urlscan.io logo urlscan.io
SecurityTrails logo

auth.propertyfinder.com Open in urlscan Pro
99.83.145.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Effective URL: https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint
Submission: On August 16 via manual from IN — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 78 HTTP transactions. The main IP is 99.83.145.68, located in United States and belongs to AMAZON-02, US. The main domain is auth.propertyfinder.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 24th 2024. Valid for: a year.
This is the only time auth.propertyfinder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.250.201.254 16509 (AMAZON-02)
6 13.226.120.56 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2620:1ec:bdf::59 8075 (MICROSOFT...)
1 2 74.125.130.149 15169 (GOOGLE)
1 64.233.170.148 15169 (GOOGLE)
4 2a03:2880:f10... 32934 (FACEBOOK)
2 20.114.190.119 8075 (MICROSOFT...)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
12 151.101.131.9 54113 (FASTLY)
1 2 99.83.145.68 16509 (AMAZON-02)
8 104.17.208.240 13335 (CLOUDFLAR...)
3 104.18.72.113 13335 (CLOUDFLAR...)
2 104.17.209.240 13335 (CLOUDFLAR...)
1 16.15.193.171 14618 (AMAZON-AES)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
78 20
2    13.250.201.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-201-254.ap-southeast-1.compute.amazonaws.com
claim-my-transaction.propertyfinder.ae
6    13.226.120.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-120-56.hkg62.r.cloudfront.net
expert-assets.propertyfinder.com
2    2404:6800:4003:c00::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:1ec:bdf::59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    74.125.130.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f149.1e100.net
8546169.fls.doubleclick.net
1    64.233.170.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f148.1e100.net
ad.doubleclick.net
4    2a03:2880:f10c:381:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
12    151.101.131.9 (San Francisco, United States)

ASN54113 (FASTLY, US)
sdk.split.io
2    99.83.145.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0d0ea9b89fa50355.awsglobalaccelerator.com
auth.propertyfinder.com
8    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com
siteintercept.qualtrics.com
3    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
2    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com
1    16.15.193.171 (United States)

ASN14618 (AMAZON-AES, US)
animaapp.s3.amazonaws.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2404:6800:4003:c05::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2404:6800:4003:c1a::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
12 split.io
sdk.split.io — Cisco Umbrella Rank: 3177
auth.split.io Failed
events.split.io Failed
36 KB
10 qualtrics.com
zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1504
90 KB
8 propertyfinder.com
expert-assets.propertyfinder.com
auth.propertyfinder.com
2 MB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
x.clarity.ms — Cisco Umbrella Rank: 8333
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
4 KB
3 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
149 KB
3 doubleclick.net
8546169.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
768 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
75 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
181 KB
2 propertyfinder.ae
claim-my-transaction.propertyfinder.ae
6 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
962 B
1 amazonaws.com
animaapp.s3.amazonaws.com
animaproject.s3.amazonaws.com Failed
127 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
772 B
0 animaapp.com Failed
px.animaapp.com Failed
0 pardot.com Failed
pi.pardot.com Failed
78 17
Domain Requested by
12 sdk.split.io expert-assets.propertyfinder.com
9 siteintercept.qualtrics.com zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com
expert-assets.propertyfinder.com
siteintercept.qualtrics.com
6 expert-assets.propertyfinder.com claim-my-transaction.propertyfinder.ae
4 www.facebook.com claim-my-transaction.propertyfinder.ae
2 static.zdassets.com expert-assets.propertyfinder.com
static.zdassets.com
2 auth.propertyfinder.com 1 redirects expert-assets.propertyfinder.com
2 c.clarity.ms 1 redirects
2 x.clarity.ms www.clarity.ms
expert-assets.propertyfinder.com
2 8546169.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.clarity.ms claim-my-transaction.propertyfinder.ae
www.clarity.ms
2 connect.facebook.net claim-my-transaction.propertyfinder.ae
connect.facebook.net
2 www.googletagmanager.com claim-my-transaction.propertyfinder.ae
www.googletagmanager.com
2 claim-my-transaction.propertyfinder.ae
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
1 cdnjs.cloudflare.com client
1 animaapp.s3.amazonaws.com auth.propertyfinder.com
1 ekr.zdassets.com expert-assets.propertyfinder.com
1 zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com claim-my-transaction.propertyfinder.ae
1 c.bing.com 1 redirects
1 ad.doubleclick.net claim-my-transaction.propertyfinder.ae
0 animaproject.s3.amazonaws.com Failed
0 px.animaapp.com Failed client
0 events.split.io Failed
0 auth.split.io Failed expert-assets.propertyfinder.com
0 pi.pardot.com Failed claim-my-transaction.propertyfinder.ae
78 26
Subject Issuer Validity Valid
*.propertyfinder.ae
Amazon RSA 2048 M02		 2023-08-14 -
2024-09-12		 a year crt.sh
*.propertyfinder.com
Amazon RSA 2048 M02		 2024-02-22 -
2025-03-22		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-26 -
2024-08-24		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-27 -
2025-02-19		 a year crt.sh
zdassets.com
E6		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint
Frame ID: 35873F82BDFA981340E96F8BB84490B2
Requests: 63 HTTP requests in this frame

Frame: https://8546169.fls.doubleclick.net/activityi;dc_pre=CI2-66em-ocDFZF0nQkdW7IfjQ;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190181919z86651932za201zb6651932;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe
Frame ID: BD2E9EEEDBB02C32968BB95CA04A8D5E
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-d3f9e9b.js
Frame ID: 27850A851B86E5B31BCBC6BD326CF288
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe Page URL
  2. https://auth.propertyfinder.com/auth/oauth/sso/initiate?scope=openid&response_type=code&client_id=pfexpert&r... HTTP 301
    https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

78
Requests

67 %
HTTPS

35 %
IPv6

17
Domains

26
Subdomains

20
IPs

4
Countries

2653 kB
Transfer

10699 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe Page URL
  2. https://auth.propertyfinder.com/auth/oauth/sso/initiate?scope=openid&response_type=code&client_id=pfexpert&redirect_uri=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2Fauthenticate&login_uri=https%3A%2F%2Fauth.propertyfinder.com%2Fpfexpert%2Fsign-in%3Fcountry%3Dae&idp_hint=pfexpert&timestamp=1723838359674 HTTP 301
    https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://8546169.fls.doubleclick.net/activityi;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190181919z86651932za201zb6651932;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe HTTP 302
  • https://8546169.fls.doubleclick.net/activityi;dc_pre=CI2-66em-ocDFZF0nQkdW7IfjQ;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190181919z86651932za201zb6651932;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe
Request Chain 17
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4AF907327EB94321BCDF741F97E54565&RedC=c.clarity.ms&MXFR=114241E99DC7686830DB553499C76606 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4AF907327EB94321BCDF741F97E54565&MUID=2E931BD84C02618E22770F054D5860A0

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
claim-my-transaction.propertyfinder.ae/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.201.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-201-254.ap-southeast-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
b30ee41c440edccdfe9cb97c36cd9502e9513395711dc33b32301f6ff6bf9f36

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html
date
Fri, 16 Aug 2024 19:59:17 GMT
etag
W/"66bf4130-27da"
last-modified
Fri, 16 Aug 2024 12:08:16 GMT
pragma
no-cache
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
769.f6525381.js
expert-assets.propertyfinder.com/claim-transaction/static/js/ 		3 MB
875 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-56.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8ee1f66b27fac566351d05778985213d13e449501ad678e80ca201ba31e7944

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:18 GMT
content-encoding
gzip
via
1.1 529e8e7e22cfed066c8d2c760d68e158.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 12:08:27 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
etag
W/"22eec62c32c87c3dc40baaefd7932953"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
PBD0auQ93einwTGeSMWN3-UHZgZXe-DDdo7DvCD7X_Be2ZU7b3K_xw==
main.9e338d47.js
expert-assets.propertyfinder.com/claim-transaction/static/js/ 		2 MB
449 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://expert-assets.propertyfinder.com/claim-transaction/static/js/main.9e338d47.js
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-56.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ded25f76c6ed9c9a72230f72aee66f3486751d9a3754c36371834b539127eb3

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:18 GMT
content-encoding
gzip
via
1.1 529e8e7e22cfed066c8d2c760d68e158.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 12:08:28 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
etag
W/"6d663db9b86e38d2c731bf058a5dee21"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
eclBLkQX4pmkr235DIfg2jC2pen5Ddz01fWjNLu0F8Vi7Z_Pc98XCQ==
769.967ea5cf.css
expert-assets.propertyfinder.com/claim-transaction/static/css/ 		264 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://expert-assets.propertyfinder.com/claim-transaction/static/css/769.967ea5cf.css
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-56.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f09db597ccdf224a3bb690c30c940232fdb4358871ce082fa5fbf941bdaf89ec

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:18 GMT
content-encoding
gzip
via
1.1 529e8e7e22cfed066c8d2c760d68e158.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 12:43:45 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
etag
W/"dd576280e69ac3de7da60474514316c0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
cTbH0t0nerawQ84wJtv2SMVoB59yc721cEUKj9_ZQ6X_9Dey3oU6qA==
main.1693097d.css
expert-assets.propertyfinder.com/claim-transaction/static/css/ 		2 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://expert-assets.propertyfinder.com/claim-transaction/static/css/main.1693097d.css
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-56.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab7ce10445a21bf4ac1938ba7f9b87ee79cb3745168a085aabd90b3ffbbe0904

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:18 GMT
content-encoding
gzip
via
1.1 529e8e7e22cfed066c8d2c760d68e158.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 12:08:27 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
etag
W/"ca431929628bb048e0260d1f08a5c7c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
br9Vc3mUky_heszLcQJ0hXPv_zZEtugiLqWo1cV9E9AXIcgued-a7Q==
gtm.js
www.googletagmanager.com/ 		324 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSGDN5
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
944c720bfe1f9c16c5d1ddbae71c949dc742dc664864ca2fc45bd65587d76f4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105504
x-xss-protection
0
last-modified
Fri, 16 Aug 2024 19:08:15 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Aug 2024 19:59:17 GMT
destination
www.googletagmanager.com/gtag/ 		216 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-8546169&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSGDN5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
216271039a38b48bd7f46336ddebabe6babc04f27ea18bbfa1f30a91d0b5c2f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79324
x-xss-protection
0
last-modified
Fri, 16 Aug 2024 19:41:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Aug 2024 19:59:17 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Aug 2024 19:59:17 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=12, mss=1297, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
xdSLpvBuxJ4KTj8AiaaLxAo7Et6ifA2LcoSSFPN3u4rHILchA4zkpxnVeyaprQsez2Pw8+w0zinW3bes7Huq5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
l21wjkq2zd
www.clarity.ms/tag/ 		637 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/l21wjkq2zd?ref=gtm2
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fd3f48b55030b20f8973c6f10f16ef9adbd8babaf5ba2aad74167c30f8adb63

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
date
Fri, 16 Aug 2024 19:59:18 GMT
x-azure-ref
20240816T195917Z-155445f45d7n794fe8apx4uqs8000000020000000000c7tv
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
activityi;dc_pre=CI2-66em-ocDFZF0nQkdW7IfjQ;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
8546169.fls.doubleclick.net/ Frame BD2E
Redirect Chain
  • https://8546169.fls.doubleclick.net/activityi;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
  • https://8546169.fls.doubleclick.net/activityi;dc_pre=CI2-66em-ocDFZF0nQkdW7IfjQ;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8546169.fls.doubleclick.net/activityi;dc_pre=CI2-66em-ocDFZF0nQkdW7IfjQ;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190181919z86651932za201zb6651932;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-8546169&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f149.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 19:59:18 GMT
expires
Fri, 16 Aug 2024 19:59:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 19:59:18 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8546169.fls.doubleclick.net/activityi;dc_pre=CI2-66em-ocDFZF0nQkdW7IfjQ;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190181919z86651932za201zb6651932;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=8546169;type=pagev0;cat=pagev0;ord=523488238290;npa=0;auiddc=1548512496.1723838358;ps=1;pcor=319918740;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48e0v9190181919z86651932za201zb6651932;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe?
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f148.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2024 19:59:18 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"13367405401910404522"}],"aggregatable_trigger_data":[{"filters":[{"14":["7281089"]}],"key_piece":"0x6d6ab4bf04cd0c66","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xf7a9aeb9cf59645","not_filters":{"14":["7281089"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"15503217538328546642","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"13367405401910404522","filters":[{"14":["7281089"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"13367405401910404522","filters":[{"14":["7281089"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"13367405401910404522","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"13367405401910404522","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["8546169"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
369838254251405
connect.facebook.net/signals/config/ 		74 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/369838254251405?v=2.9.164&r=stable&domain=claim-my-transaction.propertyfinder.ae&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
812db8dde7ca61f936e666158a28b7e727c5f038be99cdcad29e0ff001b4e0a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 16 Aug 2024 19:59:18 GMT
document-policy
force-load-at-top
x-fb-server-load
22
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=4, rtx=0, c=65, mss=1297, tbw=64350, tp=-1, tpl=-1, uplat=199, ullat=0
pragma
public
x-fb-debug
tiiJgGorzAiVzvm6bYzncKiNbCB+K5ruqaimWFxvRT51ISkqeDcLjzQtxHkodYDD46sftJnfRQFxbJ+mpgkuXA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=369838254251405&ev=PageView&dl=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe&rl=&if=false&ts=1723838358279&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723838358276.548005879341681787&cs_est=true&ler=empty&cdl=API_unavailable&it=1723838358016&coo=false&rqm=GET
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=2774, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Aug 2024 19:59:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=369838254251405&ev=PageView&dl=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2F%3Fparam%3Dcmd.exe&rl=&if=false&ts=1723838358279&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723838358276.548005879341681787&cs_est=true&ler=empty&cdl=API_unavailable&it=1723838358016&coo=false&rqm=FGET
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 16 Aug 2024 19:59:18 GMT
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403829371746984350", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=3091, tp=-1, tpl=-1, uplat=241, ullat=0
pragma
no-cache
x-fb-debug
hfMxSc8iOb+Zt0D4ycI8wdbPkbpo5M24/DT3ITYZGt1rxEg21hyTucUTLrhJYvHfX9zi/S5OwqM0gGX6tpmqng==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403829371746984350"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.43/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/l21wjkq2zd?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:18 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 20:00:47 GMT
etag
W/"0x8DCBBD29FD28C29"
vary
Accept-Encoding
x-azure-ref
20240816T195918Z-155445f45d7n794fe8apx4uqs8000000020000000000c7u6
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
022f7679-a01e-0060-4e46-ee5244000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
x.clarity.ms/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
application/x-clarity-gzip
Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://claim-my-transaction.propertyfinder.ae
Date
Fri, 16 Aug 2024 19:59:19 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
pd.js
pi.pardot.com/ 		0
0
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4AF907327EB94321BCDF741F97E54565&RedC=c.clarity.ms&MXFR=114241E99DC7686830DB553499C76606
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4AF907327EB94321BCDF741F97E54565&MUID=2E931BD84C02618E22770F054D5860A0
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4AF907327EB94321BCDF741F97E54565&MUID=2E931BD84C02618E22770F054D5860A0
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Aug 2024 19:59:19 GMT
last-modified
Tue, 13 Aug 2024 21:12:15 GMT
server
Microsoft-IIS/10.0
etag
"3bd2d078c5edda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Aug 2024 19:59:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7359BCA2B79F43918BEFAA251BACBABD Ref B: SIN30EDGE0809 Ref C: 2024-08-16T19:59:19Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4AF907327EB94321BCDF741F97E54565&MUID=2E931BD84C02618E22770F054D5860A0
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
anonymous
sdk.split.io/api/mySegments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://claim-my-transaction.propertyfinder.ae
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://claim-my-transaction.propertyfinder.ae
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Fri, 16 Aug 2024 19:59:19 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-qpg1231-QPG
x-timer
S1723838360.537768,VS0,VE0
anonymous
sdk.split.io/api/mySegments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://claim-my-transaction.propertyfinder.ae
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://claim-my-transaction.propertyfinder.ae
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Fri, 16 Aug 2024 19:59:19 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-qpg1231-QPG
x-timer
S1723838360.538025,VS0,VE0
splitChanges
sdk.split.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://claim-my-transaction.propertyfinder.ae
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://claim-my-transaction.propertyfinder.ae
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Fri, 16 Aug 2024 19:59:19 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-qpg1231-QPG
x-timer
S1723838360.538047,VS0,VE0
splitChanges
sdk.split.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://claim-my-transaction.propertyfinder.ae
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://claim-my-transaction.propertyfinder.ae
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Fri, 16 Aug 2024 19:59:19 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-qpg1231-QPG
x-timer
S1723838360.537999,VS0,VE0
anonymous
sdk.split.io/api/mySegments/ 		17 B
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anonymous
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubdomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 16 Aug 2024 19:59:19 GMT
age
143586
x-cache
MISS, HIT
content-length
41
x-served-by
cache-iad-kcgs7200106-IAD, cache-qpg1231-QPG
x-timer
S1723838360.546677,VS0,VE1
etag
"1000002"
vary
Accept-Encoding, Origin, Authorization
trace
cache-iad-kcgs7200106-IAD-f5b9a438-dd57-43ad-bee9-d0ff4fdc8e23; cache-qpg120101-QPG-8e316cd6-b09b-490f-8967-8c0767d29847
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
x-cache-hits
0, 0
anonymous
sdk.split.io/api/mySegments/ 		17 B
130 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anonymous
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
via
1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=15770000; includeSubdomains
age
143586
x-cache
HIT
content-length
41
x-served-by
cache-qpg1231-QPG
x-timer
S1723838360.552558,VS0,VE1
etag
"1000002"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200106-IAD-f5b9a438-dd57-43ad-bee9-d0ff4fdc8e23; cache-qpg120101-QPG-8e316cd6-b09b-490f-8967-8c0767d29847
accept-ranges
bytes
x-cache-hits
1
splitChanges
sdk.split.io/api/ 		575 KB
44 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
via
1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=15770000; includeSubdomains
age
17857
x-cache
HIT
content-length
36262
x-served-by
cache-qpg1231-QPG
last-modified
Fri, 16 Aug 2024 15:01:37 GMT
x-timer
S1723838360.552562,VS0,VE1
etag
"1723820497709"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200086-IAD-27800808-6116-4b17-959a-3a1a92434cec; cache-qpg1249-QPG-498a8939-4b12-4222-af8d-537c90b6814e
accept-ranges
bytes
x-cache-hits
1
splitChanges
sdk.split.io/api/ 		575 KB
36 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubdomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 16 Aug 2024 19:59:19 GMT
age
17857
x-cache
HIT, HIT
content-length
36262
x-served-by
cache-iad-kcgs7200086-IAD, cache-qpg1231-QPG
last-modified
Fri, 16 Aug 2024 15:01:37 GMT
x-timer
S1723838360.546658,VS0,VE1
etag
"1723820497709"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
trace
cache-iad-kcgs7200086-IAD-27800808-6116-4b17-959a-3a1a92434cec; cache-qpg1249-QPG-498a8939-4b12-4222-af8d-537c90b6814e
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
x-cache-hits
31, 0
favicon.ico
claim-my-transaction.propertyfinder.ae/ 		14 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://claim-my-transaction.propertyfinder.ae/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.201.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-201-254.ap-southeast-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' https: http: 'unsafe-eval'; object-src 'none'; base-uri 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
content-security-policy
script-src 'unsafe-inline' https: http: 'unsafe-eval'; object-src 'none'; base-uri 'self';
content-encoding
gzip
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
pragma
public
referrer-policy
no-referrer
last-modified
Fri, 16 Aug 2024 12:08:16 GMT
server
istio-envoy
etag
W/"66bf4130-38ae"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/x-icon
cache-control
public, max-age=2592000
expires
30d
auth
auth.split.io/api/v2/ 		0
0
auth
auth.split.io/api/v2/ Frame 		0
0
auth
auth.split.io/api/v2/ 		0
0
auth
auth.split.io/api/v2/ Frame 		0
0
anonymous
sdk.split.io/api/mySegments/ 		17 B
47 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anonymous
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
via
1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=15770000; includeSubdomains
age
143586
x-cache
HIT
content-length
41
x-served-by
cache-qpg1231-QPG
x-timer
S1723838360.588615,VS0,VE0
etag
"1000002"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200106-IAD-f5b9a438-dd57-43ad-bee9-d0ff4fdc8e23; cache-qpg120101-QPG-8e316cd6-b09b-490f-8967-8c0767d29847
accept-ranges
bytes
x-cache-hits
2
anonymous
sdk.split.io/api/mySegments/ 		17 B
47 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anonymous
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
via
1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=15770000; includeSubdomains
age
143586
x-cache
HIT
content-length
41
x-served-by
cache-qpg1231-QPG
x-timer
S1723838360.593636,VS0,VE0
etag
"1000002"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200106-IAD-f5b9a438-dd57-43ad-bee9-d0ff4fdc8e23; cache-qpg120101-QPG-8e316cd6-b09b-490f-8967-8c0767d29847
accept-ranges
bytes
x-cache-hits
3
splitChanges
sdk.split.io/api/ 		575 KB
43 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
via
1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=15770000; includeSubdomains
age
17857
x-cache
HIT
content-length
36262
x-served-by
cache-qpg1231-QPG
last-modified
Fri, 16 Aug 2024 15:01:37 GMT
x-timer
S1723838360.591037,VS0,VE0
etag
"1723820497709"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200086-IAD-27800808-6116-4b17-959a-3a1a92434cec; cache-qpg1249-QPG-498a8939-4b12-4222-af8d-537c90b6814e
accept-ranges
bytes
x-cache-hits
2
splitChanges
sdk.split.io/api/ 		575 KB
72 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://claim-my-transaction.propertyfinder.ae/
SplitSDKVersion
reactnative-0.6.2
Authorization
Bearer egaovpodpabibv44p2bn6rbv91rfjvfp0eah
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
via
1.1 varnish
content-encoding
gzip
strict-transport-security
max-age=15770000; includeSubdomains
age
17857
x-cache
HIT
content-length
36262
x-served-by
cache-qpg1231-QPG
last-modified
Fri, 16 Aug 2024 15:01:37 GMT
x-timer
S1723838360.594800,VS0,VE0
etag
"1723820497709"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200086-IAD-27800808-6116-4b17-959a-3a1a92434cec; cache-qpg1249-QPG-498a8939-4b12-4222-af8d-537c90b6814e
accept-ranges
bytes
x-cache-hits
3
auth
auth.split.io/api/v2/ Frame 		0
0
auth
auth.split.io/api/v2/ 		0
0
auth
auth.split.io/api/v2/ 		0
0
auth
auth.split.io/api/v2/ Frame 		0
0
Primary Request endpoint
auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/
Redirect Chain
  • https://auth.propertyfinder.com/auth/oauth/sso/initiate?scope=openid&response_type=code&client_id=pfexpert&redirect_uri=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2Fauthenticate&login_uri...
  • https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint
390 KB
390 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/main.9e338d47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.145.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0d0ea9b89fa50355.awsglobalaccelerator.com
Software
istio-envoy /
Resource Hash
65337e43b47796f670debfcd60f918d4e02d33939e96b24fbde22f37dc840c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
398909
content-type
text/html; charset=utf-8
date
Fri, 16 Aug 2024 19:59:20 GMT
etag
"66b1df44-6163d"
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
162
x-permitted-cross-domain-policies
none
x-robots-tag
noindex, noarchive, nosnippet
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Domain,Content-Type,X-Requested-With,Token,Authorization,X-Issuer,Cookie
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
access-control-max-age
86400
content-length
120
content-type
text/html; charset=utf-8
date
Fri, 16 Aug 2024 19:59:20 GMT
location
https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint
server
istio-envoy
x-envoy-upstream-service-time
10
OpenSans-Medium.a4894b36b47378c77c5f.ttf
expert-assets.propertyfinder.com/claim-transaction/static/media/ 		127 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://expert-assets.propertyfinder.com/claim-transaction/static/media/OpenSans-Medium.a4894b36b47378c77c5f.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-56.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
Origin
https://claim-my-transaction.propertyfinder.ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:20 GMT
content-encoding
gzip
via
1.1 7019d108ed76e032af7a0273104a07a2.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 12:43:46 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
etag
W/"ab21dae0926dcf5203881d4522ac2a55"
x-amz-server-side-encryption
AES256
access-control-max-age
0
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin
x-amz-cf-id
TRF-425SvEFidMyf_PMXaFvInOuGMfaTeQJuVAKNtUJ59vinvEe8LQ==
Roboto-Medium.7c8d04cd831df3033c8a.ttf
expert-assets.propertyfinder.com/claim-transaction/static/media/ 		165 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://expert-assets.propertyfinder.com/claim-transaction/static/media/Roboto-Medium.7c8d04cd831df3033c8a.ttf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.120.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-120-56.hkg62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
Origin
https://claim-my-transaction.propertyfinder.ae
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:20 GMT
content-encoding
gzip
via
1.1 7019d108ed76e032af7a0273104a07a2.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2024 12:43:46 GMT
server
AmazonS3
x-amz-cf-pop
HKG62-C1
etag
W/"68ea4734cf86bd544650aee05137d7bb"
x-amz-server-side-encryption
AES256
access-control-max-age
0
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Accept-Encoding,Origin
x-amz-cf-id
4zUnDg_2Jo-Otjuhdz1rKfjET-Q6G2euaWJIiS_8CIij7ouljNpy_g==
/
zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com/SIE/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8JlevJ0OClDXWAu
Requested by
Host: claim-my-transaction.propertyfinder.ae
URL: https://claim-my-transaction.propertyfinder.ae/?param=cmd.exe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
182873
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"26a0-Mtb61EvRPMRlTh3gJQ265XYAUsk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b44011428df9cb9-SIN
snippet.js
static.zdassets.com/ekr/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=c2522828-94e5-4e0a-b8a8-5e234e629f3c
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/main.9e338d47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
x-amz-version-id
qclSddpGUX2.KT0tZACrS6v9bSx237T.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
JKN1Q3J8ZTSJ5QCC
age
50
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
mffWrceLKlBhNibh9xibEteyYzkmlyQFIFfoHQmboQCwTVcm8Bo4MCr+iqWuL8CrS195Nm/b2iA=
last-modified
Thu, 08 Aug 2024 15:49:45 GMT
server
cloudflare
etag
W/"67cbb97bf64ecd65d74b0de6ede92abf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8qLhdnXXbAp3UCsRbMy4tDcJYW5ThEORDm2uq1UDs%2FTrBuJIPJ7whw2sn5AqUZFFttSWC0dYRTmEr0NybFDOCaA%2BwenYrpS3hwWwpWxymTAkChKxpAJWkHftFvau07Nyy15%2FL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8b4401147f8ecdfa-SIN
access-control-allow-headers
*
collect
x.clarity.ms/ 		0
302 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://claim-my-transaction.propertyfinder.ae
Date
Fri, 16 Aug 2024 19:59:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
/
www.facebook.com/tr/ 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=369838254251405&ev=PageView&dl=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2Fauthenticate&rl=&if=false&ts=1723838359680&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723838358276.548005879341681787&cs_est=true&ler=empty&cdl=API_unavailable&it=1723838358016&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=6452, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 16 Aug 2024 19:59:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=369838254251405&ev=PageView&dl=https%3A%2F%2Fclaim-my-transaction.propertyfinder.ae%2Fauthenticate&rl=&if=false&ts=1723838359680&sw=1600&sh=1200&v=2.9.164&r=stable&ec=1&o=4126&fbp=fb.1.1723838358276.548005879341681787&cs_est=true&ler=empty&cdl=API_unavailable&it=1723838358016&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 16 Aug 2024 19:59:19 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7403829376151772874", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=10, mss=1297, tbw=6620, tp=-1, tpl=-1, uplat=185, ullat=0
pragma
no-cache
x-fb-debug
44HoDOcehN66NUKawPNKbXui4g0o129RE/1BltCHLe0KNzghrp7iQnGKk9t2J075CCtvOuTidE2iFpVw7/JLSA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7403829376151772874"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
12.f4ffc90369d4c0cab88a.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=claim-my-transaction.propertyfinder.ae
Requested by
Host: zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com
URL: https://zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8JlevJ0OClDXWAu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
171874
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"12971-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b44011459029cb9-SIN
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8JlevJ0OClDXWAu&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-type
application/json
access-control-allow-origin
https://claim-my-transaction.propertyfinder.ae
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
35c1c4c5357b340a
timing-allow-origin
*
cf-ray
8b440114890f9cb9-SIN
c2522828-94e5-4e0a-b8a8-5e234e629f3c
ekr.zdassets.com/compose/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/c2522828-94e5-4e0a-b8a8-5e234e629f3c
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:20 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8b3f196b2c30b482-SEA, 8b3f196b2c30b482-SEA, 8b3f196b2c30b482-SEA
x-runtime
0.003931
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"885b8721bb210ccbb0f570cb9d60da4f"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgVGN9Ti2VGdu9WDNU0pQ0XvBK5mFvqi56yTkf9JhlZvBd47G2YhGzDotuIwYSGpHCoIbtsx2nZsngLZdUNdMbc2QvcM6cAXTlFyt%2BBVuzhyc%2FXpgf94iDzmtswwk7matTk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes, yes
cf-ray
8b44011579a840e8-SIN
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=propertyfinder
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=claim-my-transaction.propertyfinder.ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
171874
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"19780-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b44011549a59cb9-SIN
7.800559bd58aa9fb303cf.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.800559bd58aa9fb303cf.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=propertyfinder
Requested by
Host: zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com
URL: https://zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8JlevJ0OClDXWAu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
171874
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"b55-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b44011579c49cb9-SIN
1.049908ccb9412226a927.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.049908ccb9412226a927.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=propertyfinder
Requested by
Host: zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com
URL: https://zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8JlevJ0OClDXWAu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
171873
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"73fb-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b44011579c59cb9-SIN
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=propertyfinder
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=claim-my-transaction.propertyfinder.ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
171873
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"10099-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b44011579c79cb9-SIN
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_1jQcFPXle6mnuic&Version=44&Q_ORIGIN=https://claim-my-transaction.propertyfinder.ae&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BrandTier=&Q_ARCACHEVERSION=21&Q_BRANDDC=fra1
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Mon, 14 Aug 2034 19:59:19 GMT
date
Fri, 16 Aug 2024 19:59:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 16 Aug 2024 19:59:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8b4401158bde8948-SIN
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0OeR1ymhXI1LXWN&Version=41&Q_InterceptID=SI_1jQcFPXle6mnuic&Q_ORIGIN=https://claim-my-transaction.propertyfinder.ae&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BrandTier=&Q_ARCACHEVERSION=21&Q_BRANDDC=fra1
Requested by
Host: expert-assets.propertyfinder.com
URL: https://expert-assets.propertyfinder.com/claim-transaction/static/js/769.f6525381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Mon, 14 Aug 2034 19:59:20 GMT
date
Fri, 16 Aug 2024 19:59:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 16 Aug 2024 19:59:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8b4401158be08948-SIN
servershortname
collect
x.clarity.ms/ 		0
0
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 		245 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claim-my-transaction.propertyfinder.ae/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Mon, 08 May 2034 19:52:18 GMT
date
Fri, 16 Aug 2024 19:59:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
8467622
cf-polished
origSize=757
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-length
245
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 May 2024 20:28:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
320471f5fcd99872
accept-ranges
bytes
cf-ray
8b440116aa989cb9-SIN
servershortname
web-widget-main-d3f9e9b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2785 		468 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-d3f9e9b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=c2522828-94e5-4e0a-b8a8-5e234e629f3c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:20 GMT
x-amz-version-id
SbdY1cW0csyi2HFw_4TmQJSCB.vmb.mK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
Q01NNR10R5HCVAXS
age
722504
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
MEgD5SzmSkraL3woukP0xTF12UBVyD4q6FENQn4NtzfBMrKEEhCOhMb7ZOJ7mPE6EkenqIGRXQo5TP08XyHbMWVCLsHbR6FH
last-modified
Mon, 05 Aug 2024 10:48:15 GMT
server
cloudflare
etag
W/"82b20b63311933469698a3e7aecd7c98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkptUaZdSRBnJAA4CTBBvQvueMdoPLKjfag2QVtdqMdDK6Jt2wJhSx3x2A0i3DDTc8qaDLSGKpew%2BBZYsclY0AgkwOAh9qPQ9MKMwQT8cOujuKB50fVc7fKpBdsyv5gmdCEP7wM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8b440116fcdacdfa-SIN
access-control-allow-headers
*
expires
Tue, 05 Aug 2025 10:48:14 GMT
en-us-json-d3f9e9b.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 2785 		0
0
web-widget-4852-d3f9e9b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2785 		0
0
web-widget-9527-d3f9e9b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2785 		0
0
web-widget-2306-d3f9e9b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2785 		0
0
web-widget-198-d3f9e9b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2785 		0
0
web-widget-3287-d3f9e9b.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2785 		0
0
splitChanges
sdk.split.io/api/ Frame 		0
0
splitChanges
sdk.split.io/api/ Frame 		0
0
splitChanges
sdk.split.io/api/ Frame 		0
0
splitChanges
sdk.split.io/api/ Frame 		0
0
bulk
events.split.io/api/testImpressions/ Frame 		0
0
count
events.split.io/api/testImpressions/ Frame 		0
0
turbo.es2017-umd.js
animaapp.s3.amazonaws.com/static/ 		127 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://animaapp.s3.amazonaws.com/static/turbo.es2017-umd.js
Requested by
Host: auth.propertyfinder.com
URL: https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
16.15.193.171 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
abc02bbcc71c6a31b776c46a977e53c12ef4fcfcd23aef15dff75c5c1512db5a

Request headers

Referer
https://auth.propertyfinder.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 16 Aug 2024 19:59:22 GMT
x-amz-version-id
null
Last-Modified
Mon, 05 Sep 2022 14:48:10 GMT
Server
AmazonS3
x-amz-request-id
DG1CPV9VVX10GGJF
ETag
"ccd6883a3360069a3bcab8a20df2027d"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
129723
x-amz-id-2
kyUpddDlWYFH2G8k0iXSy44bK41dPUEWnt1vO7TDbc0fsclM7VnLOwG2OlCOzCLacmqc/GMcwK/SQgrfj8vnmhml8oumW0OW
reset.min.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/ 		773 B
962 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://auth.propertyfinder.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 19:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
357485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
333
last-modified
Mon, 04 May 2020 16:13:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f23-305"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0efGymyXEXPLtTXz5tfeyrM5qNrSUCW4OkAj5%2BgvxNyICQz%2B4dPbdmuJCaz2xxrLEQX5RU%2FdDlXbyr0v7xdFjZwJRo%2FX1%2FsW%2BfGg6ovKxIhbatyy8yXbVD95uFafUZm6N5l0G%2Fzn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b4401184f17455f-SIN
expires
Wed, 06 Aug 2025 19:59:20 GMT
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://auth.propertyfinder.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 16 Aug 2024 19:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 16 Aug 2024 18:30:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Aug 2024 19:59:20 GMT
6528e484afe76e5af1199b16.6528e485afe76e5af1199b19.mD7Ld42.hch.png
px.animaapp.com/ 		0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
205d766bbee499f4ff8e2a081988f015c1ec677a96a5668f7ccd6eb1e1ce34d6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		986 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84617bbe18cd3d46cee626280de3c2d91cc7275bc1e669381e6dbbbbe8116e2d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		477 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86dbb56e414b0c579a303cc11b529f416d7b8729ce1f4994473041efd04467df

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a5a98cf1f86c57058acd82266f228fc643607e527590281814426ad88c3133c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		810 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad1bb8bc8c75ab6ad0ece0e599cfdb47a345f736e3b3e80ee49637e9c06b2e99

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		810 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c18a776af5900cc4d4657461fad3115879b731fb3409f3c30d26bad04d6a0fbb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
841e9033b58b7062fc03a3cd1f3aa8338ba2e776a4f4e1337f3b1cbc34e5af45

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.propertyfinder.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 16:24:10 GMT
x-content-type-options
nosniff
age
531310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Aug 2025 16:24:10 GMT
favicon.png
animaproject.s3.amazonaws.com/home/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pi.pardot.com
URL
https://pi.pardot.com/pd.js
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
auth.split.io
URL
https://auth.split.io/api/v2/auth?users=anonymous
Domain
x.clarity.ms
URL
https://x.clarity.ms/collect
Domain
siteintercept.qualtrics.com
URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_0OeR1ymhXI1LXWN&Q_SIID=SI_1jQcFPXle6mnuic&Q_ASID=AS_7R3vRhAS7IRxzPj&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&r=1723838360102
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-d3f9e9b.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-d3f9e9b.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-d3f9e9b.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-d3f9e9b.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-198-d3f9e9b.js
Domain
static.zdassets.com
URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-3287-d3f9e9b.js
Domain
sdk.split.io
URL
https://sdk.split.io/api/splitChanges?since=1723820497709
Domain
sdk.split.io
URL
https://sdk.split.io/api/splitChanges?since=1723820497709
Domain
sdk.split.io
URL
https://sdk.split.io/api/splitChanges?since=1723820497709
Domain
sdk.split.io
URL
https://sdk.split.io/api/splitChanges?since=1723820497709
Domain
events.split.io
URL
https://events.split.io/api/testImpressions/bulk
Domain
events.split.io
URL
https://events.split.io/api/testImpressions/count
Domain
px.animaapp.com
URL
https://px.animaapp.com/6528e484afe76e5af1199b16.6528e485afe76e5af1199b19.mD7Ld42.hch.png
Domain
animaproject.s3.amazonaws.com
URL
https://animaproject.s3.amazonaws.com/home/favicon.png

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| litHtmlVersions object| commonService object| Turbo function| getTop function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| ownKeys function| _objectSpread function| _defineProperty function| _createForOfIteratorHelper function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| isHidden function| loadAsyncSrcForTag function| pauseHiddenVideos function| loadAsyncSrc function| new_onResize function| updateOnResize object| Lib function| anime function| EvEmitter function| imagesLoaded object| hotspotsService

16 Cookies

Domain/Path Name / Value
.propertyfinder.ae/ Name: _gcl_au
Value: 1.1.1548512496.1723838358
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkxT8JEZj5xlfubD6qBgkeXkaWUqxrZCUo972Ocgi7IaX802wdODM57nEdl0ag
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.propertyfinder.ae/ Name: _fbp
Value: fb.1.1723838358276.548005879341681787
www.clarity.ms/ Name: CLID
Value: 2ef4be233bee431ea0975120ff2b4965.20240816.20250816
.propertyfinder.ae/ Name: _clck
Value: 1lyc3b%7C2%7Cfod%7C0%7C1689
.propertyfinder.ae/ Name: _clsk
Value: ild4is%7C1723838359495%7C1%7C1%7Cx.clarity.ms%2Fcollect
claim-my-transaction.propertyfinder.ae/ Name: _dd_s
Value: logs=1&id=87b0a649-8f02-4af5-a581-bb77ab800b52&created=1723838359691&expire=1723839259691
.bing.com/ Name: MUID
Value: 2E931BD84C02618E22770F054D5860A0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2E931BD84C02618E22770F054D5860A0
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2E931BD84C02618E22770F054D5860A0
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

2 Console Messages

Source Level URL
Text
network error URL: https://auth.propertyfinder.com/broker/realms/propertyfinder/broker/pfexpert/endpoint
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://px.animaapp.com/6528e484afe76e5af1199b16.6528e485afe76e5af1199b19.mD7Ld42.hch.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8546169.fls.doubleclick.net
ad.doubleclick.net
animaapp.s3.amazonaws.com
animaproject.s3.amazonaws.com
auth.propertyfinder.com
auth.split.io
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
claim-my-transaction.propertyfinder.ae
connect.facebook.net
ekr.zdassets.com
events.split.io
expert-assets.propertyfinder.com
fonts.googleapis.com
fonts.gstatic.com
pi.pardot.com
px.animaapp.com
sdk.split.io
siteintercept.qualtrics.com
static.zdassets.com
www.clarity.ms
www.facebook.com
www.googletagmanager.com
x.clarity.ms
zn8jlevj0ocldxwau-propertyfinder.siteintercept.qualtrics.com
animaproject.s3.amazonaws.com
auth.split.io
events.split.io
pi.pardot.com
px.animaapp.com
sdk.split.io
siteintercept.qualtrics.com
static.zdassets.com
x.clarity.ms
104.17.208.240
104.17.209.240
104.17.25.14
104.18.72.113
13.226.120.56
13.250.201.254
151.101.131.9
16.15.193.171
20.114.190.119
2404:6800:4003:c00::61
2404:6800:4003:c05::5f
2404:6800:4003:c1a::5e
2620:1ec:bdf::59
2620:1ec:c11::237
2a03:2880:f00c:19:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
52.231.230.148
64.233.170.148
74.125.130.149
99.83.145.68
057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
205d766bbee499f4ff8e2a081988f015c1ec677a96a5668f7ccd6eb1e1ce34d6
216271039a38b48bd7f46336ddebabe6babc04f27ea18bbfa1f30a91d0b5c2f3
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
65337e43b47796f670debfcd60f918d4e02d33939e96b24fbde22f37dc840c2c
7a5a98cf1f86c57058acd82266f228fc643607e527590281814426ad88c3133c
7fd3f48b55030b20f8973c6f10f16ef9adbd8babaf5ba2aad74167c30f8adb63
812db8dde7ca61f936e666158a28b7e727c5f038be99cdcad29e0ff001b4e0a9
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
841e9033b58b7062fc03a3cd1f3aa8338ba2e776a4f4e1337f3b1cbc34e5af45
84617bbe18cd3d46cee626280de3c2d91cc7275bc1e669381e6dbbbbe8116e2d
86dbb56e414b0c579a303cc11b529f416d7b8729ce1f4994473041efd04467df
8ded25f76c6ed9c9a72230f72aee66f3486751d9a3754c36371834b539127eb3
944c720bfe1f9c16c5d1ddbae71c949dc742dc664864ca2fc45bd65587d76f4f
a8ee1f66b27fac566351d05778985213d13e449501ad678e80ca201ba31e7944
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab7ce10445a21bf4ac1938ba7f9b87ee79cb3745168a085aabd90b3ffbbe0904
abc02bbcc71c6a31b776c46a977e53c12ef4fcfcd23aef15dff75c5c1512db5a
ad1bb8bc8c75ab6ad0ece0e599cfdb47a345f736e3b3e80ee49637e9c06b2e99
b30ee41c440edccdfe9cb97c36cd9502e9513395711dc33b32301f6ff6bf9f36
c18a776af5900cc4d4657461fad3115879b731fb3409f3c30d26bad04d6a0fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f09db597ccdf224a3bb690c30c940232fdb4358871ce082fa5fbf941bdaf89ec