fraustage.frau.do.immigrationdirectstaging.com Open in urlscan Pro
24.199.76.188  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

• https://s.adroll.com/j/pre/W3TC6WQOURE5JELKTLZV2B/7AC2AB2AEVEP7MV24LGL3M/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

Request Chain 45

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A898009C7FCC45DB9C3A0FF46696C6DF&RedC=c.clarity.ms&MXFR=12DAE16DF78C6ECB16F6F5C8F38C603A HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A898009C7FCC45DB9C3A0FF46696C6DF&MUID=1FF2CF59C50463F12360DBFCC48F629B

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fraustage.frau.do.immigrationdirectstaging.com/	10 KB 3 KB	595ms 191ms	Document text/html	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash dbb5e10e2d98a5146ccedd74b8d1fff789697c0b32cf0303fcb870d0c3db82c4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding br content-type text/html date Fri, 21 Jun 2024 11:14:30 GMT last-modified Fri, 21 Jun 2024 05:18:53 GMT strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding
GET H2	200	styles.css fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/	79 KB 16 KB	199ms 198ms	Stylesheet text/css	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/styles.css Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 4e48ac9a4507ccbd30835b142e37317fd35d96db539f3e39437dadb53a9163c1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding br vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	home.css fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/	15 KB 3 KB	277ms 276ms	Stylesheet text/css	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/home.css?v=v-20240620 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 12c24f1331a18d25177a01496a73fb74325ad2d02debc3d5d79eefacdb9e8a1f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding br vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	jquery-1.11.3.min.js Show response fraustage.frau.do.immigrationdirectstaging.com/assets-static/scripts/	94 KB 32 KB	290ms 289ms	Script application/javascript	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/scripts/jquery-1.11.3.min.js Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding br vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	logo-long@2x.png fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	8 KB 9 KB	519ms 518ms	Image image/png	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/logo-long@2x.png Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 1779fdc13e1850acdf13af220de55dde3f813e3f14964c56e761274598e611f6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	home-hero-img.png fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	52 KB 53 KB	556ms 555ms	Image image/png	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/home-hero-img.png?v=v-20240620 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash fd91b7ee068759442161559a093db076a4e7e73af3c22ec14e1c55f6463c8500 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	eq-process-step-1.jpg fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	10 KB 10 KB	204ms 202ms	Image image/jpeg	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/eq-process-step-1.jpg?v=v-20240620 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash b67e56d119ac58a8b2ea001a16badbb39be1aa11fb9a201921e495a1a731692c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	eq-process-step-2.jpg fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	10 KB 10 KB	227ms 226ms	Image image/jpeg	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/eq-process-step-2.jpg?v=v-20240620 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 9b17081696e6bf3bfece62100728ff7e0f85a9e19d943def53b2c3d6691c601c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	eq-process-step-3.jpg fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	10 KB 10 KB	246ms 245ms	Image image/jpeg	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/eq-process-step-3.jpg?v=v-20240620 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 1f9d0bf29217f5555ab76bd243d1892a3c695c155e7bc6a73b74c6acb565d842 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	logo-black-en.png fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	4 KB 4 KB	260ms 259ms	Image image/png	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/logo-black-en.png Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 5325fc48318c19e934d22a86ddf5d8966310797249896474f30c592cf944f852 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	logo.png fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	8 KB 9 KB	268ms 267ms	Image image/png	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/logo.png Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 424b0a0ce8d1adf396ae631900b138a60ddcb485bc7850e1a45c3cf95c283e4f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/png cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	common.js Show response fraustage.frau.do.immigrationdirectstaging.com/assets-static/scripts/	6 KB 2 KB	192ms 191ms	Script application/javascript	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/scripts/common.js Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 194bec1e63e3602af3c3ac7ea0d3d24d4c4a7ef0f1a8205bced1a791a40cf0f2 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding br vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	jquery.cookie.js Show response fraustage.frau.do.immigrationdirectstaging.com/assets-static/scripts/	2 KB 1 KB	190ms 189ms	Script application/javascript	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/scripts/jquery.cookie.js Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 33b2bde7aa56af1982fbd6942704212c020ff7db30b278b5dd9e6368008dc68c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding br vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	144ms 50ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900,900i|Montserrat:400,500,700,900 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ef202120b4144ed046cf7691fad7ad136baad7a3c23a2e5fad0ece0c6ed416b5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 21 Jun 2024 11:14:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Jun 2024 11:14:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Jun 2024 11:14:30 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	317 KB 106 KB	184ms 80ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-K5K2728 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 14aeedb3e62b48d3d06e87c3b2255ce14ae3d7f6a8505abdffd8425c3fe44f4b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 108080 x-xss-protection 0 last-modified Fri, 21 Jun 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Jun 2024 11:14:30 GMT
GET H2	200	product-hero-bg.jpg fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/	22 KB 17 KB	267ms 265ms	Image image/jpeg	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/images/product-hero-bg.jpg Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/home.css?v=v-20240620 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash de77f8e42918a9abd81b2f1a1ed35703b228f43fce7e8ede9a2e80f5d2781a0a Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/home.css?v=v-20240620 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:30 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding gzip vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:30 GMT
GET H2	200	S6u9w4BMUTPHh50XSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	22 KB 22 KB	192ms 95ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900,900i|Montserrat:400,500,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://fraustage.frau.do.immigrationdirectstaging.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:59:04 GMT x-content-type-options nosniff age 245726 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22504 x-xss-protection 0 last-modified Tue, 02 May 2023 15:12:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:59:04 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	174ms 77ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900,900i|Montserrat:400,500,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://fraustage.frau.do.immigrationdirectstaging.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:56:46 GMT x-content-type-options nosniff age 245864 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:56:46 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	135ms 39ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i,900,900i|Montserrat:400,500,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://fraustage.frau.do.immigrationdirectstaging.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:57:49 GMT x-content-type-options nosniff age 245801 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:57:49 GMT
GET H2	200	site-icons.woff fraustage.frau.do.immigrationdirectstaging.com/assets-static/fonts/	22 KB 22 KB	350ms 349ms	Font application/font-woff	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/fonts/site-icons.woff Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 0f56bb42a595ff7f32f98c17ba4bb1b9040c88cdd297f2cfa9d04f0cd4b1e327 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/assets-static/css/styles.css Origin https://fraustage.frau.do.immigrationdirectstaging.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/font-woff cache-control max-age=31536000 accept-ranges bytes content-length 22244 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:31 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	327 KB 107 KB	78ms 77ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJYZQ2H5H3&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5K2728 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 70157929bf6f8dc464a725e6e6d63a2eb58fffbefb8a78a022a9d544e61bc1d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 109738 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 21 Jun 2024 11:14:31 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	208ms 62ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5K2728 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Fri, 21 Jun 2024 11:14:30 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 6E0D5CD0FEEB4AB3AFE0485539D45CA8 Ref B: FRA31EDGE0615 Ref C: 2024-06-21T11:14:31Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	122ms 40ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 21 Jun 2024 11:14:31 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug nKVzcvEO0Secezp/T86+MXjMVkiClpAQcA19cBUOOn6Vi3/aNAOQp1j1JZU4vipz4LhkOdX7CEBrGGhdHzA/uQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ytc.js Show response s.yimg.com/wi/	18 KB 7 KB	139ms 44ms	Script application/javascript	2a00:1288:80:807::2 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/ytc.js Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers ats-carp-promotion 1, 1 date Fri, 21 Jun 2024 11:06:42 GMT x-amz-version-id xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW content-encoding gzip strict-transport-security max-age=31536000 x-content-type-options nosniff x-amz-request-id HAC2W6TGXJC8E1MV age 470 x-amz-server-side-encryption AES256 content-length 6262 x-amz-id-2 M1wsdgFC0M4l9BCIiCjlSc5iaMAzS7wdUbyaIf7YEa2/uvAwkdSldQaTSUg5O/02RiJSGDEXDzE= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade x-amz-expiration expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle" last-modified Mon, 26 Jun 2023 09:26:35 GMT server ATS etag "5c6ed25dce803fd84288922b8928409e-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type application/javascript cache-control public,max-age=3600 accept-ranges bytes
GET H2	200	fqqzsxsy1j Show response www.clarity.ms/tag/	637 B 999 B	296ms 146ms	Script application/x-javascript	2620:1ec:29:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/fqqzsxsy1j Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1960ef5eb867b0c376b0de7b532ebebeb90559b61642131f51c62b22e0731dfc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Fri, 21 Jun 2024 11:14:31 GMT x-azure-ref 20240621T111431Z-15c79579746z46zv04cxguvxf000000009w0000000000wra x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 637 request-context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	fqqzsxsy1j Show response www.clarity.ms/tag/	637 B 1001 B	280ms 130ms	Script application/x-javascript	2620:1ec:29:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/fqqzsxsy1j?ref=gtm2 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 1960ef5eb867b0c376b0de7b532ebebeb90559b61642131f51c62b22e0731dfc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Fri, 21 Jun 2024 11:14:31 GMT x-azure-ref 20240621T111431Z-15c79579746z46zv04cxguvxf000000009w0000000000wr9 x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 637 request-context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
GET H2	200	js Show response www.googletagmanager.com/gtag/	272 KB 93 KB	78ms 76ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-987694964 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5K2728 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 83957e806d6238e23ef3a70a9e2e611eaee248f2753b174d702ac6535970b4ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95448 x-xss-protection 0 last-modified Fri, 21 Jun 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Jun 2024 11:14:31 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	232 KB 84 KB	89ms 87ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N3G4R8M Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f1454dd12256e8af4fe473ddfb7bb1bdc69c3777b3b4bfd94498560b276847c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85582 x-xss-protection 0 last-modified Fri, 21 Jun 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 21 Jun 2024 11:14:31 GMT
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	88 KB 27 KB	154ms 51ms	Script text/javascript	2600:9000:26da:1400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5K2728 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:1400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cd374bea8f2cce1e9514e9f9a7af6cd7efbb566a5eea5cda53affc1391ada818 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Amz-Version-Id mo7_u_yH02gprJDRXoC6WhXOKdSomtp. Content-Encoding gzip Via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) Date Fri, 21 Jun 2024 10:54:50 GMT Age 1182 X-Amz-Cf-Pop MUC50-P4 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 05 Jun 2024 15:35:46 GMT Server AmazonS3 Etag W/"39817cce3f515077c86e9cc99a65f623" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id M-A3YkKuNChN7_xS3FELFyJLvbun-uUOmjkqS5OMZmy9tcpNO-37Tg==
POST H2	204	collect region1.analytics.google.com/g/	0 0	142ms 49ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-LJYZQ2H5H3&gtm=45je46j0v9100901649z8811978372za200zb811978372&_p=1718968470731&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1328327895.1718968471&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718968471&sct=1&seg=0&dl=https%3A%2F%2Ffraustage.frau.do.immigrationdirectstaging.com%2F&dt=Prepare%20your%20Australian%20Citizenship%20%7C%20FileRight&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1603&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJYZQ2H5H3&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 11:14:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fraustage.frau.do.immigrationdirectstaging.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 266 B	150ms 48ms	Ping text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LJYZQ2H5H3&cid=1328327895.1718968471&gtm=45je46j0v9100901649z8811978372za200zb811978372&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LJYZQ2H5H3&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 11:14:31 GMT server Golfe2 content-type text/plain access-control-allow-origin https://fraustage.frau.do.immigrationdirectstaging.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	127ms 64ms	Image image/gif	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LJYZQ2H5H3&cid=1328327895.1718968471&gtm=45je46j0v9100901649z8811978372za200zb811978372&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1022095699 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 11:14:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	327 KB 107 KB	76ms 76ms	Script application/javascript	142.250.184.200 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LJYZQ2H5H3 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3G4R8M Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.200 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f8.1e100.net Software Google Tag Manager / Resource Hash 8464d7d0d1bd5136b2dca2f5354f3690e5e37b0ce2ec16cd13355ddfe83387cc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 109605 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 21 Jun 2024 11:14:31 GMT
GET H2	200	10189361.json Show response s.yimg.com/wi/config/	2 B 510 B	230ms 139ms	XHR application/json	2a00:1288:80:807::2 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wi/config/10189361.json Requested by Host: s.yimg.com URL: https://s.yimg.com/wi/ytc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-request-id S4XPT3487R1S9V0H age 0 content-length 22 x-amz-id-2 ofv8u+2Ji3ysjnpfffLypIybYyjbrz19r0oaQf+jaCDmsklvHASipoJ8oOPT6z2dcKfj+ZfC4VJUlLCyJn99s1+sA43oUKhJ1hOTe1kDzfY= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade server ATS expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control public,max-age=3600
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/W3TC6WQOURE5JELKTLZV2B/7AC2AB2AEVEP7MV24LGL3M/fpconsent.js https://s.adroll.com/j/pre/index.js	0 756 B	99ms 49ms	Script application/javascript	2600:9000:26da:1400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol HTTP/1.1 Server 2600:9000:26da:1400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://fraustage.frau.do.immigrationdirectstaging.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Date Fri, 21 Jun 2024 06:14:08 GMT Via 1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront) Age 18023 X-Amz-Cf-Pop MUC50-P4 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Max-Age 600 Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id YLU1lIvG-G5qzwFX8jQ5mjTw_vJZ5wZf7Vud_RSY1hM5OE_XyOm9lw== Redirect headers Date Fri, 21 Jun 2024 09:17:10 GMT Via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) Age 7040 X-Amz-Cf-Pop MUC50-P4 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/pre/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id 8R_tWOfpXZn3DnN3GgFz0BFlC2kRIXPxK5XtUy_6H-OxiUBSbJexrw==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/W3TC6WQOURE5JELKTLZV2B/7AC2AB2AEVEP7MV24LGL3M/	0 809 B	99ms 54ms	Script text/javascript	2600:9000:26da:1400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/W3TC6WQOURE5JELKTLZV2B/7AC2AB2AEVEP7MV24LGL3M/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:1400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Amz-Version-Id 0cJtM_Jr0C0nzyHscYyC.o.lt0l8sdzE Date Fri, 21 Jun 2024 11:14:31 GMT Via 1.1 db2b666889c24cb2eb0398e459e4aa92.cloudfront.net (CloudFront) Age 2477 X-Amz-Cf-Pop MUC50-P4 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Fri, 14 Jun 2024 11:29:50 GMT Server AmazonS3 Etag "d41d8cd98f00b204e9800998ecf8427e" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id QUa_LbCAGyzyIVtaIj0Gua0yf5oEN20GvK2J86TqB8VlaoZFOiV52g==
GET H2	200	343052108.js Show response bat.bing.com/p/action/	4 KB 2 KB	71ms 71ms	Script application/javascript	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/343052108.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ebc9409353ab4ec8e4ab0bd2edc9a62921bd13d1677c67e60708c66151e56224 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br date Fri, 21 Jun 2024 11:14:30 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 11734640D9564083925622DB86CD7C6E Ref B: FRA31EDGE0615 Ref C: 2024-06-21T11:14:31Z vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 cache-control private,max-age=60
GET H2	204	0 bat.bing.com/action/	0 288 B	68ms 67ms	Image text/plain	2620:1ec:c11::237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=343052108&Ver=2&mid=90bf8e0a-5b72-4d7b-948b-73b54e710fb5&sid=6e9876702fbf11efa00231bbb179ce10&vid=6e988f402fbf11ef905191e5d5e83a61&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Prepare%20your%20Australian%20Citizenship%20%7C%20FileRight&p=https%3A%2F%2Ffraustage.frau.do.immigrationdirectstaging.com%2F&r=&lt=1310&evt=pageLoad&sv=1&rn=877903 Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 21 Jun 2024 11:14:30 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: DA705AAA8ADA4D57BDEB823EBEAE1467 Ref B: FRA31EDGE0615 Ref C: 2024-06-21T11:14:31Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	342628036806987 Show response connect.facebook.net/signals/config/	68 KB 14 KB	201ms 200ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/342628036806987?v=2.9.158&r=stable&domain=fraustage.frau.do.immigrationdirectstaging.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 42c866f27e831996156f1a3ccc9357feb257b55fe0872ed18b7ec18d77493e5c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 21 Jun 2024 11:14:31 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=46, rtx=0, c=64, mss=1297, tbw=63552, tp=-1, tpl=-1, uplat=160, ullat=0 pragma public x-fb-debug w5IYvy8gezivFfEOF4bIs78C8w1hlUn7ahSCUJw5Q/zTsKg5Bhemi9UHpyojhatxTPQ/2NGBa1/XIQ3GXp5c3w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	343052108 Show response www.clarity.ms/tag/uet/	816 B 1 KB	155ms 155ms	Script application/x-javascript	2620:1ec:29:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/343052108 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/343052108.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0adfda140c2b5fa1fbe38a05c11fe74650951c37912e947bd9ef54a1ed2d7a3a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Fri, 21 Jun 2024 11:14:31 GMT x-azure-ref 20240621T111431Z-15c79579746z46zv04cxguvxf000000009w0000000000wrg x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 816 request-context appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	81ms 81ms	Script application/javascript	2620:1ec:29:1::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/fqqzsxsy1j?ref=gtm2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT content-encoding br last-modified Fri, 10 May 2024 17:30:20 GMT etag W/"0x8DC7116DE09E645" vary Accept-Encoding x-azure-ref 20240621T111431Z-15c79579746z46zv04cxguvxf000000009w0000000000wrh content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 3b2d0378-601e-0050-1f7f-bdec8b000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H2	200	W3TC6WQOURE5JELKTLZV2B Show response d.adroll.com/consent/check/	492 B 585 B	192ms 58ms	Script application/javascript	2a05:d018:cc3:fe05:eb0e:33da:f05d:42de AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/W3TC6WQOURE5JELKTLZV2B?pv=72953607878.6532&arrfrr=https%3A%2F%2Ffraustage.frau.do.immigrationdirectstaging.com%2F&_s=5706fcb311179d2e17287e7414feb272&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe05:eb0e:33da:f05d:42de Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash a3ae75e36e5c7bb1fbbb70477e99379a7afe2c2a95a0d343bd2ce304fd529491 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT server nginx/1.22.1 content-length 492 content-type application/javascript
GET H2	200	sp.pl sp.analytics.yahoo.com/	43 B 500 B	188ms 59ms	Image image/gif	3.255.41.64 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2021%20Jun%202024%2011%3A14%3A31%20GMT&n=-2d&b=Prepare%20your%20Australian%20Citizenship%20%7C%20FileRight&.yp=10189361&f=https%3A%2F%2Ffraustage.frau.do.immigrationdirectstaging.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-255-41-64.eu-west-1.compute.amazonaws.com Software ATS/9.1.10.121 / Resource Hash 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39 Security Headers Name Value Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 21 Jun 2024 11:14:31 GMT via http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121) x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS/9.1.10.121 content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY content-type image/gif cache-control no-cache, private, must-revalidate accept-ranges bytes content-length 43 expires Fri, 21 Jun 2024 11:14:31 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	122ms 40ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=342628036806987&ev=PageView&dl=https%3A%2F%2Ffraustage.frau.do.immigrationdirectstaging.com%2F&rl=&if=false&ts=1718968471492&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718968471489.429720781433437982&cs_est=true&ler=empty&cdl=API_unavailable&it=1718968471265&coo=false&rqm=GET Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Fri, 21 Jun 2024 11:14:31 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	296ms 215ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=342628036806987&ev=PageView&dl=https%3A%2F%2Ffraustage.frau.do.immigrationdirectstaging.com%2F&rl=&if=false&ts=1718968471492&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718968471489.429720781433437982&cs_est=true&ler=empty&cdl=API_unavailable&it=1718968471265&coo=false&rqm=FGET Requested by Host: fraustage.frau.do.immigrationdirectstaging.com URL: https://fraustage.frau.do.immigrationdirectstaging.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa1fbd662c541d12e","source_keys":["1","2"]},{"key_piece":"0x45d2a3dbdb4b6076","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Fri, 21 Jun 2024 11:14:31 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382913366395927285", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1297, tbw=3095, tp=-1, tpl=-1, uplat=173, ullat=0 pragma no-cache x-fb-debug 6j7wMfA3VDktVAw24OLBv0PqA+2okp4j2wnqTbVs1wLBAr07wrZsyssWBl8/prd0w51PUlfTy7f+fuPSN4jKGg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382913366395927285"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 310 B	419ms 163ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://fraustage.frau.do.immigrationdirectstaging.com Date Fri, 21 Jun 2024 11:14:31 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A898009C7FCC45DB9C3A0FF46696C6DF&RedC=c.clarity.ms&MXFR=12DAE16DF78C6ECB16F6F5C8F38C603A https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A898009C7FCC45DB9C3A0FF46696C6DF&MUID=1FF2CF59C50463F12360DBFCC48F629B	42 B 443 B	58ms 58ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A898009C7FCC45DB9C3A0FF46696C6DF&MUID=1FF2CF59C50463F12360DBFCC48F629B Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://fraustage.frau.do.immigrationdirectstaging.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 21 Jun 2024 11:14:31 GMT last-modified Wed, 19 Jun 2024 18:40:50 GMT server Microsoft-IIS/10.0 etag "2c9f213578c2da1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Fri, 21 Jun 2024 11:14:31 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 46B4ABDD04454A36BC055D9AF96EE32B Ref B: FRA31EDGE0615 Ref C: 2024-06-21T11:14:32Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A898009C7FCC45DB9C3A0FF46696C6DF&MUID=1FF2CF59C50463F12360DBFCC48F629B cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	favicon.ico fraustage.frau.do.immigrationdirectstaging.com/	15 KB 2 KB	188ms 188ms	Other image/x-icon	24.199.76.188 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://fraustage.frau.do.immigrationdirectstaging.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 24.199.76.188 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash 236b9fe228a7bc8bddd6b1af8df1d73238ba319ccf1f352c73cf0aeb6c0a5ea6 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 21 Jun 2024 11:14:31 GMT strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff last-modified Fri, 21 Jun 2024 05:18:53 GMT content-encoding br vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/x-icon cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 21 Jun 2025 11:14:31 GMT
POST H/1.1	204 No Content	collect Show response t.clarity.ms/	0 310 B	124ms 124ms	XHR text/plain	20.114.189.70 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://t.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://fraustage.frau.do.immigrationdirectstaging.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://fraustage.frau.do.immigrationdirectstaging.com Date Fri, 21 Jun 2024 11:14:32 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d