Submitted URL: https://vtrack.eservices.orange.jo/
Effective URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Submission: On July 25 via api from US — Scanned from CA

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 213.139.33.156, located in Amman, Jordan and belongs to JTC-AS8697 Jordan Telecom Group JTG , JO. The main domain is vtrack.eservices.orange.jo.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 14th 2023. Valid for: a year.
This is the only time vtrack.eservices.orange.jo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 213.139.33.156 8697 (JTC-AS869...)
16 1
Apex Domain
Subdomains
Transfer
17 orange.jo
vtrack.eservices.orange.jo
2 MB
16 1
Domain Requested by
17 vtrack.eservices.orange.jo 1 redirects vtrack.eservices.orange.jo
16 1

This site contains no links.

Subject Issuer Validity Valid
vtrack.eservices.orange.jo
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-14 -
2024-09-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Frame ID: 5B330932F3B5A688C68F13EFC3EBDB9B
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

JoTrack V2 Login

Page URL History Show full URLs

  1. https://vtrack.eservices.orange.jo/ HTTP 302
    https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/ Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2158 kB
Transfer

2154 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vtrack.eservices.orange.jo/ HTTP 302
    https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Index
vtrack.eservices.orange.jo/Login/
Redirect Chain
  • https://vtrack.eservices.orange.jo/
  • https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
7 KB
7 KB
Document
General
Full URL
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0a698091a585c0ed81e0b2040e9ff5fce0214a2deab543be4a439d5a9704a988
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
private
content-length
6671
content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
content-type
text/html; charset=utf-8
date
Thu, 25 Jul 2024 10:08:45 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
private
content-length
141
content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
content-type
text/html; charset=utf-8
date
Thu, 25 Jul 2024 10:08:45 GMT
location
/Login/Index?ReturnUrl=/
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
LoginJS
vtrack.eservices.orange.jo/bundles/
143 KB
143 KB
Script
General
Full URL
https://vtrack.eservices.orange.jo/bundles/LoginJS?v=6mox5Rb9frrNtRQteJ98qWVECXfOt3EgG9CdOX36jQE1
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8250d0d1ba6bf093fa348d88ff5e2364f35d574abee197f11f67535a7ac19f2
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:45 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
146516
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 10:08:46 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
expires
Fri, 25 Jul 2025 10:08:46 GMT
LoginCSS
vtrack.eservices.orange.jo/bundles/
469 B
596 B
Stylesheet
General
Full URL
https://vtrack.eservices.orange.jo/bundles/LoginCSS?v=ByVhMa8B6DRh2uMZp9vwth2qM8kj0D89w5MaiTCNw7U1
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3338c1308a7949f633a5e474133a83cb2a6fd6001bf2bb4633fea0274e8aa6d2
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:45 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
469
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 10:08:46 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
expires
Fri, 25 Jul 2025 10:08:46 GMT
Jquery_UI_Style
vtrack.eservices.orange.jo/Content/
40 KB
40 KB
Stylesheet
General
Full URL
https://vtrack.eservices.orange.jo/Content/Jquery_UI_Style?v=DoXxuPiUDD1XavGBrXed5TTJaV8KPnke-E5bMn-lfGA1
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b5575773bf9bc03769560c695cbcbb48c4dcf9aa216099dd3ced43018125170
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:45 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
40531
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 10:08:46 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
expires
Fri, 25 Jul 2025 10:08:46 GMT
ThemeGpsStyles
vtrack.eservices.orange.jo/Content/
416 KB
417 KB
Stylesheet
General
Full URL
https://vtrack.eservices.orange.jo/Content/ThemeGpsStyles?v=1nddF8zghu4vCLamGZORIx9aEpLlXBMahfp2iQVbVO41
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c3f90eec83232d6d66f5c5ca2124eb091c79bffd3e92a98731f57bb0301e3fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:45 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
426355
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 10:08:46 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
expires
Fri, 25 Jul 2025 10:08:46 GMT
jotrack-black-logo.svg
vtrack.eservices.orange.jo/Content/images/
4 KB
4 KB
Image
General
Full URL
https://vtrack.eservices.orange.jo/Content/images/jotrack-black-logo.svg
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8326f308650faf74f45818d57cd1ba67c17b9107fffd50ab208dbedee13aa02e
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Apr 2024 11:57:54 GMT
server
Microsoft-IIS/10.0
etag
"38ba1f262c8fda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
3920
x-xss-protection
1; mode=block
common.js
vtrack.eservices.orange.jo/ScriptsApp/Common/
1 KB
1 KB
Script
General
Full URL
https://vtrack.eservices.orange.jo/ScriptsApp/Common/common.js
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
07aa4393f5bccdf6437a62c54ad64a19e06d3887829069965b1b0f686917ec45
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Apr 2024 13:58:27 GMT
server
Microsoft-IIS/10.0
etag
"96d97fd3c8fda1:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1307
x-xss-protection
1; mode=block
jquery
vtrack.eservices.orange.jo/bundles/
417 KB
417 KB
Script
General
Full URL
https://vtrack.eservices.orange.jo/bundles/jquery?v=HuPwi_XHejHcm1TPw70qo5uDzPV8c0hK3dxGK3vPwXU1
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dea6d2ba0000c291f977cfa5e4b9e223a654e2eb965e8ea332bee186ce6c59c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:46 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
426840
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 10:08:47 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
expires
Fri, 25 Jul 2025 10:08:47 GMT
ThemeGpsScripts
vtrack.eservices.orange.jo/bundles/
881 KB
881 KB
Script
General
Full URL
https://vtrack.eservices.orange.jo/bundles/ThemeGpsScripts?v=zto31Vl27BLncp0A3i4AzaXTuAD5PLX2vOVmgVpHDnc1
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3d3c66fb8bae572959588e37033fa8c9a54bfbd787c6b4af6e2c2fead49b7dc5
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:46 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
901704
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 10:08:47 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
expires
Fri, 25 Jul 2025 10:08:47 GMT
jqueryval
vtrack.eservices.orange.jo/bundles/
27 KB
27 KB
Script
General
Full URL
https://vtrack.eservices.orange.jo/bundles/jqueryval?v=XMiPFjsZxR6xiYS5KZEB6eHHdtCQNVdOH-S3CNvZ5Xk1
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f43f6b8b6cfc139a291773a1df23c1f64be1a0209df76a021f994d2f31dfa07b
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:46 GMT
x-content-type-options
nosniff
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
27361
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 10:08:47 GMT
server
Microsoft-IIS/10.0
vary
User-Agent
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public
access-control-allow-headers
Content-Type
expires
Fri, 25 Jul 2025 10:08:47 GMT
SourceSansPro.css
vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/
15 KB
15 KB
Stylesheet
General
Full URL
https://vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/SourceSansPro.css
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Content/ThemeGpsStyles?v=1nddF8zghu4vCLamGZORIx9aEpLlXBMahfp2iQVbVO41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a01fea1a9bcfba51d1ed6e84618e94390bfc571af47968a9f5a460e371fd39e
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Content/ThemeGpsStyles?v=1nddF8zghu4vCLamGZORIx9aEpLlXBMahfp2iQVbVO41
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Jul 2023 13:19:53 GMT
server
Microsoft-IIS/10.0
etag
"eb67593631b3d91:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
15379
x-xss-protection
1; mode=block
AbdounBridge.jpg
vtrack.eservices.orange.jo/Content/images/
134 KB
134 KB
Image
General
Full URL
https://vtrack.eservices.orange.jo/Content/images/AbdounBridge.jpg
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/bundles/LoginCSS?v=ByVhMa8B6DRh2uMZp9vwth2qM8kj0D89w5MaiTCNw7U1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5989bf8d49d883cbd2ba5dcbfe906f13a0fb1436b20a88b6d546916b3be93d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/bundles/LoginCSS?v=ByVhMa8B6DRh2uMZp9vwth2qM8kj0D89w5MaiTCNw7U1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Jul 2023 13:19:53 GMT
server
Microsoft-IIS/10.0
etag
"b8dd593631b3d91:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
136969
x-xss-protection
1; mode=block
qOK7l.woff2
vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/
16 KB
16 KB
Font
General
Full URL
https://vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/qOK7l.woff2
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/SourceSansPro.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/SourceSansPro.css
Origin
https://vtrack.eservices.orange.jo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Jul 2023 13:19:53 GMT
server
Microsoft-IIS/10.0
etag
"bea2593631b3d91:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
16112
x-xss-protection
1; mode=block
glyphicons-halflings-regular.woff2
vtrack.eservices.orange.jo/Content/bootstrap/fonts/
18 KB
18 KB
Font
General
Full URL
https://vtrack.eservices.orange.jo/Content/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Content/ThemeGpsStyles?v=1nddF8zghu4vCLamGZORIx9aEpLlXBMahfp2iQVbVO41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Content/ThemeGpsStyles?v=1nddF8zghu4vCLamGZORIx9aEpLlXBMahfp2iQVbVO41
Origin
https://vtrack.eservices.orange.jo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Jul 2023 13:19:53 GMT
server
Microsoft-IIS/10.0
etag
"de9e583631b3d91:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
18028
x-xss-protection
1; mode=block
lqDY.woff2
vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/
6 KB
7 KB
Font
General
Full URL
https://vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/lqDY.woff2
Requested by
Host: vtrack.eservices.orange.jo
URL: https://vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/SourceSansPro.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16a433b15cb3a1513c0e7cc83b317bbaec19de48956c8b8a6fbd2109f115cbf7
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Content/fonts/googleapi/SourceSansPro/SourceSansPro.css
Origin
https://vtrack.eservices.orange.jo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Jul 2023 13:19:53 GMT
server
Microsoft-IIS/10.0
etag
"bea2593631b3d91:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
5804
x-xss-protection
1; mode=block
favicon.ico
vtrack.eservices.orange.jo/
31 KB
31 KB
Other
General
Full URL
https://vtrack.eservices.orange.jo/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.139.33.156 Amman, Jordan, ASN8697 (JTC-AS8697 Jordan Telecom Group JTG , JO),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
Security Headers
Name Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
date
Thu, 25 Jul 2024 10:08:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Jul 2023 13:19:53 GMT
server
Microsoft-IIS/10.0
etag
"a363b83631b3d91:0"
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/x-icon
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
32038
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getCookie function| setCookie function| forgetPasswordModal function| checkUserName function| updatePassword function| $ function| jQuery function| ShowSuccessMessage function| showErrorMessage function| showLoadingOverlayByElement function| hideLoadingOverlayByElement function| ajaxRequest function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| jvm object| wysihtml5 function| Base object| Handlebars function| _init function| ShowNoty function| SendTurnOffOnCommand function| enableSwitchOnOff function| doPasswordValidation function| doSendingCommand function| CopyTextToClipBoared function| copyToClipboard function| SendPostAjax function| FormDateTimePicker function| LoadFull function| getCode object| jQuery11240055518293269327224 function| eve function| Raphael object| Morris function| moment function| daterangepicker object| rangy function| FastClick object| Cookies object| $iziModal

2 Cookies

Domain/Path Name / Value
vtrack.eservices.orange.jo/ Name: ASP.NET_SessionId
Value: hjiq0pydiqjoqb3xxiq2spoy
vtrack.eservices.orange.jo/ Name: __RequestVerificationToken
Value: bleW340e4S3nnYTSGIOGoDuqE6fH1zJFm270QaKS1vNvmNJhRWP4U4i7x6-plXT60ALTlYtXjgllZXIeWKAEMq9nWSZVitIuGuHz67MDAd01

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://vtrack.eservices.orange.jo/Login/Index?ReturnUrl=/
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' ;script-src 'self' 'unsafe-inline' cdnjs.cloudflare.com 'unsafe-eval' netdna.bootstrapcdn.com http://code.jquery.com/ http://cdn.leafletjs.com https://cdn.jsdelivr.net https://unpkg.com lab.digital-democracy.org https://cdn.polyfill.io https://vtrack.eservices.orange.jo https://signalr *.signalr https://www.gstatic.com https://maps.googleapis.com https://dev.virtualearth.net ; img-src 'self' *.tile.openstreetmap.org https://maps.gstatic.com *.googleapis.com *.tiles.virtualearth.net https://c0.froala.com/ cdnjs.cloudflare.com data: image/svg; connect-src 'self' https://vtrack.eservices.orange.jo/addressing/api/home https://developers.google.com https://maps.googleapis.com ws: https://vtrack.eservices.orange.jo api.allorigins.win https://router.project-osrm.org; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com *.cloudflare.com http://cdn.leafletjs.com *.jquery.com/ maxcdn.bootstrapcdn.com jdewit.github.io https://cdn.jsdelivr.net https://www.gstatic.com *.googleapis.com https://unpkg.com;base-uri 'self' ;form-action 'self';font-src 'self' https://fonts.gstatic.com maxcdn.bootstrapcdn.com;media-src 'self';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block