org/wp-content/uploads/2021/04/new-york-2722988_1280.jpg
Requested by: Host: visa-authorisation.org
URL: https://visa-authorisation.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.93.224.144 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 674592.cloudwaysapps.com
Software: nginx /
Resource Hash: 2a05970172b627526c734ae60987ee0334b04fa38260b278efb5f7bac8600f16

Request headers

:path: /wp-content/uploads/2021/04/new-york-2722988_1280.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: visa-authorisation.org
referer: https://visa-authorisation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
last-modified: Fri, 15 Oct 2021 20:55:48 GMT
server: nginx
etag: "6169ead4-204aa"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 132266
expires: Wed, 19 Oct 2022 05:43:50 GMT

GET icomoon.woff
esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 0
0

GET
H2 200 dFa6ZfeM_74wlPZtksIFajo6-16LVlA.woff
fonts.gstatic.com/s/zillaslab/v6/ 19 KB
19 KB 32ms
14ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/zillaslab/v6/dFa6ZfeM_74wlPZtksIFajo6-16LVlA.woff

Requested by

Host: visa-authorisation.org
URL: https://visa-authorisation.org/wp-content/uploads/fusion-styles/b77ba4ed87ec919e9378f4ebd58f7a0a.min.css?ver=3.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51616cd7777839d238b37468b9ef49996b6d7f21dfbe7197358d8c02011812f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:26:22 GMT
x-content-type-options: nosniff
age: 425848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19196
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:52:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Oct 2022 07:26:22 GMT

GET
H2 200 jizaRExUiTo99u79D0KEw8OPIDU.woff
fonts.gstatic.com/s/ptsans/v12/ 14 KB
14 KB 37ms
19ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KEw8OPIDU.woff

Requested by

Host: visa-authorisation.org
URL: https://visa-authorisation.org/wp-content/uploads/fusion-styles/b77ba4ed87ec919e9378f4ebd58f7a0a.min.css?ver=3.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c241100650328593f8410141e1ba386e6707c450c11a922a958354b40e70cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 12:46:53 GMT
x-content-type-options: nosniff
age: 493017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14256
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 12:46:53 GMT

GET fa-solid-900.woff2
esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 0
0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQXjM.woff
fonts.gstatic.com/s/opensans/v26/ 14 KB
14 KB 34ms
16ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVQUwaEQXjM.woff

Requested by

Host: visa-authorisation.org
URL: https://visa-authorisation.org/wp-content/uploads/fusion-styles/b77ba4ed87ec919e9378f4ebd58f7a0a.min.css?ver=3.2.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fdaac41acf73af655423d7e8592dad833e7758600a56cea62c828407cb12608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://visa-authorisation.org/
Origin: https://visa-authorisation.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 15:48:28 GMT
x-content-type-options: nosniff
age: 309322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14496
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 15 Oct 2022 15:48:28 GMT

GET
H2 200 ba7fa4b2-2528-48dd-9611-5d0e00e4c578 Show response
ekr.zdassets.com/compose/ 532 B
1018 B 330ms
294ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/ba7fa4b2-2528-48dd-9611-5d0e00e4c578

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ba7fa4b2-2528-48dd-9611-5d0e00e4c578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4a5b5292f779e8668bf4df72c820f42a6442d24dd399d1ef26ebd8f4e025c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 28a06300-c46e-4f23-bad6-bd4d2c1a62e5
x-runtime: 0.002681
server: cloudflare
etag: W/"b4a5b5292f779e8668bf4df72c820f42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsq97bZBevhIXa0vJAipM6to9qS%2BuZzbhdd1y5PMO6txVLOMcTm8WF0ZrdXusyWf2%2BZSy3PaHNXWuKaw6%2FShc1dw%2FhB7YzlYektwPH0mKBMPEFkteG9Mn1vb3h5Hr6eXQT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6a07b0ebf8722b12-FRA

GET icomoon.ttf
esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 0
0

GET
H2 200 web-widget-preload-214a58e8d5ae72a6772f.js Show response
static.zdassets.com/web_widget/latest/ Frame 13A2 88 KB
32 KB 20ms
19ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ba7fa4b2-2528-48dd-9611-5d0e00e4c578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf91f99321ec92229b16f723ed7abc9e4ad09cdd91a9d431aa4e3e82d12c3e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 351865
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: MAEGKAPBVW2EFSXZ
x-amz-id-2: R6DjgshkaZakw5NREmoC4vIt3kipEWyYR6t2n6MbnFmnniovyuu+1xhoAKG2UGRjX09K8nqIk24=
last-modified: Fri, 15 Oct 2021 02:14:02 GMT
server: cloudflare
etag: W/"c27021111a7e1d9984a0b01d738d031d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBngJPlZk0AGrHylF1nqJenjfAjDFcUAm1Qor%2BmHT72JITWyQV5Q3sBM2nPm1yc3XZQqBKUfkQ69h3UmwGavGeQg2w%2FTog3eB%2Bi2Cj%2BlHgEjwIhSCmHYlncCBgVIqSip3AlzR5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: BUO6fyD2vBqw_W7evY_Q3R6IAjQfVLK6
cf-ray: 6a07b0edfad3dfcb-FRA
expires: Sat, 15 Oct 2022 02:14:01 GMT

GET
H2 200 web-widget-framework-d85a06002b6d9f732360.js Show response
static.zdassets.com/web_widget/latest/ Frame 13A2 185 KB
59 KB 31ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-d85a06002b6d9f732360.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ba7fa4b2-2528-48dd-9611-5d0e00e4c578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ebc2c57e26982aa598d14d05679e6545a27a5af5bbabc42009865b1d0f6b76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 351865
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: MAEH3Q6GG77PV6AW
x-amz-id-2: iTf4gyuvmYnb0KSOeAbl8nLNBrBG3I/GqL823demxvxJ+3hkRObPVN9UleyHt702pC3ePMle0i8=
last-modified: Fri, 15 Oct 2021 02:14:02 GMT
server: cloudflare
etag: W/"20c603721579a69695ea29538856aa35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzSLOWPolStdq5FoNRAgMJ9HZvkK2%2B3ZNLfN0dRhB%2FVjL8at35Dbh60QA7K%2B0knTgDoMscbE%2BAIY3zK7Td3eYqauD%2BnjEBiPyv55FTklA4%2BGvVYIHRrUwfo%2FDk9j3L44LjCs%2F5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: yQdfO.wd7Y7GLGuSA_2pdGiXJkwzY.5D
cf-ray: 6a07b0edfad4dfcb-FRA
expires: Sat, 15 Oct 2022 02:14:01 GMT

GET
H2 200 web-widget-chat-sdk-ad0bca0cd862985f164f.js Show response
static.zdassets.com/web_widget/latest/ Frame 13A2 203 KB
52 KB 26ms
25ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ba7fa4b2-2528-48dd-9611-5d0e00e4c578

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4853449
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 95ZJNECBJJPS7GC4
x-amz-id-2: 3/yf0H9Zopc/y2rU3QPSJDq1Kko8+MTWJB0LpIH4o+lrmvjTlPRSgMboS3jQnFkxJOtWMq8UFU4=
last-modified: Mon, 23 Aug 2021 23:30:15 GMT
server: cloudflare
etag: W/"093f405bc41723c43486a657a0e1a173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhkquyiIdc%2FldVnrQfPkRE2yZ%2Fjmz7IyzxxzII0dLl0voGptW%2B3MJXW3QsRBTSsK8yy1LjItVr8bKvCEHQr7Tw7j2uQiHZiU%2F4dMHLD8exuV%2FXroYzHwKTu4TL7r0zpajv1balk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: wY3FbPeO1JSLC6dhSs9NxsYVyHmXlIn9
cf-ray: 6a07b0edfad5dfcb-FRA
expires: Tue, 23 Aug 2022 23:30:13 GMT

GET
H2 200 config Show response
esta-cbp-gov.zendesk.com/embeddable/ 419 B
1 KB 60ms
29ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://esta-cbp-gov.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ba7fa4b2-2528-48dd-9611-5d0e00e4c578

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cc0bb7a0d6a4abfd5a6c4bb478d26f8601d2c7c55e7a59124bb9944235c6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://visa-authorisation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 31
x-zendesk-zorg: yes
x-zendesk-origin-server: embeddable-app-server-557898bd66-klmsv
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
x-cached: STALE
x-request-id: 6a079ae6dc0a6967-YVR, 6a07b02a0da821b7-YVR
x-runtime: 0.001070
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k25eSmNHSRtKODiI%2FpwA3DK%2BhZfb8CGXsf2TWR3KaiKLy35lBamVOYiHgToa5BGu1moyFr2Bu%2Bq9wkHd9ONsz8yUFwOsk2gqD3mAqS2hRhwxXMIZUxgqqBZ9fO9v%2BI15G7Tl8J8%2Fn2RS1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6a07b0ee5c3c1f25-FRA

GET fa-solid-900.woff
esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 0
0

GET
H2 200 de-de-json-d7ee6cb4b3f57aabe16b.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame 13A2 37 KB
9 KB 19ms
19ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-d7ee6cb4b3f57aabe16b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2511492
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: C54RYEY0GNGYVB0W
x-amz-id-2: RThDjIV8MVLASR36XpDFYEPBQhHWm7FHdST+ml6bpeGCoY8XABbZLywvvIHMmoMB+YnGjbtNFY8=
last-modified: Mon, 20 Sep 2021 03:46:48 GMT
server: cloudflare
etag: W/"811ba5198de03eb639ced23b0c55e764"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fn3XoUlDWIkLElO%2BcVyltJMOGeO%2FNTBWuHcBr1pAj%2FS%2FntNZDmQY0WhaNj85QCO2FW2ENbgK8aIvWxLcewdEA7QzhmDaNxMRwfdFYaynY%2FPzgtYbVc732yE6QIO8zy0baDMJHlg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Ad26HWM94n9oSNA2XO5q9d8tXRaFBL8q
cf-ray: 6a07b0ee9b67dfcb-FRA
expires: Tue, 20 Sep 2022 03:46:47 GMT

GET
H2 200 web-widget-4722-fbf2279a5722a63e5030.js Show response
static.zdassets.com/web_widget/latest/ Frame 13A2 336 KB
102 KB 30ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-4722-fbf2279a5722a63e5030.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a3728e40b6b9a4ea974f7aed3b0c66f2fc833bdaeaa5437601a445280c844e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515726
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 5JWYFGVJF89WNZ89
x-amz-id-2: kTb+TinwT3Hz3k0ARkFzYkaa8hOpaVQ+isWTk9107yikNpUi+JKk2ULWJHCj3RNevfsfIbWptls=
last-modified: Wed, 13 Oct 2021 06:02:54 GMT
server: cloudflare
etag: W/"f0576d35cdbb56401f7fc8f6e401f194"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20YkxSaQQ3TtcrOc%2Fv0JPdqOGF%2FrIwaOKwAOx77bUNNGpXK%2FuoqGrt%2FoQ9TtTmIxniJbOdlI7h%2BTslupYxwuC381KvPj2rSqoeksoeFwntp9Fjg1YEuebs%2Fbo6eSgM4GXkPUgw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: BQajmlw_ggA6YRtExsjh1kLVqsApSQHB
cf-ray: 6a07b0ee9b6fdfcb-FRA
expires: Thu, 13 Oct 2022 06:02:52 GMT

GET
H2 200 web-widget-1349-6753b424d659a7d95210.js Show response
static.zdassets.com/web_widget/latest/ Frame 13A2 85 KB
23 KB 23ms
23ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-1349-6753b424d659a7d95210.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d7ecf4d06933b8d08fe24da17d3bee4d12d1f0ec3aa39ac92f0487962d98c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515726
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 5JWHYC1CPB38DWT3
x-amz-id-2: Cklrc0PdsaI37DFJQ9BhMZfC2hU/jBzcM7TVQYCSgynbUlIdwQfpf8sKxgYcr5cKX6+7nNv6dD4=
last-modified: Wed, 13 Oct 2021 06:02:54 GMT
server: cloudflare
etag: W/"da94225d9d1dcada3965e2d1674dd6b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGFu8%2BkJsxFJWCvt6sFSDAB6MqmZddOo0hmz3uRwMKFiAP0yKOtcmLD0m0r5cn4l3IMPQiEcOGy6IC0oWFza91ccB2JT5DvqLl7EHMRwMjGH%2FrinkqBo96aY7O4zvmd9THSV4JI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: CyZF8aDSw.7jk.cErPKtygjAM98iztdK
cf-ray: 6a07b0ee9b70dfcb-FRA
expires: Thu, 13 Oct 2022 06:02:53 GMT

GET
H2 200 web_widget-eb520c8f7863359d9904.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 13A2 420 KB
90 KB 25ms
25ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-eb520c8f7863359d9904.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f71216549fddcaa31cb30c2c4efbda889daaf24a0024b2a0ca8d29e32d22d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 371457
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1WENC7TNCJNZVTAC
x-amz-id-2: 6gAZbQilN3ubQv5Bl1htRfqSJEiNp7HJhGashoxFgwF98oSr7U3NQW5/M3a+VtVgY10x4a8YYMY=
last-modified: Thu, 14 Oct 2021 06:12:35 GMT
server: cloudflare
etag: W/"e48e26c1e08ca033ccdb35f60a57c62c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7clzUNb445BSsq3vZPGBFj%2FGEuV4EVNUQ%2FHGvfV1PZFjZrnYmF88DCFYkPPVoqlCktLNhgGZfHZsX%2BSRgRksYmjq1U7dmSGGJcvvF9p1hZv0wc1cuvsrsXtM9aBeYPYCMnu39w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 3IipnfRTedL9AboKmJaWSWZRwhEznU9c
cf-ray: 6a07b0ee9b71dfcb-FRA
expires: Fri, 14 Oct 2022 06:12:34 GMT

GET
H2 200 embeddable_blip Show response
esta-cbp-gov.zendesk.com/ Frame 13A2 0
292 B 736ms
736ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://esta-cbp-gov.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI5YTFlZTA1M2YyNjg3NWJhMmQzYWM5YzBjY2NkY2ZmOCIsInN1aWQiOiI4MGQ5OTYxNjI2N2MxNjFmZTFlZWU4ODMzMzdlY2M2ZSIsInZlcnNpb24iOiI0NTZhMTQyNDkiLCJ0aW1lc3RhbXAiOiIyMDIxLTEwLTE5VDA1OjQzOjUwLjkzNloiLCJ1cmwiOiJodHRwczovL3Zpc2EtYXV0aG9yaXNhdGlvbi5vcmcvIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-d85a06002b6d9f732360.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulbAZxDgW8eB%2BtdPjKgn5f0%2BZFnHbJtNOjA%2BeQrP8eSuC40y0u8ynvcCrTwTNvEAeXuTt0cw9%2BMgAAk6%2B9eNEFoNMPjhizGXm6woiyAZ5ABhTtM9HTyE0wzzz8QPRmarn5r4yGhcfO3%2FYg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://visa-authorisation.org
accept-ranges: bytes
cf-ray: 6a07b0ef5d671f25-FRA
vary: Accept-Encoding
content-length: 0
x-request-id: 68e26ad6c8fdd5bd9543f36c216acf85

GET
H2 200 embeddable_blip Show response
esta-cbp-gov.zendesk.com/ Frame 13A2 0
458 B 194ms
194ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://esta-cbp-gov.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly92aXNhLWF1dGhvcmlzYXRpb24ub3JnLyIsInRpbWUiOjMwLCJsb2FkVGltZSI6MjUuNTk5OTk5OTA0NjMyNTcsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJFaW5yZWlzZWdlbmVobWlndW5nIC0gVS5TLkEuIFRvdXJpc3RlbmluZm9ybWF0aW9uIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiI5YTFlZTA1M2YyNjg3NWJhMmQzYWM5YzBjY2NkY2ZmOCIsInN1aWQiOiI4MGQ5OTYxNjI2N2MxNjFmZTFlZWU4ODMzMzdlY2M2ZSIsInZlcnNpb24iOiI0NTZhMTQyNDkiLCJ0aW1lc3RhbXAiOiIyMDIxLTEwLTE5VDA1OjQzOjUwLjk2NloiLCJ1cmwiOiJodHRwczovL3Zpc2EtYXV0aG9yaXNhdGlvbi5vcmcvIn0%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-d85a06002b6d9f732360.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:51 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNVWu%2Fo9Km2Bm385Q5zOOX4AyonP1%2BxneRVUP1akZMuujbcdAov1C8YYymBclFlp0bqa6DatkrBI8AZDvVem24GPON6o6Ozw0DFo%2BjjEhtc2Z5iqTKVHLtR93tvYF92p63aFKA%2BVzZYEJw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://visa-authorisation.org
accept-ranges: bytes
cf-ray: 6a07b0ef8d911f25-FRA
vary: Accept-Encoding
content-length: 0
x-request-id: 2eb864fb33179e73ce4567b67421301a

GET fa-solid-900.ttf
esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 0
0

GET
H2 200 web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js Show response
static.zdassets.com/web_widget/latest/ Frame 13A2 337 B
953 B 21ms
21ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-214a58e8d5ae72a6772f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 05:43:51 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 703551
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 6DYJVPP7H4VJ5D7G
x-amz-id-2: t+uoGAhg9okwBU+cLwGV4dasgM/ZIfrqE+bjgADVWhcSF3mEQUm8JFuoZmTiO3NIJV4uaaJleJY=
last-modified: Thu, 07 Oct 2021 03:05:03 GMT
server: cloudflare
etag: W/"200371227ff3b0fb85badb2d2faef3b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BntHBEi2YFVl90IP1PvOYY0X8YeBTwy76oV3v2h88fzcaTc%2FduuY%2Fpco%2FHAs1n1nBCWw6RWVdVays%2BrnvVNyc3sazCNYfN8Pls3xIEegofC8541EvPkXx1U6S7LC3L5sN8CalsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: i6Eqc08SUI0wqNUYRi9MFeDd2K2Wi_JN
cf-ray: 6a07b0f2dfe4dfcb-FRA
expires: Fri, 07 Oct 2022 03:05:01 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame 13A2 19 KB
20 KB 54ms
54ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 19 Oct 2021 05:43:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 73THRWHV81X9RYHA
x-amz-server-side-encryption: AES256
cf-ray: 6a07b0f2e801dfcb-FRA
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: V1+iUEoeN7JX8AZ6f7OV2KHxs9qf7BIGMA2C/3fdregEpxPZ0wcmEpuUarIC9YKekQ2retNqBb4=
last-modified: Mon, 18 Oct 2021 05:28:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiaX5SE0q9my259Ul78khGtZ92cocDmTv0DofD0FSamcb7PqASQ5CIXEhFRS12qhGyYFLS4wsjnfFPPGrMunCCpVc%2FYDz%2F5Nl80uX2G6Jt6snGNN%2FVhWLcDFRIEYuKmVDR8Okmg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: pQTT8rxXJLw.C803sT0N.Iv3L5hmJ6aH
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Tue, 18 Oct 2022 05:28:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: esta-application-gov.com
URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff

Domain: esta-application-gov.com
URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2

Domain: esta-application-gov.com
URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.ttf

Domain: esta-application-gov.com
URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff

Domain: esta-application-gov.com
URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.ttf

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			widget-mediator.zopim.com/	1970-01-19 22:13:47	Name: AWSALBCORS Value: N4mmEMrgQINnpUHeTko53t9m0QNQHbFSD9DSZrr+EFZqfpLOn6HdV/SrfWcXfwJ/b94dnRHvP/uM4f7zyD+In8PPlsfTrACq+L0NNUUqW+Cug55dAzUkqr4nfs4U
			.visa-authorisation.org/	1970-01-20 06:49:18	Name: __zlcmid Value: 16dkPqKjqME4IWb

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://visa-authorisation.org/ Message: Access to font at 'https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff' from origin 'https://visa-authorisation.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://visa-authorisation.org/ Message: Access to font at 'https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2' from origin 'https://visa-authorisation.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://visa-authorisation.org/ Message: Access to font at 'https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.ttf' from origin 'https://visa-authorisation.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://visa-authorisation.org/ Message: Access to font at 'https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff' from origin 'https://visa-authorisation.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://visa-authorisation.org/ Message: Access to font at 'https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.ttf' from origin 'https://visa-authorisation.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://esta-application-gov.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://visa-authorisation.org/ Message: The resource https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://visa-authorisation.org/ Message: The resource https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://visa-authorisation.org/ Message: The resource https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://visa-authorisation.org/ Message: The resource https://visa-authorisation.org/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ekr.zdassets.com
esta-application-gov.com
esta-cbp-gov.zendesk.com
fonts.gstatic.com
static.zdassets.com
visa-authorisation.org
www.visa-authorisation.org
esta-application-gov.com
104.16.51.111
104.18.70.113
142.93.224.144
2a00:1450:4001:811::2003
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
0a80acfa0f85d8ea233785ca14b0dd030dbe7ed229b00bc754b55dae39c7a106
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
1a3728e40b6b9a4ea974f7aed3b0c66f2fc833bdaeaa5437601a445280c844e4
22c851d5f36813ff8cbb4ab0d16273aa1eb536f84f2c56b53df8d2c7a54479a4
240d2478b6639ec76be7457f7d715d08ade33a757bfcc2512f374b429877a64f
2a05970172b627526c734ae60987ee0334b04fa38260b278efb5f7bac8600f16
33d7ecf4d06933b8d08fe24da17d3bee4d12d1f0ec3aa39ac92f0487962d98c8
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
3c241100650328593f8410141e1ba386e6707c450c11a922a958354b40e70cb8
41dc4f99f4101a4ae7956b5c23c2d40e04ffb928c7ebd989658d950b4e2f7c5d
50eaf9dc4ebc12e6c7f1e927eeb5ebe7f0263cdc8f72123dbfdef977ad341609
51616cd7777839d238b37468b9ef49996b6d7f21dfbe7197358d8c02011812f2
52cc0bb7a0d6a4abfd5a6c4bb478d26f8601d2c7c55e7a59124bb9944235c6b6
52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5fdaac41acf73af655423d7e8592dad833e7758600a56cea62c828407cb12608
75f5349190725c85b426fdb66c683beb21b7804792d0770a9e84b28e7ace5d28
8a6843c42c461b614a635e46a0197285e6b9d3fac1ad4b9fd8ffd6b86bcba9e9
8ebc2c57e26982aa598d14d05679e6545a27a5af5bbabc42009865b1d0f6b76c
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9f71216549fddcaa31cb30c2c4efbda889daaf24a0024b2a0ca8d29e32d22d48
b4a5b5292f779e8668bf4df72c820f42a6442d24dd399d1ef26ebd8f4e025c93
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
ce7142f08b1d0a35d9d4cc7b9c2a0719885719250f4d64f0ab5ff821f439471f
cf91f99321ec92229b16f723ed7abc9e4ad09cdd91a9d431aa4e3e82d12c3e08
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
fa0a0a21feb2cd59909cbeeaa3a01dc5fb86cc7e56142e482fda1a41d1125211

visa-authorisation.org Open in urlscan Pro 142.93.224.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

87 %HTTPS

25 %IPv6

5 Domains

7 Subdomains

5 IPs

3 Countries

1086 kBTransfer

3568 kBSize

2 Cookies

8 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

visa-authorisation.org Open in urlscan Pro
142.93.224.144 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

87 %
HTTPS

25 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

1086 kB
Transfer

3568 kB
Size

2
Cookies

39 HTTP transactions
0 data transactions