om.almosafer.com Open in urlscan Pro
104.17.62.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Submission: On November 17 via manual (November 17th 2024, 1:30:20 pm UTC) from OM — Scanned from DE

Summary HTTP 102 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 25 domains to perform 102 HTTP transactions. The main IP is 104.17.62.7, located in and belongs to CLOUDFLARENET, US. The main domain is om.almosafer.com.
TLS certificate: Issued by E5 on October 7th 2024. Valid for: 3 months.

This is the only time om.almosafer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	104.17.62.7 104.17.62.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:d04a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
4	104.18.6.251 104.18.6.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	13.33.219.205 13.33.219.205	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.67.9 151.101.67.9	54113 (FASTLY) (FASTLY)
2	104.17.61.7 104.17.61.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.197.221.236 44.197.221.236	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	35.186.235.99 35.186.235.99	15169 (GOOGLE) (GOOGLE)
2	18.172.112.113 18.172.112.113	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
1	108.138.26.113 108.138.26.113	16509 (AMAZON-02) (AMAZON-02)
5	2.16.206.219 2.16.206.219	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	80.158.18.121 80.158.18.121	6878 (AS6878 T-...) (AS6878 T-Systems International GmbH)
1 2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
7	2600:9000:275... 2600:9000:275d:4000:11:652e:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:5600:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.171.122.26 54.171.122.26	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:249... 2600:9000:2491:e600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
102	32

33 104.17.62.7 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

om.almosafer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:d04a (United States)

ASN13335 (CLOUDFLARENET, US)

assets.almosafer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.6.251 (None, )

ASN13335 (CLOUDFLARENET, US)

tjwlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.219.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-219-205.fra60.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.67.9 (San Francisco, United States)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.61.7 (None, )

ASN13335 (CLOUDFLARENET, US)

www.almosafer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.197.221.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-221-236.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.235.186.35.bc.googleusercontent.com

cdn.avo.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.172.112.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-113.fra60.r.cloudfront.net

cdn.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-113.fra56.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.206.219 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-206-219.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.158.18.121 (Germany)

ASN6878 (AS6878 T-Systems International GmbH, DE)
PTR: ecs-80-158-18-121.reverse.open-telekom-cloud.com

dtm-dre.platform.hicloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:275d:4000:11:652e:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk-02.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5600:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.122.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:e600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	almosafer.com 1 redirects om.almosafer.com assets.almosafer.com www.almosafer.com	2 MB
9	moengage.com cdn.moengage.com — Cisco Umbrella Rank: 21166 sdk-02.moengage.com — Cisco Umbrella Rank: 14024	103 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	755 KB
6	split.io sdk.split.io — Cisco Umbrella Rank: 2791 auth.split.io — Cisco Umbrella Rank: 3465 events.split.io Failed	4 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 799	141 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	2 KB
4	tjwlcdn.com tjwlcdn.com	109 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 981 api2.branch.io — Cisco Umbrella Rank: 1477	24 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 8327	465 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	217 B
2	google.de www.google.de — Cisco Umbrella Rank: 10745	127 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	578 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 768	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 359	15 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	256 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1654	508 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	app.link app.link — Cisco Umbrella Rank: 2501	669 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353	264 B
1	hicloud.com dtm-dre.platform.hicloud.com — Cisco Umbrella Rank: 89569	54 KB
1	avo.app cdn.avo.app — Cisco Umbrella Rank: 163437	25 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1279	50 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
102	25

	Domain	Requested by
33	om.almosafer.com	1 redirects om.almosafer.com www.datadoghq-browser-agent.com
8	www.googletagmanager.com	om.almosafer.com www.googletagmanager.com
7	sdk-02.moengage.com	www.datadoghq-browser-agent.com
5	analytics.tiktok.com	om.almosafer.com analytics.tiktok.com
4	sdk.split.io	www.datadoghq-browser-agent.com
4	tjwlcdn.com	om.almosafer.com
4	www.google.com	1 redirects om.almosafer.com www.gstatic.com www.googletagmanager.com
4	assets.almosafer.com	om.almosafer.com
2	api2.branch.io	www.datadoghq-browser-agent.com
2	bat.bing.net	bat.bing.com
2	www.facebook.com
2	www.google.de
2	s.yimg.com	om.almosafer.com www.datadoghq-browser-agent.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	cdn.moengage.com	om.almosafer.com cdn.moengage.com
2	auth.split.io	www.datadoghq-browser-agent.com
2	www.almosafer.com	www.datadoghq-browser-agent.com
1	googleads.g.doubleclick.net	1 redirects
1	sp.analytics.yahoo.com
1	www.googleadservices.com	www.googletagmanager.com
1	app.link	cdn.branch.io
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.google-analytics.com
1	region1.analytics.google.com	1 redirects
1	dtm-dre.platform.hicloud.com	om.almosafer.com
1	cdn.branch.io	om.almosafer.com
1	cdn.avo.app	om.almosafer.com
1	static.cloudflareinsights.com	om.almosafer.com
1	www.datadoghq-browser-agent.com	om.almosafer.com
1	fonts.gstatic.com	assets.almosafer.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	om.almosafer.com
0	events.split.io Failed	www.datadoghq-browser-agent.com
102	34

This site contains links to these domains. Also see Links.

Domain
wa.me

Subject Issuer	Validity	Valid
www.almosafer.com E5	`2024-10-07` - `2025-01-05`	3 months	crt.sh
almosafer.com E6	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
tjwlcdn.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-03`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn.avo.app WR3	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.moengage.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-26` - `2024-11-24`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-10-31` - `2024-12-18`	2 months	crt.sh
*.branch.io Amazon RSA 2048 M03	`2024-08-11` - `2025-09-09`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
bizconnect.huawei.com GlobalSign RSA OV SSL CA 2018	`2024-06-14` - `2025-07-16`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
appipv4.link Amazon RSA 2048 M03	`2024-03-25` - `2025-04-22`	a year	crt.sh
*.googleadservices.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Frame ID: 96EB64480E6FAE3270A76CDF358FA015
Requests: 93 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfUlQsbAAAAAGkJnKD62Zdu2m3WdJE0_k2qqO4i&co=aHR0cHM6Ly9vbS5hbG1vc2FmZXIuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=o6tzqjrqjfs8
Frame ID: 94194500D98A721970EB88C7E16851AB
Requests: 1 HTTP requests in this frame

Frame: https://om.almosafer.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: B987A00D039704711AC1EA15341E1656
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fom.almosafer.com
Frame ID: C524CB9BE5F70A12971588116D5FC854
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

موقع المسافر لحجز الفنادق

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MoEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.moengage\.\w+

Page Statistics

102
Requests

95 %
HTTPS

59 %
IPv6

25
Domains

34
Subdomains

32
IPs

6
Countries

3261 kB
Transfer

13191 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/966554400000
Title: +966554400000

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://om.almosafer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://om.almosafer.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

Request Chain 71

https://region1.analytics.google.com/g/collect?v=2&tid=G-LJF2ZPHK2H&gtm=45je4bc0v869656588z876194323za200zb76194323&_p=1731850210065&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1714153972.1731850211&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1%3Fncr%3D1&sid=1731850210&sct=1&seg=0&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&en=page_view&_fv=1&_nsi=1&_ss=2&_c=1&up.partner_referer=almosafer&tfd=4442 HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1714153972.1731850211&dbk=10338483453953627838&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4bc0v869656588z876194323za200zb76194323&npa=1&tid=G-LJF2ZPHK2H&dl=https%3A%2F%2Fom.almosafer.com%3F

Request Chain 91

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&label=YhyQCMScxpUBEKvLypgD&hn=www.googleadservices.com&frm=0&tiba=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&value=0&npa=1&pscdl=noapi&auid=675426050.1731850211&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&eitems=ChEIgMXmuQYQqZeAhuim-a-nARIdAEGBL7fuyHMKRm2qA41mk8iX8j_u5a8tGrAZCsA&pscrd=IhMI_OyD5bzjiQMVrZL9Bx01rDdAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOkdodHRwczovL29tLmFsbW9zYWZlci5jb20vYXIvcGF5bWVudC1mb3JtLzY3MzllZjBmZDAxYjEzMjgxODQ2NTEwOD9uY3I9MUJXQ2hBSWdNWG11UVlRa05Db3B0ZXFsS0VmRWkwQXYxYWZwRnlqSkRSWUIyblVBaFRqODBjM3FyUVJ5TDZCRUxNdXRSUnR6QldfMWJxSDJSVUI4TkJfQkdF HTTP 302
https://www.google.com/pagead/1p-conversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&label=YhyQCMScxpUBEKvLypgD&hn=www.googleadservices.com&frm=0&tiba=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&value=0&npa=1&pscdl=noapi&auid=675426050.1731850211&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI_OyD5bzjiQMVrZL9Bx01rDdAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOkdodHRwczovL29tLmFsbW9zYWZlci5jb20vYXIvcGF5bWVudC1mb3JtLzY3MzllZjBmZDAxYjEzMjgxODQ2NTEwOD9uY3I9MUJXQ2hBSWdNWG11UVlRa05Db3B0ZXFsS0VmRWkwQXYxYWZwRnlqSkRSWUIyblVBaFRqODBjM3FyUVJ5TDZCRUxNdXRSUnR6QldfMWJxSDJSVUI4TkJfQkdF&is_vtc=1&cid=CAQSGwCa7L7dx1iMivGAUuGud1-4xLFnuVp4yTFCHg&eitems=ChEIgMXmuQYQqZeAhuim-a-nARIdAEGBL7eRGI57b667K81IRGf2SiJofVfBxoELtTE&random=32461373 HTTP 302
https://www.google.de/pagead/1p-conversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&label=YhyQCMScxpUBEKvLypgD&hn=www.googleadservices.com&frm=0&tiba=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&value=0&npa=1&pscdl=noapi&auid=675426050.1731850211&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI_OyD5bzjiQMVrZL9Bx01rDdAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOkdodHRwczovL29tLmFsbW9zYWZlci5jb20vYXIvcGF5bWVudC1mb3JtLzY3MzllZjBmZDAxYjEzMjgxODQ2NTEwOD9uY3I9MUJXQ2hBSWdNWG11UVlRa05Db3B0ZXFsS0VmRWkwQXYxYWZwRnlqSkRSWUIyblVBaFRqODBjM3FyUVJ5TDZCRUxNdXRSUnR6QldfMWJxSDJSVUI4TkJfQkdF&is_vtc=1&cid=CAQSGwCa7L7dx1iMivGAUuGud1-4xLFnuVp4yTFCHg&eitems=ChEIgMXmuQYQqZeAhuim-a-nARIdAEGBL7eRGI57b667K81IRGf2SiJofVfBxoELtTE&random=32461373&ipr=y

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 6739ef0fd01b132818465108 Show response
om.almosafer.com/ar/payment-form/ 4 MB
473 KB 2169ms
2117ms Document
text/html 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

084381e80222ad30ee1766a9e21df49565b2302f14ea00bdf88fa788b01c4953

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e4012cd9e4cd2e3-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
content-type: text/html; charset=utf-8
date: Sun, 17 Nov 2024 13:30:08 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-env-type: prod
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
x-envoy-upstream-service-time: 1891
x-geoip-city: Eppstein
x-geoip-country: Germany
x-geoip-country-code: DE
x-geoip-region: Hesse
x-real-client-ip: 217.114.215.132
x-real-ip: 217.114.215.132
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-reboot.css
assets.almosafer.com/css/ 5 KB
2 KB 137ms
48ms Stylesheet
text/css 2606:4700::6813:d04a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.almosafer.com/css/bootstrap-reboot.css

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d04a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff2711ac074766d0f5f2fc844058c3443121d24cff1c6c55e2143ae7c50b257a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"2009a327a433d376395fa327c9eb3d99"
age: 871336
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: text/css
last-modified: Thu, 09 Jun 2022 11:56:05 GMT
vary: Accept-Encoding
x-amz-id-2: OkEh6KjEu0OE5PC1X2+xLoFoTQTgCQGaQZ3kBSMBh5Z8V+GpuVb2pQmBzpYsBJrBy+e+ixF4XoM=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=432000
x-amz-request-id: PQRGRV2DKT140HAG
cf-ray: 8e4012db6aab1e33-FRA
server: cloudflare

GET
H2 200 bootstrap-grid.css
assets.almosafer.com/css/ 37 KB
4 KB 136ms
48ms Stylesheet
text/css 2606:4700::6813:d04a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.almosafer.com/css/bootstrap-grid.css

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d04a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

712cd40cf73ca483fb7fb2b4652d6f6fc8bb13f787d7b4205219e8d36531d2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"ff2874cf2b810904a86e75fb662dddf9"
age: 871647
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: text/css
last-modified: Thu, 09 Jun 2022 11:56:12 GMT
vary: Accept-Encoding
x-amz-id-2: 0H6SSmq3uqrF2NbbrfhGvHdeDrBAh2Oj0Aq9ipXToi+WiX4d49LQ4DvVj6aj3VCkkWPD2aobhdw=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=432000
x-amz-request-id: PQRQNF03H2A1NB5Y
cf-ray: 8e4012db6aae1e33-FRA
server: cloudflare

GET
H2 200 open-sans.css
assets.almosafer.com/css/ 14 KB
1 KB 135ms
47ms Stylesheet
text/css 2606:4700::6813:d04a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.almosafer.com/css/open-sans.css

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d04a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23edcb0b1e30fbc40951906e1000635dacf3db3f0ca0f37ae09fbedee510d2e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"37026351996d5d83b86b40ff654c7ab5"
age: 871824
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: text/css
last-modified: Fri, 10 Jun 2022 08:12:46 GMT
vary: Accept-Encoding
x-amz-id-2: XAKXcgg+wDIJdxLb04j2bGF2WTHhMNdcZcgDOMU6ydefvl1sfIbHO6fnoeUHXJuNf25IdEwZPqk=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=432000
x-amz-request-id: VJ4HYV37Z21MDEET
cf-ray: 8e4012db6aad1e33-FRA
server: cloudflare

GET
H2 200 tajawal.css
assets.almosafer.com/css/ 2 KB
991 B 131ms
44ms Stylesheet
text/css 2606:4700::6813:d04a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.almosafer.com/css/tajawal.css

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:d04a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e276dbb1f3984400e421100be79917f2f8cdc3e16e7d93915fdc6cd18a28bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"640829689484b3aa84e1c4a1c0f33eb5"
age: 871590
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: text/css
last-modified: Thu, 09 Jun 2022 11:56:08 GMT
vary: Accept-Encoding
x-amz-id-2: 7tzNkYWK8C3JIGzF4VYMwg627Pu+coGpjuEjdCFSm+qT+GfwLnAJl3PGQt1lOFw5rNIYySvUprM=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=432000
x-amz-request-id: P63VC2MWA5MNCDZE
cf-ray: 8e4012db6aac1e33-FRA
server: cloudflare

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 90ms
37ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LfUlQsbAAAAAGkJnKD62Zdu2m3WdJE0_k2qqO4i

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81d04e7473d92b7d53a4aea1a8429ce64ede1b3c85daf6af012d2d454837dfa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 13:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 17 Nov 2024 13:30:08 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 84ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43fc587d4c7860e824a47a42fc2b758455429aaf36b6eeb270d7cfb6a8975c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 13:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 17 Nov 2024 12:36:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 webpack-8490e651f0272c85.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 8 KB
4 KB 71ms
69ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/webpack-8490e651f0272c85.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f8de4edd8c4649f770f2a0c697c88ed5b9e91152c855934a6c257ab14a7de6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1e67-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 161.8.91.214
cache-control: public, max-age=31536000
x-geoip-country: Oman
x-envoy-upstream-service-time: 12
x-geoip-country-code: OM
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc69ebd2e3-FRA
x-geoip-city: Muscat
x-geoip-region: Muscat
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 framework-eeba1b405d308ec4.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 128 KB
42 KB 85ms
78ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/framework-eeba1b405d308ec4.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

794817ce5f63fb881869fa4efd4f416515eb84d8846f3309ca963a94a0e44814

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1ff08-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 161.8.91.214
cache-control: public, max-age=31536000
x-geoip-country: Oman
x-envoy-upstream-service-time: 8
x-geoip-country-code: OM
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a2cd2e3-FRA
x-geoip-city: Muscat
x-geoip-region: Muscat
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 main-1931ed2171f1755d.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 234 KB
72 KB 76ms
69ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/main-1931ed2171f1755d.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8435ab6aa57efeab26d39224208da870f5d0b74706e473780717433a3e971a26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3a9f2-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 161.8.91.214
cache-control: public, max-age=31536000
x-geoip-country: Oman
x-envoy-upstream-service-time: 6
x-geoip-country-code: OM
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a31d2e3-FRA
x-geoip-city: Muscat
x-geoip-region: Muscat
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _app-613f62e27c6f9fb3.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/pages/ 3 MB
833 KB 79ms
73ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/pages/_app-613f62e27c6f9fb3.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3333c44c2e10f7a9f2b8cfa08c2248f19578511f967873825195084321074a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3760c2-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 161.8.91.214
cache-control: public, max-age=31536000
x-geoip-country: Oman
x-envoy-upstream-service-time: 17
x-geoip-country-code: OM
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a33d2e3-FRA
x-geoip-city: Muscat
x-geoip-region: Muscat
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 29107295-94d9bd483f026e01.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 70 KB
24 KB 98ms
92ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/29107295-94d9bd483f026e01.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce1608a2c32dc25c86f25bf03d8b7aa867350d4b656282d237721da26af8c937

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"116ad-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 37.239.16.14
cache-control: public, max-age=31536000
x-geoip-country: Iraq
x-envoy-upstream-service-time: 9
x-geoip-country-code: IQ
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a36d2e3-FRA
x-geoip-city: Baghdad
x-geoip-region: Baghdad
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 9572-8eb84334f3163908.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 18 KB
6 KB 129ms
123ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/9572-8eb84334f3163908.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb0bd3860759ba927b8e868df3e6679d8fadd21b5975ac9ba00da5798afae6a6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4713-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 9
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a38d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 3677-92ad8e3f1280f5a9.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 13 KB
5 KB 84ms
78ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/3677-92ad8e3f1280f5a9.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5faba25136fdc5c7c932092441e43b9149dd672b2a6fc9181ba80a084ef80e60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"32e4-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 161.8.91.214
cache-control: public, max-age=31536000
x-geoip-country: Oman
x-envoy-upstream-service-time: 15
x-geoip-country-code: OM
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a3cd2e3-FRA
x-geoip-city: Muscat
x-geoip-region: Muscat
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 8820-d8571a49727607b5.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 29 KB
11 KB 83ms
77ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/8820-d8571a49727607b5.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc85b8b22c119f5741bf94feacc6c62702e6d2c63fd27c03fb7281172967aaa9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"741d-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 14
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a41d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 2011-e764153d7a8957df.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 80 KB
27 KB 120ms
114ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/2011-e764153d7a8957df.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

579a5d32e8e65a55457c112f9211f67c5510a39d5f8b326043f93ff435321e72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"13ee6-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 7
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a43d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 6277-a6637c0ff239eb3a.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 30 KB
11 KB 163ms
157ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/6277-a6637c0ff239eb3a.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e23096588a7ba4b82a6e68b6e4984d85bb2415cf2ae9ba48a5036cf2176bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"779a-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 12
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc7a45d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 96-ae90b551716713d4.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 16 KB
6 KB 126ms
121ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/96-ae90b551716713d4.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

775c9180de5186f3e7cc0c71a14a0e43745ba69e32fb0d73305011f5bdafc8db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3f6b-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 11
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a69d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 7681-0121feeecca2271d.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 75 KB
17 KB 125ms
120ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/7681-0121feeecca2271d.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a8da80d1062389db08f11c07d41d113292a3818f8e09bb46ecec65b549d7b1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12c48-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 37.239.16.14
cache-control: public, max-age=31536000
x-geoip-country: Iraq
x-envoy-upstream-service-time: 10
x-geoip-country-code: IQ
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a6ad2e3-FRA
x-geoip-city: Baghdad
x-geoip-region: Baghdad
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 8829-f2f0423e975201c4.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 23 KB
8 KB 122ms
117ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/8829-f2f0423e975201c4.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e186a9933e18c3f4c7c96cc8f4468b82415ff57322440975f638079c7e25de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5b35-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 9
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a6dd2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 4258-43a3c533b81f53a2.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 21 KB
5 KB 123ms
118ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/4258-43a3c533b81f53a2.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c57044e48c07d8ae0055b6a83d4070f87d18948ef8fa4734152e1e4d5b04f04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5523-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 5
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a6ed2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 6253-88bf5d57bb06febe.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 10 KB
4 KB 126ms
121ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/6253-88bf5d57bb06febe.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7346ea97307dcdc090f634286d2045dbda62dc55c6f59781a4d9089ccf5bb97

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2626-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 10
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a73d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 888-13c8e83906f9a1f6.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 11 KB
4 KB 135ms
131ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/888-13c8e83906f9a1f6.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2edaf0e6444c03e7119728fba41747d071b3c10858ae4d0361e6a6b771db988e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2a9b-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 5
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a75d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 8354-e9aa1d999f5750e8.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 12 KB
4 KB 122ms
118ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/8354-e9aa1d999f5750e8.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ea2c28da7f21f5aa59c0c7e0010396d075e4e3da3ff84a72f404a8db320a23f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"317d-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 4
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a76d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 4049-b1a36e253f92c008.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 32 KB
9 KB 160ms
157ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/4049-b1a36e253f92c008.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56e84fec079632a7adb31be50e9c22f1727325bf0424142aef7b67f956c032b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"7fa5-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 332
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a79d2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 4314-5e4e441e28508a83.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 13 KB
4 KB 126ms
122ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/4314-5e4e441e28508a83.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5020693a9ebe6744184fba7f7de8e6700cfc79c0627d92952112e1fa0cfbd2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"33e6-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.33.250.50
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 8
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a7bd2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 payment-request-23301c44267c45c0.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/pages/ 63 KB
22 KB 123ms
120ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/pages/payment-request-23301c44267c45c0.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e993df03deb1676f850b402d63a272a65b0c1452b829c7c408d7c7b10e8ba483

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"fdb1-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 29
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a7cd2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _buildManifest.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/a_PELcLNRIi2Pd-fX5Y7D/ 4 KB
2 KB 127ms
124ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/a_PELcLNRIi2Pd-fX5Y7D/_buildManifest.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e53c1f2608a655c0f48e6a32ac58745b14af168164ec159c09ed6c88e65bc84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1020-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.33.250.50
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 9
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a7dd2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _ssgManifest.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/a_PELcLNRIi2Pd-fX5Y7D/ 77 B
380 B 121ms
118ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/a_PELcLNRIi2Pd-fX5Y7D/_ssgManifest.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"4d-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 14
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a7ed2e3-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 _middlewareManifest.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/a_PELcLNRIi2Pd-fX5Y7D/ 92 B
429 B 120ms
117ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/a_PELcLNRIi2Pd-fX5Y7D/_middlewareManifest.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"5c-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:08 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 46.40.246.137
cache-control: public, max-age=31536000
x-geoip-country: Oman
x-envoy-upstream-service-time: 8
x-geoip-country-code: OM
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012dc8a81d2e3-FRA
x-geoip-city: Muscat
x-geoip-region: Muscat
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 56ms
23ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LfUlQsbAAAAAGkJnKD62Zdu2m3WdJE0_k2qqO4i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://om.almosafer.com
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
age: 50827
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 23:23:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 16 Nov 2024 23:23:01 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

GET
H2 200 almosafer-re-ar-white.svg
tjwlcdn.com/next/images/ 2 KB
1 KB 131ms
70ms Image
image/svg+xml 104.18.6.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tjwlcdn.com/next/images/almosafer-re-ar-white.svg
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f3ec8a802543bd6dd69994c55b97cda495d129455bb9661d0f5d9ae8d61afa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"ffc958c007478408102682fa976a2a7c"
age: 5053
x-amz-request-id: JR1QA6Q3X3X01Y3P
expires: Sun, 17 Nov 2024 17:30:08 GMT
cf-ray: 8e4012dcdeee3a8e-FRA
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2019 12:11:17 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: na0mCkRcz9coqMEDblRJMPsnoqxvIBiLxvdFbQSL3lWg0fZmeOIkf+ydUjU4njFbSMFIANkjnxzkqTAqjxe3LJfdBcwSwIr9

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v29/ 39 KB
39 KB 69ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: assets.almosafer.com
URL: https://assets.almosafer.com/css/open-sans.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9edf922182d605a48239fee4eddab22abc367aa35aec6e4a60ce62a21e3e4dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://om.almosafer.com
Referer: https://assets.almosafer.com/

Response headers

age: 338100
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:35:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:35:08 GMT
last-modified: Wed, 11 May 2022 19:25:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39536
x-xss-protection: 0
server: sffe

GET
H2 200 NotoNaskhArabic-Bold.woff2
tjwlcdn.com/next/fonts/ 53 KB
53 KB 82ms
30ms Font
binary/octet-stream 104.18.6.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjwlcdn.com/next/fonts/NotoNaskhArabic-Bold.woff2
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab268a5118de4b05766654f4bbac9f01ea4d3dfded907e3e4a2ac9720d30570

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://om.almosafer.com
Referer: https://om.almosafer.com/

Response headers

cf-cache-status: HIT
etag: "0b90b60f241a14ef9a70df659cb59282"
x-amz-version-id: null
age: 1065
access-control-allow-methods: GET
expires: Sun, 17 Nov 2024 17:30:08 GMT
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: binary/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 05 Mar 2019 13:34:25 GMT
x-amz-id-2: iZdrPbmsCVKvbthHAmcTphppRhZW9D4T0+id6EI2USqd4Xy6wMoHz/Ao0yJJX08X95zIoEst+FqE0OcxO/qtPA==
cache-control: public, max-age=14400
x-amz-request-id: PKXC5SA6V89RAH5S
cf-ray: 8e4012dcde20dcc4-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54032
server: cloudflare

GET
H2 200 NotoNaskhArabic.woff2
tjwlcdn.com/next/fonts/ 53 KB
53 KB 176ms
125ms Font
binary/octet-stream 104.18.6.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tjwlcdn.com/next/fonts/NotoNaskhArabic.woff2
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e683c70db983f0fdc891a8a62a0f9f6ac979030cd6f340b4450b13dbbaed9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://om.almosafer.com
Referer: https://om.almosafer.com/

Response headers

cf-cache-status: REVALIDATED
etag: "47f348fe28d42b904eb979a4086307a6"
x-amz-version-id: null
access-control-allow-methods: GET
expires: Sun, 17 Nov 2024 17:30:08 GMT
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: binary/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 05 Mar 2019 13:34:26 GMT
x-amz-id-2: wqufiEIidwpOAEe6GSaU6Imz38biyoeUQq/V4sNwmU4fH0vvQGiviKX8ZzBnLdoe7UfOEECVLzM=
cache-control: public, max-age=14400
x-amz-request-id: TKA9TBF084JF35AH
cf-ray: 8e4012dcde23dcc4-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53780
server: cloudflare

GET
H2 200 almosafer-motiva.svg
tjwlcdn.com/next/images/ 575 B
918 B 117ms
69ms Image
image/svg+xml 104.18.6.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tjwlcdn.com/next/images/almosafer-motiva.svg?nc
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47026c2924e6e9359975bbed4f47aaba36fae5ed462740374ac65fe25dd958f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: null
etag: W/"cad3701c9586f50be0b5c8ab28db0ed2"
age: 5732
x-amz-request-id: 713PJ0H47TF4172G
expires: Sun, 17 Nov 2024 17:30:08 GMT
cf-ray: 8e4012dcdef23a8e-FRA
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: image/svg+xml
last-modified: Sat, 20 Apr 2019 19:10:32 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: /cTrWL8WJtqG6QsfzXMAypJVZP+av7ypaXAWYn7NAyu8hNT5wBw/78CuuedCqag9sQI03go1Sjo=

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v4/ 150 KB
50 KB 104ms
29ms Script
application/javascript 13.33.219.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.219.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-219-205.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

vary: accept-encoding
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
content-encoding: gzip
etag: W/"2630b3d7ad4a41fac67742216e506d83"
age: 18
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: OvxtWs4rCs4Zfdfd2vmFb8wTXMMI1tBdonuxRWzsyZkKDMnOXVV6TQ==
date: Sun, 17 Nov 2024 13:29:52 GMT
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 09:24:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 95ms
42ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://om.almosafer.com
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e4012dd2f4330e2-FRA
access-control-allow-origin: *
date: Sun, 17 Nov 2024 13:30:08 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 9419 0
0 76ms
48ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfUlQsbAAAAAGkJnKD62Zdu2m3WdJE0_k2qqO4i&co=aHR0cHM6Ly9vbS5hbG1vc2FmZXIuY29tOjQ0Mw..&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=o6tzqjrqjfs8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GFPObdDBepzXjgRsYd6mrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GFPObdDBepzXjgRsYd6mrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Nov 2024 13:30:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 55fdcfe5-6024-4451-b02b-f9bebb4eabe2
sdk.split.io/api/mySegments/ Frame 0
0 193ms
39ms Preflight 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/55fdcfe5-6024-4451-b02b-f9bebb4eabe2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://om.almosafer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://om.almosafer.com
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Sun, 17 Nov 2024 13:30:09 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-cph2320048-CPH
x-timer: S1731850210.766515,VS0,VE0

GET
H2 200 55fdcfe5-6024-4451-b02b-f9bebb4eabe2 Show response
sdk.split.io/api/mySegments/ 17 B
263 B 144ms
141ms Fetch
application/json 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/55fdcfe5-6024-4451-b02b-f9bebb4eabe2

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Authorization: Bearer 5n0qb9eq2eqvouhnjud1r4k3004h6ufaa4o4
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
SplitSDKVersion: javascript-10.24.1

Response headers

access-control-expose-headers: Access-Control-Allow-Origin,X-Request-Id
content-encoding: gzip
etag: "1000002"
age: 0
x-cache: MISS, MISS
trace: cache-iad-kiad7000069-IAD-f25546bb-8a5b-4995-b094-6bc526e54759; cache-cph2320048-CPH-79ef3153-f7b8-4f9b-bf78-d7857bb7638d
date: Sun, 17 Nov 2024 13:30:09 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-iad-kiad7000069-IAD, cache-cph2320048-CPH
x-cache-hits: 0, 0
vary: Accept-Encoding, Origin, Authorization
strict-transport-security: max-age=15770000; includeSubdomains
cache-control: no-transform, max-age=60, s-maxage=60
x-timer: S1731850210.816495,VS0,VE106
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41

GET
H3 200 9660.aec575cbe0b09488.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 13 KB
5 KB 124ms
123ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/9660.aec575cbe0b09488.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/webpack-8490e651f0272c85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

538ebdf07d591f0d6e2aa69f00fa706aedc4068f93cb807238e32291ccfd96f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"32b5-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:09 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:09 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 37.239.16.14
cache-control: public, max-age=31536000
x-geoip-country: Iraq
x-envoy-upstream-service-time: 8
x-geoip-country-code: IQ
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012e2aceadcd1-FRA
x-geoip-city: Baghdad
x-geoip-region: Baghdad
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 PaymentRequestSidebarContainer.3b422f6bc5a36274.js Show response
om.almosafer.com/assets/desktop-payment/_next/static/chunks/ 18 KB
7 KB 118ms
117ms Script
application/javascript 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/PaymentRequestSidebarContainer.3b422f6bc5a36274.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/assets/desktop-payment/_next/static/chunks/webpack-8490e651f0272c85.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0586472de4b2eb54b547389a3c3d67f4d69b251df0afff8d23c0baf5df036f68

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"47ac-192e16cfc08"
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:30:09 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:09 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 07:14:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 41.65.53.227
cache-control: public, max-age=31536000
x-geoip-country: Egypt
x-envoy-upstream-service-time: 6
x-geoip-country-code: EG
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012e2acebdcd1-FRA
x-geoip-city: Giza
x-geoip-region: Giza
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 21 KB
2 KB 39ms
35ms Fetch
application/json 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a0e538f1ba41c8c27a26356ce5d7750948d6f062d3ae0d5f2283d3e9e8389677

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Authorization: Bearer 5n0qb9eq2eqvouhnjud1r4k3004h6ufaa4o4
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
SplitSDKVersion: javascript-10.24.1

Response headers

access-control-expose-headers: Access-Control-Allow-Origin,X-Request-Id
content-encoding: gzip
etag: "1730285622455"
age: 94816
x-cache: HIT, HIT
trace: cache-iad-kiad7000171-IAD-85b8f258-08b4-4843-b15d-135c90157c75; cache-cph2320038-CPH-b2b50617-d97f-4573-9519-6806068d77eb
date: Sun, 17 Nov 2024 13:30:09 GMT
content-type: application/json; charset=utf-8
last-modified: Wed, 30 Oct 2024 10:53:42 GMT
x-served-by: cache-iad-kiad7000171-IAD, cache-cph2320048-CPH
x-cache-hits: 130, 0
vary: Accept-Encoding, Origin, Authorization
strict-transport-security: max-age=15770000; includeSubdomains
cache-control: no-transform, max-age=60, s-maxage=60
x-timer: S1731850210.816511,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2033

GET
H3 200 list Show response
om.almosafer.com/api/system/currency/ 3 KB
2 KB 60ms
59ms XHR
application/json 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/api/system/currency/list

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1374318f9f268da23f622c2b3924db472de534f7a426cf9f4967f915d24ad7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-platform: web
x-bt: next
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
x-app-name: ct-web-pament-desktop
x-authorization: Bearer ANHz0NGQ60GcoaV2sZ&PJ5B
x-currency: OMR
x-tz: Europe/Berlin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript
x-locale: ar

Response headers

x-adebug-x-currency: SAR
content-encoding: gzip
cf-cache-status: HIT
age: 31509
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-type: application/json
last-modified: Sat, 16 Nov 2024 11:23:28 GMT
x-real-ip: 34.248.195.178
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 42
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
x-geoip-city: Dublin
x-geoip-region: Leinster
x-xss-protection: 1; mode=block
server: cloudflare
x-adebug-port: 80
x-real-client-ip: 217.114.215.132
x-env-type: prod
access-control-allow-methods: HEAD, GET, POST, OPTIONS, PUT, DELETE
expires: Mon, 18 Nov 2024 13:30:09 GMT
x-adebug-ruri: /api/system/currency/list
date: Sun, 17 Nov 2024 13:30:09 GMT
x-adebug-host: om.almosafer.com
vary: Accept-Encoding
x-aus: 127.0.0.1:9002
access-control-allow-headers
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-adebug-x-locale: en
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-geoip-country: Ireland
x-aruntime: 0.040
x-geoip-country-code: IE
x-alimit-rpath: /api/system/currency/list
cf-ray: 8e4012e2fd87dcd1-FRA
access-control-allow-origin: om.almosafer.com
x-is-bot-api: 0

GET
H3 200 6739ef0fd01b132818465108 Show response
om.almosafer.com/api/hub/payment-requests/detail-to-process/ 1 KB
2 KB 168ms
168ms XHR
application/json 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/api/hub/payment-requests/detail-to-process/6739ef0fd01b132818465108?paymentMethod=checkoutcom

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c7152962a016bac7802e330cbd5a6568db53c48cfde3a31a46d299700d0c7b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-platform: web
x-bt: next
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
x-app-name: ct-web-pament-desktop
x-authorization: Bearer ANHz0NGQ60GcoaV2sZ&PJ5B
x-currency: OMR
x-tz: Europe/Berlin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript
x-locale: ar

Response headers

x-encoded-content-encoding: gzip
x-adebug-x-currency: OMR, OMR
content-encoding: gzip
cf-cache-status: DYNAMIC
x-adebug-c-currency: OMR
x-content-type-options: nosniff
x-adebug-c-language: ar
alt-svc: h3=":443"; ma=86400
content-type: application/json
x-real-ip: 217.114.215.132
cache-control: no-cache, private
x-envoy-upstream-service-time: 90
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
x-geoip-city: Eppstein
x-geoip-region: Hesse
x-xss-protection: 1; mode=block
server: cloudflare
x-adebug-port: 80, 80
x-real-client-ip: 217.114.215.132
x-env-type: prod
access-control-allow-methods: HEAD, GET, POST, OPTIONS, PUT, DELETE
x-adebug-ruri: /payment-requests/detail-to-process/6739ef0fd01b132818465108?paymentMethod=checkoutcom, /api/hub/payment-requests/detail-to-process/6739ef0fd01b132818465108?paymentMethod=checkoutcom
date: Sun, 17 Nov 2024 13:30:09 GMT
x-adebug-host: hub-api.hub.svc.cluster.local, om.almosafer.com
vary: Accept-Encoding,Accept-Encoding
x-aus: 127.0.0.1:9002, 127.0.0.1:9002
access-control-allow-headers
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-adebug-x-locale: ar, ar
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-geoip-country: Germany
x-aruntime: 0.032, 0.088
x-geoip-country-code: DE
x-alimit-rpath: /payment-requests/detail-to-process/6739ef0fd01b132818465108, /api/hub/payment-requests/detail-to-process/6739ef0fd01b132818465108
cf-ray: 8e4012e2fd8adcd1-FRA
access-control-allow-origin: om.almosafer.com
x-is-bot-api: 0, 0

POST
H2 200 log Show response
www.almosafer.com/datadog/ 2 B
328 B 134ms
59ms XHR
text/plain 104.17.61.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.almosafer.com/datadog/log

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.61.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

access-control-max-age: 1728000
cf-cache-status: DYNAMIC
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-real-client-ip: 217.114.215.132
x-env-type: prod
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: content-type, x-locale, x-bt, x-tz, x-currency, x-referrer, x-app-name, token, authorization, meta-reference
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 217.114.215.132
x-geoip-country: Germany
x-geoip-country-code: DE
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012e5bc892c1e-FRA
access-control-allow-origin: https://om.almosafer.com
content-length: 2
x-geoip-city: Eppstein
x-xss-protection: 1; mode=block
x-geoip-region: Hesse
server: cloudflare

GET
H3

200

main.js Show response
om.almosafer.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame B987
Redirect Chain

https://om.almosafer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://om.almosafer.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

30ms
30ms

Script
application/javascript

104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03bad15c5776988e09c6737ee13b24308515da5f034584fed3ec62055f3d0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8e4012e37e98dcd1-FRA
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
x-content-type-options: nosniff
cf-ray: 8e4012e30da7dcd1-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 17 Nov 2024 13:30:09 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ Frame 0
0 48ms
38ms Preflight 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://om.almosafer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://om.almosafer.com
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Sun, 17 Nov 2024 13:30:09 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-cph2320048-CPH
x-timer: S1731850210.766028,VS0,VE0

OPTIONS
H2 204 log
www.almosafer.com/datadog/ Frame 0
0 409ms
332ms Preflight 104.17.61.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.almosafer.com/datadog/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.61.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://om.almosafer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-locale, x-bt, x-tz, x-currency, x-referrer, x-app-name, token, authorization, meta-reference
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://om.almosafer.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e4012e36ae42c1e-FRA
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
date: Sun, 17 Nov 2024 13:30:10 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-env-type: prod
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
x-envoy-upstream-service-time: 0
x-geoip-city: Eppstein
x-geoip-country: Germany
x-geoip-country-code: DE
x-geoip-region: Hesse
x-real-client-ip: 217.114.215.132
x-real-ip: 217.114.215.132
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK auth
auth.split.io/api/v2/ Frame 0
0 571ms
125ms Preflight
application/json 44.197.221.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?users=55fdcfe5-6024-4451-b02b-f9bebb4eabe2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.197.221.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-197-221-236.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15770000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://om.almosafer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://om.almosafer.com
Connection: keep-alive
Content-Length: 4
Content-Type: application/json; charset=utf-8
Date: Sun, 17 Nov 2024 13:30:10 GMT
Strict-Transport-Security: max-age=15770000; includeSubDomains
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only

GET
H/1.1 200
OK auth Show response
auth.split.io/api/v2/ 696 B
1 KB 128ms
124ms Fetch
application/json 44.197.221.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?users=55fdcfe5-6024-4451-b02b-f9bebb4eabe2

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.197.221.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-197-221-236.compute-1.amazonaws.com

Software

Resource Hash

35599d12c272c8ae277a8e361f40aaa205bf92db7981e44ed240f93b97dfcf8e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15770000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Authorization: Bearer 5n0qb9eq2eqvouhnjud1r4k3004h6ufaa4o4
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
SplitSDKVersion: javascript-10.24.1

Response headers

x-frame-options: DENY
Strict-Transport-Security: max-age=15770000; includeSubDomains
content-security-policy: frame-ancestors 'self'
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
Access-Control-Allow-Origin: https://om.almosafer.com
Content-Length: 696
Date: Sun, 17 Nov 2024 13:30:10 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion

GET
DATA 200
OK truncated
/ 729 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28abed6f77e6b09080782f845d33ff2e32aa6d153f3522061a73042b47e50814

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 758 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1ab11a134a19ab1193f8d1e4e40c7b5cf387fa0b69dcfbdacd3ac12c1836624

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H3 200 8e4012cd9e4cd2e3 Show response
om.almosafer.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B987 0
703 B 61ms
42ms XHR
text/plain 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e4012cd9e4cd2e3

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 8e4012e4c988dcd1-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

POST
H3 204 rum Show response
om.almosafer.com/cdn-cgi/ 0
141 B 38ms
30ms XHR
text/plain 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/cdn-cgi/rum?

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e4012e4e9bddcd1-FRA
access-control-allow-origin: https://om.almosafer.com
date: Sun, 17 Nov 2024 13:30:10 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 665 KB
153 KB 192ms
99ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ed44440a6fe857f3da312ba98b33e0e165eb4b0f38569e80785c67ddf01e1fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 17 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 155508
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 favicon.ico
om.almosafer.com/_next/static/almosafer-favicon/ 33 KB
3 KB 49ms
46ms Other
image/x-icon 104.17.62.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://om.almosafer.com/_next/static/almosafer-favicon/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.62.7 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

778e9d4cb080128b906951e94507022aa23d5a04b464c48c6670f699ed436c35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"821e-1929515dcf8"
age: 536815
x-real-client-ip: 217.114.215.132
x-env-type: prod
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: image/x-icon
last-modified: Wed, 16 Oct 2024 11:28:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
x-real-ip: 37.239.16.14
cache-control: public, max-age=432000
x-geoip-country: Iraq
x-envoy-upstream-service-time: 14
x-geoip-country-code: IQ
referrer-policy: no-referrer-when-downgrade
x-envoy-decorator-operation: ingress-nginx-web.ingress-nginx-web.svc.cluster.local:80/*
cf-ray: 8e4012e50a3ddcd1-FRA
x-geoip-city: Baghdad
x-geoip-region: Baghdad
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 inspector-v1.min.js Show response
cdn.avo.app/inspector/ 24 KB
25 KB 121ms
18ms Script
application/x-javascript 35.186.235.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avo.app/inspector/inspector-v1.min.js
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01c93337b9fa092c42c645ebae7f067d72b5a40ca31326b52c0c5e5b517e5c32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=Mk1qng==, md5=Ui7uCUs54k3bU991W25gFQ==
etag: "522eee094b39e24ddb53df755b6e6015"
age: 2630
x-goog-stored-content-encoding: identity
expires: Sun, 17 Nov 2024 13:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 24943
date: Sun, 17 Nov 2024 12:46:20 GMT
last-modified: Thu, 11 Nov 2021 17:05:48 GMT
content-type: application/x-javascript
x-guploader-uploadid: AFiumC6Jb9KZaXUygcrjrdC5pgLisUcCBC3-j4v8z9w4s_JnpzqpKSL_5zcLWwwImASjMh63eR4
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1636650347972139
content-length: 24943
server: UploadServer

GET
H2 200 moe_webSdk.min.latest.js Show response
cdn.moengage.com/webpush/ 253 KB
69 KB 128ms
23ms Script
application/javascript 18.172.112.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9507f26d5914a59c60c9976e6852011e89a8729b243806ef4eb297d989df9e87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

vary: accept-encoding
cache-control: max-age=1209600
content-encoding: gzip
etag: W/"8fba31eb91391593f7d9baf2835d9894"
age: 191629
via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: HHnNMoE3b6c_1U7FQDofZWEZ61OLu_bxw0UL6jqeD0EpQbuXm9ch8g==
date: Fri, 15 Nov 2024 08:16:22 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 08:16:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 375 KB
123 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJF2ZPHK2H&l=dataLayer&cx=c&gtm=45He4bc0v76194323za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb794fd410fe3426e4bd61836d3855ce83631e355412e8be49465186933a99e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 17 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 125181
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 51ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-863870751&l=dataLayer&cx=c&gtm=45He4bc0v76194323za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbd96446aab8811d0c731cbbea6e193db54c9ad280bb13456ae4fd19a6e1d7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 17 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93701
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 34ms
29ms Ping
text/plain 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108&scrsrc=www.googletagmanager.com&frm=0&rnd=1125875826.1731850211&auid=675426050.1731850211&npa=1&gtm=45He4bc0v76194323za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&tft=1731850210611&tfd=4343&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 140ms
48ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1CF5E797A0EC4E5884B20BF6D2FE7046 Ref B: FRA31EDGE0706 Ref C: 2024-11-17T13:30:10Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 284 KB
97 KB 45ms
40ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-856860075&l=dataLayer&cx=c&gtm=45He4bc0v76194323za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6d8198ca3e41384fc28f82c8dd00902e2ee42a62a7ccde74014fae4288ff221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 17 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99757
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 51ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ZMhznngz' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ZMhznngz' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: gGxiYBU7TXYnhiZv1fVJHoX6kM3TWn0ZQB2H4L4tLLVc/aUkj15wa0W+vHNWjzs+nxNSpDSQPdhRf5tEhbjktw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62152
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 320 KB
102 KB 44ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NN9JBFB&l=dataLayer&gtm=45He4bc0v76194323za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa0057dfb8662f0c92643f9577938de523897da162c501f6a0172c22c63f2779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 17 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104480
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 179ms
49ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB Yahoo-U...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

Software

ATS /

Resource Hash

aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
etag: "bc033c3a83e1880e480086bf11ac0b0a-df"
x-amz-version-id: JRuD6BVFDpXh1T7iUrCVWNpcX_ACBwVG
age: 984
date: Sun, 17 Nov 2024 13:13:47 GMT
last-modified: Wed, 28 Aug 2024 12:33:10 GMT
vary: Origin, Accept-Encoding
x-amz-expiration: expiry-date="Fri, 03 Oct 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
content-type: application/javascript
x-amz-id-2: oIUTfPdGIeUjpTpD4X4seZGppVw/3Qr31uTEsiFPDF8fJ9UEjRIwC5CoE0I6w4tnQM/cQOqbZGI=
strict-transport-security: max-age=31536000
cache-control: public,max-age=3600
ats-carp-promotion: 1, 1
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: HCG2AE0TEFE15BC6
accept-ranges: bytes
content-length: 6826
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 75 KB
23 KB 106ms
29ms Script
text/javascript 108.138.26.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f573a4455cb8b51c25cca70d5af890f7066cedcc4e0e33fcd6ac16b5011c527

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: max-age=300
content-encoding: gzip
x-amz-version-id: AGq6Poob6gQJv4Tp3nLOGDPqWCYEgA7D
etag: "f407dd02e840fff43fcf050d28076e4e"
age: 29
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 23533
x-amz-cf-id: kZ-79oy-prZQphOh7LgOzMgRQwU0hwSaz8pzHgUpmSRkD8naWBbBgA==
date: Sun, 17 Nov 2024 13:29:41 GMT
content-type: text/javascript
last-modified: Mon, 11 Nov 2024 23:05:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 217ms
140ms Script
application/javascript 2.16.206.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C64DIMJ6V74IVQ8ULJV0&lib=ttq
Requested by: Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.206.219 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-206-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 509fc08cf1e15eb03028c2b490eee6ae196ff914fa3f63d07f61579d054ef684

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
expires: Sun, 17 Nov 2024 13:30:10 GMT
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=107
x-cache: TCP_MISS from a2-16-205-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 44adf813
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772d2c6620dc5080e7883fdf1431bed9937f531623a4c5496822d9ab90282434dc00b553e2d53f42f584042c9a03c8deef815cf9c30033fa2621a93dde7d54d99a6cc23da6d6b659d606026046cc0dce959b
x-origin-response-time: 107,2.16.205.211
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241117133010EF5416FFE2F1712B03C5-2F38C63D5B8F6E81-00
content-length: 2478
x-tt-logid: 20241117133010EF5416FFE2F1712B03C5
server: nginx

GET
H/1.1 200
OK dtm.js Show response
dtm-dre.platform.hicloud.com/download/web/ 53 KB
54 KB 194ms
69ms Script
application/javascript 80.158.18.121
AS6878 T-Systems ...

General

Check archive.org

Show headers Download Go to

Full URL

https://dtm-dre.platform.hicloud.com/download/web/dtm.js?id=DTM-ac1262027c6e10a2817cc06442e74a12

Requested by

Host: om.almosafer.com
URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

80.158.18.121 , Germany, ASN6878 (AS6878 T-Systems International GmbH, DE),

Reverse DNS

ecs-80-158-18-121.reverse.open-telekom-cloud.com

Software

elb /

Resource Hash

7e50762892e97ea4638c86302b07e50d15dc157b9fbd3389320faf398f89d197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: private,max-age=900
Connection: keep-alive
X-Content-Type-Options: nosniff
Date: Sun, 17 Nov 2024 13:30:10 GMT
X-XSS-Protection: 1; mode=block
Content-Type: application/javascript; charset=utf-8
Content-Disposition: inline
Server: elb
X-frame-options: SAMEORIGIN

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame C524 0
0 76ms
21ms Document
text/html 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fom.almosafer.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5B3XK6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 22052
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Nov 2024 07:22:38 GMT
expires: Mon, 17 Nov 2025 07:22:38 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-LJF2ZPHK2H&gtm=45je4bc0v869656588z876194323za200zb76194323&_p=1731850210065&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=1019...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1714153972.1731850211&dbk=10338483453953627838&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4bc0v869656588z876194323z...

0
264 B

34ms
31ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1714153972.1731850211&dbk=10338483453953627838&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4bc0v869656588z876194323za200zb76194323&npa=1&tid=G-LJF2ZPHK2H&dl=https%3A%2F%2Fom.almosafer.com%3F
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1714153972.1731850211&dbk=10338483453953627838&dma=1&dma_cps=syphamo&en=page_view&gtm=45je4bc0v869656588z876194323za200zb76194323&npa=1&tid=G-LJF2ZPHK2H&dl=https%3A%2F%2Fom.almosafer.com%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 274ms
34ms Ping
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LJF2ZPHK2H&cid=1714153972.1731850211&gtm=45je4bc0v869656588z876194323za200zb76194323&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJF2ZPHK2H&l=dataLayer&cx=c&gtm=45He4bc0v76194323za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://om.almosafer.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 103ms
58ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LJF2ZPHK2H&cid=1714153972.1731850211&gtm=45je4bc0v869656588z876194323za200zb76194323&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1978280335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 13:30:10 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 websdksettings Show response
sdk-02.moengage.com/v2/ 3 KB
1 KB 231ms
36ms XHR
application/json 2600:9000:275d:4000:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v2/websdksettings?app_id=E3NUSDR2ZJ42WJE8N3IMTIZG
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4000:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ea8c1faecc864a7f4c7d53ecd639289c78276f5988f94dfdec667befecc85d24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
expires: Sun, 17 Nov 2024 13:30:09 GMT
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 3-ZaAl33ctWKiegDPvyEY3SY4OI8hSiZWBAeeoP6qhKwmcNTnSFuvA==
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
x-amz-cf-pop: FRA56-P11
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3 200 565265713643682 Show response
connect.facebook.net/signals/config/ 78 KB
16 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/565265713643682?v=2.9.177&r=stable&domain=om.almosafer.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d0ab30c0ec4569b34f9e3703c1f21ba1e763a56a041f84170998bfdd44e5be0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-aNX0F24U' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-aNX0F24U' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=77, mss=1232, tbw=71014, tp=68, tpl=0, uplat=60, ullat=0
pragma: public
x-fb-debug: XT+zWXN+oBe/MWum4HkQZn3li3kzsySpeWyutQxU5sYZm/zX49Cb4lEZeCHasn9rPqmLTvdVqbzj2wyMUTCcUg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 _r Show response
app.link/ 91 B
669 B 361ms
181ms Script
text/javascript 2600:9000:206f:5600:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.85.4&branch_key=key_live_dkJwfdptlrki21V6ZoG89pcirEmaqo1J&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5600:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

94ef49ae36122d2aba42d4e9afa41e2c4a25bed44276f4de176b57a59ea98e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
etag: W/"5b-M3GZCaqCbul8V/1LYjWCJF3+mmQ"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 91
x-amz-cf-id: gfTRtUw1vJysyMqwvULTQWuuZ65VjyA8g-yjlC5YNJ7vOFvDGvPDVQ==
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: text/javascript; charset=utf-8
x-amz-cf-pop: FRA56-C1
server: openresty

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/856860075/ 5 KB
3 KB 191ms
43ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/856860075/?random=1731850210794&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&label=YhyQCMScxpUBEKvLypgD&hn=www.googleadservices.com&frm=0&tiba=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=675426050.1731850211&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-856860075&l=dataLayer&cx=c&gtm=45He4bc0v76194323za200

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

38532628a138aaf6aca4feec551b0e16e3503c46ec3e53d2a5ba87ac9bb1aca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2801
date: Sun, 17 Nov 2024 13:30:10 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 257 KB
91 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10829568138&l=dataLayer&cx=c&gtm=45He4be0h2v811481828za200zb76194323

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN9JBFB&l=dataLayer&gtm=45He4bc0v76194323za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2d4f9e25cc14e5826484f9297ad4360181aeec218cd140c5089e8b9e7dfe2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 17 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93264
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 283 KB
98 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-323119495&l=dataLayer&cx=c&gtm=45He4be0h2v811481828za200zb76194323

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN9JBFB&l=dataLayer&gtm=45He4bc0v76194323za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

979ab4b8c0a0cbbfddb64170f85b35dde4d0be23bbfaed81515949a76e2232c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 17 Nov 2024 13:30:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99793
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 6014178.js Show response
bat.bing.com/p/action/ 363 B
413 B 51ms
47ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/6014178.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E2FACC3E456D43898DC7BC880395DCF4 Ref B: FRA31EDGE0706 Ref C: 2024-11-17T13:30:10Z
x-cache: CONFIG_NOCACHE
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 10059805.json Show response
s.yimg.com/wi/config/ 2 B
337 B 151ms
60ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB Yahoo-U...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10059805.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

strict-transport-security: max-age=31536000
cache-control: public,max-age=3600
age: 78
ats-carp-promotion: 1
access-control-allow-methods: GET
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: D3CKP4J7AVE5FDGM
access-control-allow-origin: *
content-length: 2
date: Sun, 17 Nov 2024 13:28:52 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: ATS
x-amz-id-2: KzTlI4Ui4MZj3ouN0bI3KaSuhZWzQFvMYk1+0RmAtlb9yQDrJvYkMa4ICyUDsY1LDx5t2Oot/QA=

GET
H2 200 main.MWFhYzI4NzhlMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 349 KB
97 KB 57ms
56ms Script
application/javascript 2.16.206.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C64DIMJ6V74IVQ8ULJV0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.206.219 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-206-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c19d35d3ab541478af2ee769d2a306f12cd47c94ecfb3dbc5c319218cf6d369b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

x-cache: TCP_MEM_HIT from a2-16-205-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-24111505220213E8D5AA508E22E2383E-798AD56364AAA33A-00
content-length: 98334
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024111505220213E8D5AA508E22E2383E
server: nginx
x-akamai-request-id: 44adf949
x-tt-trace-host: 014a2843efb9ca731e6665cae3bacb83f8df39bf0da7a15751807a85b8da354b102d09a56a062f6ea840b486d9f17d1270fbc55a2edecaf6739a716f9eef123143e11717efb251aa6a67cd38697b53344a2d5366a65e26b919fb61e46c3c5cd059

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 113ms
25ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=565265713643682&ev=PageView&dl=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&rl=&if=false&ts=1731850210878&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731850210876.843145202533301210&cs_est=true&ler=empty&cdl=API_unavailable&it=1731850210768&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4605, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 17 Nov 2024 13:30:10 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 261ms
174ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=565265713643682&ev=PageView&dl=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&rl=&if=false&ts=1731850210878&sw=1600&sh=1200&v=2.9.177&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1731850210876.843145202533301210&cs_est=true&ler=empty&cdl=API_unavailable&it=1731850210768&coo=false&tm=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438240014077268843"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BFTizJH1ITcBvKts8Uv7JckLnM7w7DkjzBD3+dMFazdIRNhKrZGRsjoK1gDBEI+N8ZQbybnc2QESXhcZfsNDRw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438240014077268843", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4973, tp=15, tpl=0, uplat=146, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 0
bat.bing.net/actionp/ 0
346 B 154ms
46ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=6014178&tm=gtm002&Ver=2&mid=6bacdff7-e9e4-4571-b9b5-a8fbb8b18aaf&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 46BF7C327B9B4B34ABBAD69E5C529F35 Ref B: FRA31EDGE0520 Ref C: 2024-11-17T13:30:11Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 17 Nov 2024 13:30:10 GMT

GET
H2 204 0
bat.bing.net/action/ 0
119 B 218ms
111ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=6014178&tm=gtm002&Ver=2&mid=6bacdff7-e9e4-4571-b9b5-a8fbb8b18aaf&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&p=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&r=&lt=3610&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=676232
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A22E1258D1584A31A09BE2F6C646BF40 Ref B: FRA31EDGE0520 Ref C: 2024-11-17T13:30:11Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 17 Nov 2024 13:30:10 GMT

GET
H2 200 identify_45dd5971.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 32ms
29ms Script
application/javascript 2.16.206.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_45dd5971.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.206.219 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-206-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

x-cache: TCP_MEM_HIT from a2-16-205-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=8
x-tt-trace-id: 00-241115052040B18B1E9A3973EC81A0A4-192F683B4FC47273-00
content-length: 39539
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241115052040B18B1E9A3973EC81A0A4
server: nginx
x-akamai-request-id: 44adfa2f
x-tt-trace-host: 017ae88fa18b63d19203de8c1aa71d07b77bdefa687193a67089a88815aab698f3cbde7ee68c398f2ddcd9987ae56701e6139b49c7120ca3b896687f12849e6031a3e16e7c0191270da0f86ec8c6e8f2ba35614087405d7e7ad203aceecdc77848

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
873 B 147ms
146ms Ping
text/plain 2.16.206.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.206.219 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-206-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

x-cache-remote: TCP_MISS from a23-48-200-203.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 17 Nov 2024 13:30:11 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=18, inner; dur=14
x-cache: TCP_MISS from a2-16-205-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 17 Nov 2024 13:30:11 GMT
x-akamai-request-id: 67086ed3.44adfa66
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772d2613e4c84dbd4515b34c3cbb957dbd63f3219b631a3d519a09f95861bd008a6178f1d070f76961db1207c0a266fd806b51292a9dcdacc05e8b7c385e193191c53d2b3cb0226ca8d0b8c25e2437aa6535c7d5119596f9f312ab848deaa6279a48
x-origin-response-time: 18,23.48.200.203
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241117133011417CC43618021D3040EC-4667F74E0FDAC906-00
content-length: 0
x-parent-response-time: 103,2.16.205.211
x-tt-logid: 20241117133011417CC43618021D3040EC
server: nginx

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
508 B 190ms
51ms Image
image/gif 54.171.122.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2017%20Nov%202024%2013%3A30%3A11%20GMT&n=-1&b=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&.yp=10059805&f=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&enc=UTF-8&yv=1.16.5&tagmgr=gtm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.171.122.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-122-26.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.144 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires: Sun, 17 Nov 2024 13:30:11 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: image/gif
server: ATS/9.1.10.144
x-frame-options: DENY

POST
H2 200 E3NUSDR2ZJ42WJE8N3IMTIZG Show response
sdk-02.moengage.com/v3/sdkconfig/web/ 289 B
692 B 31ms
29ms XHR
application/json 2600:9000:275d:4000:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v3/sdkconfig/web/E3NUSDR2ZJ42WJE8N3IMTIZG
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4000:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0bc8d719dc8f30bd4dc20a5ae8d92054e48221ab532b423ea666277519800d27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
expires: Sun, 17 Nov 2024 13:30:10 GMT
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 5HBC8C6CJneLMX6Y2VWoJpvx1DU_UWIJKcqkqacsRDnitoQTv_tuRA==
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
x-amz-cf-pop: FRA56-P11
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.de/pagead/1p-conversion/856860075/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=1...
https://www.google.com/pagead/1p-conversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=s...
https://www.google.de/pagead/1p-conversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=sy...

42 B
64 B

42ms
42ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&label=YhyQCMScxpUBEKvLypgD&hn=www.googleadservices.com&frm=0&tiba=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&value=0&npa=1&pscdl=noapi&auid=675426050.1731850211&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI_OyD5bzjiQMVrZL9Bx01rDdAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOkdodHRwczovL29tLmFsbW9zYWZlci5jb20vYXIvcGF5bWVudC1mb3JtLzY3MzllZjBmZDAxYjEzMjgxODQ2NTEwOD9uY3I9MUJXQ2hBSWdNWG11UVlRa05Db3B0ZXFsS0VmRWkwQXYxYWZwRnlqSkRSWUIyblVBaFRqODBjM3FyUVJ5TDZCRUxNdXRSUnR6QldfMWJxSDJSVUI4TkJfQkdF&is_vtc=1&cid=CAQSGwCa7L7dx1iMivGAUuGud1-4xLFnuVp4yTFCHg&eitems=ChEIgMXmuQYQqZeAhuim-a-nARIdAEGBL7eRGI57b667K81IRGf2SiJofVfBxoELtTE&random=32461373&ipr=y

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 13:30:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/856860075/?random=761894456&cv=11&fst=1731850210794&bg=ffffff&guid=ON&async=1&gtm=45be4bc0v9103144320z876194323za201zb76194323&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1&label=YhyQCMScxpUBEKvLypgD&hn=www.googleadservices.com&frm=0&tiba=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D9%81%D8%B1%20%D9%84%D8%AD%D8%AC%D8%B2%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82&value=0&npa=1&pscdl=noapi&auid=675426050.1731850211&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=CA&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII6saxAgjTxbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI_OyD5bzjiQMVrZL9Bx01rDdAMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOkdodHRwczovL29tLmFsbW9zYWZlci5jb20vYXIvcGF5bWVudC1mb3JtLzY3MzllZjBmZDAxYjEzMjgxODQ2NTEwOD9uY3I9MUJXQ2hBSWdNWG11UVlRa05Db3B0ZXFsS0VmRWkwQXYxYWZwRnlqSkRSWUIyblVBaFRqODBjM3FyUVJ5TDZCRUxNdXRSUnR6QldfMWJxSDJSVUI4TkJfQkdF&is_vtc=1&cid=CAQSGwCa7L7dx1iMivGAUuGud1-4xLFnuVp4yTFCHg&eitems=ChEIgMXmuQYQqZeAhuim-a-nARIdAEGBL7eRGI57b667K81IRGf2SiJofVfBxoELtTE&random=32461373&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 13:30:11 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 moe_webSdk_cards.min.latest.js Show response
cdn.moengage.com/webpush/ 103 KB
30 KB 30ms
26ms Script
application/javascript 18.172.112.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.moengage.com/webpush/moe_webSdk_cards.min.latest.js
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-113.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77a0c579569d555b85779097f64b3a6622800ba2b4e6e22192786d1a2b4c3cbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

vary: accept-encoding
cache-control: max-age=1209600
content-encoding: gzip
etag: W/"1943ea36724d3de7fd3dc1a6eb590153"
age: 191627
via: 1.1 fc3a32609a2b1f220f223f3b87919ac2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: L5sszFwM0xmLqzOSVC14JaLB_zXMENK4_5sgElRPT8Z7Yq3riKy7Aw==
date: Fri, 15 Nov 2024 08:16:25 GMT
content-type: application/javascript
last-modified: Fri, 15 Nov 2024 08:16:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

POST
H2 200 add Show response
sdk-02.moengage.com/v2/device/ 81 B
913 B 49ms
45ms XHR
application/json 2600:9000:275d:4000:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v2/device/add?os=web&os_platform=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&is_incognito=false&app_id=E3NUSDR2ZJ42WJE8N3IMTIZG&os_ver=Google%20Chrome&sdk_ver=2.47.3&model=Google%20Chrome&app_ver=1.0&device_ts=1731850211145&device_tz_offset=3600000&unique_id=76e142ce-1bfc-465d-be8d-1deff940dee7&device_tz=-60&subscription_type=vapid&vapid_public=BIb3D7LP9Yd0RjyW2CO8JC5GOYYIpAjKlguX19Ej6pD2CtKHEs84-AH5NcDV2xdOlgUga_tm3_kyU57b2MDcm4A&environment=sdk-02.moengage.com&url=https%3A%2F%2Fom.almosafer.com%2Far%2Fpayment-form%2F6739ef0fd01b132818465108%3Fncr%3D1
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4000:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bb8b86a15c64fd109e4ebecafb8fe461838d1f73f1cb84d87b84da4fee00aae3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

cache-control: no-cache
content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
expires: Sun, 17 Nov 2024 13:30:10 GMT
access-control-allow-origin: *
x-cache: Miss from cloudfront
moe-request-id: IBipfOeR
x-amz-cf-id: fQIK5uiqq98TLk791srMI1rd1U7TjlFHsCIBNgvHYhcic8UhLIj9WA==
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx
x-amz-cf-pop: FRA56-P11
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 200 open Show response
api2.branch.io/v1/ 318 B
709 B 437ms
377ms XHR
application/json 2600:9000:2491:e600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:e600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

284d7b0fcc5fe291342ac5a088e9d840e484bf825e28e84b9548ff7bc35a4b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: jdDelSzYpoII808pGL3L2GgnDcgAVwh2-slkdtakHqPCsL0SkyPnTw==
cache-control: no-cache
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 318
x-branch-request-id: 67296b25-6b71-415d-8fa7-0a1c976d3050-2024111713
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: application/json; charset=utf-8
x-powered-by: Branch
x-amz-cf-pop: FRA56-P7

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
715 B 247ms
245ms Ping
text/plain 2.16.206.219
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhYzI4NzhlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.206.219 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-206-219.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 17 Nov 2024 13:30:11 GMT
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=13, origin; dur=182
x-cache: TCP_MISS from a2-16-205-211.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5d2a058efeda81c5505a169a6e16c38e) (-)
date: Sun, 17 Nov 2024 13:30:11 GMT
x-akamai-request-id: 44adfc25
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01f8142ac9864b932f9774d2bcec67772d2c6620dc5080e7883fdf1431bed9937f889ea6e1a6df0b7f9b7e15f1f2865b2309fd8d0b577b4bcea5637f2fd4ea01316393c6dc0dba354928b8a9512f6e15ee35a8eb08232360456a3e6d4bfc722838
x-origin-response-time: 183,2.16.205.211
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24111713301154A44292443641379FA7-119A2B68731B9A31-00
content-length: 0
x-tt-logid: 2024111713301154A44292443641379FA7
server: nginx

POST
H2 200 get Show response
sdk-02.moengage.com/v1/cards/ 290 B
815 B 48ms
47ms XHR
application/json 2600:9000:275d:4000:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v1/cards/get
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4000:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a715022e12fc0df53996d3d0636fb6918fc3d26cd3427fd430f201c572594608

Request headers

Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
MOE-APPKEY: E3NUSDR2ZJ42WJE8N3IMTIZG
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
moe-request-id: GSuxEkLC
content-length: 290
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P11
server: nginx
x-amz-cf-id: DnjGKK4XmHShY79MSOm8KdBUtiySmfmwYSnjLvYJ6GpJ-ZXkBycSZQ==
access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID

OPTIONS
H2 200 get
sdk-02.moengage.com/v1/cards/ Frame 0
0 31ms
31ms Preflight
application/json 2600:9000:275d:4000:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v1/cards/get
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4000:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,moe-appkey
Access-Control-Request-Method: POST
Origin: https://om.almosafer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 17 Nov 2024 13:30:11 GMT
moe-request-id: ZPfeFzDF
server: nginx
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
x-amz-cf-id: eGCDl49L8cYyDv7Wjl-_9gqR2LscIin_7QW4op55xHvtEe1MTEQ3ig==
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront

POST
H2 200 live Show response
sdk-02.moengage.com/v3/campaigns/inapp/ 68 B
618 B 36ms
35ms XHR
application/json 2600:9000:275d:4000:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.47.3&unique_id=76e142ce-1bfc-465d-be8d-1deff940dee7&os=web
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4000:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 870ea79fe1826d6e5543d70942bd23d72399efbebf30ad8b6ecd05780e0a9f87

Request headers

Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1
MOE-APPKEY: E3NUSDR2ZJ42WJE8N3IMTIZG
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

content-encoding: gzip
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
moe-request-id: lsEfERHX
content-length: 79
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P11
server: nginx
x-amz-cf-id: xIldX725DfCc55_uIf7HsZiPgCbkjsGIcMe_iXHySKrjpOwJR-tdAg==
access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID

OPTIONS
H2 200 live
sdk-02.moengage.com/v3/campaigns/inapp/ Frame 0
0 28ms
27ms Preflight
application/json 2600:9000:275d:4000:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.47.3&unique_id=76e142ce-1bfc-465d-be8d-1deff940dee7&os=web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:4000:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,moe-appkey
Access-Control-Request-Method: POST
Origin: https://om.almosafer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 17 Nov 2024 13:30:11 GMT
moe-request-id: gTKczaJs
server: nginx
via: 1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
x-amz-cf-id: Rtulw_1LQa0n6G6xOos-yxtzfx5Y8Zvdkqdyh5W14wGG0UD7bfq8yg==
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
350 B 205ms
204ms XHR
application/json 2600:9000:2491:e600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:e600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 28
x-amz-cf-id: PQDkN4-gPYywmN5Baga-MGmvaPG4huo7zrmhlxVt_guJLunNMpjCjA==
date: Sun, 17 Nov 2024 13:30:11 GMT
content-type: application/json; charset=utf-8
x-powered-by: Branch
x-amz-cf-pop: FRA56-P7

POST bulk
events.split.io/api/events/ 0
0

OPTIONS bulk
events.split.io/api/events/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: events.split.io
URL: https://events.split.io/api/events/bulk

Domain: events.split.io
URL: https://events.split.io/api/events/bulk

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
om.almosafer.com/	1969-12-31 23:59:59	Name: language Value: ar
om.almosafer.com/	1969-12-31 23:59:59	Name: currency Value: OMR
om.almosafer.com/	1969-12-31 23:59:59	Name: ncr Value: 1
.tjwlcdn.com/	1970-01-21 01:04:12	Name: __cf_bm Value: yB0pMiEkILkNjS1LpbZ6y0Zva5YibLThTAuG7SRGMc8-1731850208-1.0.1.1-WoNCzm42F0Llxbei8HvQBv0fCuaN6uNY4t3_2QcJaK3YyprHHtRqypNrKmBvpcdtsscgoldGlCm8d89cpEtvCA
om.almosafer.com/	1969-12-31 23:59:59	Name: splitId Value: 55fdcfe5-6024-4451-b02b-f9bebb4eabe2
om.almosafer.com/	1969-12-31 23:59:59	Name: ENIGMA_API_TOKEN Value: ANHz0NGQ60GcoaV2sZ&PJ5B
.almosafer.com/	1970-01-21 09:49:46	Name: cf_clearance Value: YyicXzhPHvo3.bxcRURMhjXmP5xR0Ml4zbjpYAcl6zg-1731850210-1.2.1.1-X8CQ_CYf0Sr32ne1RBiEp7SgCA0lQjhvhIAASmNQZRnoz1ZXwhwdGkjatFIkgZjWOyxMF0ffXTzjF9MUN4MQR3V1rkK8nSyqHj5s20z4xHOpHZEIamr_mBlvt0Q4tXoId7XMbxf2Q7nlS0ncHC5z7rHT5w9k3wwbf..6fnN.KO_sxu4yF9Ex9ChoJb_siD8cdIQoO28ttjW3rhyAtL_5AXlqOu4opckNjcbJeHUwdOC_WNsEet1agxLOID_CEe6c1BUMrepHaSBGqVlx2_ACa9KfrS5ODMAkwQ4Re5R3kV4eW6kutCXu4u_SUMF2BG4Tr_9bgaVw8vLuU7Hb.ZZpABRJqMTMzvZw.ZzVEWbZ8XsN8KVsBy1isRrBCVXLkpId
om.almosafer.com/	1970-01-21 01:14:15	Name: delete_old_tkn Value: true
.almosafer.com/	1970-01-21 03:13:46	Name: _gcl_au Value: 1.1.675426050.1731850211
.almosafer.com/	1970-01-21 01:04:12	Name: __cf_bm Value: 707H7srGn72bwaneI.4qinxeAI5Mse3rqE8nR2.PvJk-1731850210-1.0.1.1-VUfWqbErTA7Hepka_N8fW.O4MQt7gJqyZ3tFOYqADMWh3uE8MoWxRUTSEcLmjriIY9JTslzOgR01w3YjF3xM9w
.almosafer.com/	1970-01-21 10:40:10	Name: _ga_LJF2ZPHK2H Value: GS1.1.1731850210.1.0.1731850210.60.0.0
.almosafer.com/	1970-01-21 10:40:10	Name: _ga Value: GA1.1.1714153972.1731850211
.tiktok.com/	1970-01-21 10:25:46	Name: _ttp Value: 2oymV6uzycSn7p3CLI5AnAsOl1l
.almosafer.com/	1970-01-21 03:13:46	Name: _fbp Value: fb.1.1731850210876.843145202533301210
.almosafer.com/	1970-01-21 10:25:46	Name: _tt_enable_cookie Value: 1
.almosafer.com/	1970-01-21 10:25:46	Name: _ttp Value: FiIte5-fffk1W8ASIl-Wi1kq68C.tt.1
.app.link/	1970-01-21 09:49:46	Name: _s Value: bK4Uqk%2FYCdsJ1fatP88zx19HQB0x5usRiZhBesoja3o%2F5mDUfASYmXMIulvmH1UL
.almosafer.com/	1969-12-31 23:59:59	Name: moe_uuid Value: 76e142ce-1bfc-465d-be8d-1deff940dee7
.doubleclick.net/	1970-01-21 01:04:11	Name: test_cookie Value: CheckForPermission
.almosafer.com/	1970-01-21 10:40:10	Name: USER_DATA Value: %7B%22attributes%22%3A%5B%5D%2C%22subscribedToOldSdk%22%3Afalse%2C%22deviceUuid%22%3A%2276e142ce-1bfc-465d-be8d-1deff940dee7%22%2C%22deviceAdded%22%3Atrue%7D
.almosafer.com/	1970-01-21 10:40:10	Name: SESSION Value: %7B%22sessionKey%22%3A%222858c0ff-72fb-4bcc-bdcf-421f2cafd6d0%22%2C%22sessionStartTime%22%3A%222024-11-17T13%3A30%3A11.146Z%22%2C%22sessionMaxTime%22%3A1800%2C%22customIdentifiersToTrack%22%3A%5B%5D%2C%22sessionExpiryTime%22%3A1731852011229%2C%22numberOfSessions%22%3A1%7D
om.almosafer.com/	1970-01-21 01:04:11	Name: _dd_s Value: rum=0&expire=1731851108963

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0A0A817C42B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0F01C00C42B0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	warning	URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1 Message: The resource https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://om.almosafer.com/ar/payment-form/6739ef0fd01b132818465108?ncr=1 Message: The resource https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; base-uri 'self'; object-src 'self'; frame-ancestors https://www.americanexpress.com.sa https://amexd9.s3.ethosds.com https://almosafer.com https://*.almosafer.com https://z2.le.liveperson.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api2.branch.io
app.link
assets.almosafer.com
auth.split.io
bat.bing.com
bat.bing.net
cdn.avo.app
cdn.branch.io
cdn.moengage.com
connect.facebook.net
dtm-dre.platform.hicloud.com
events.split.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
om.almosafer.com
region1.analytics.google.com
region1.google-analytics.com
s.yimg.com
sdk-02.moengage.com
sdk.split.io
sp.analytics.yahoo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tjwlcdn.com
www.almosafer.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
events.split.io
104.17.61.7
104.17.62.7
104.18.6.251
108.138.26.113
13.33.219.205
151.101.67.9
18.172.112.113
2.16.206.219
2001:4860:4802:34::36
216.58.212.162
2600:9000:206f:5600:19:9934:6a80:93a1
2600:9000:2491:e600:11:f728:3040:93a1
2600:9000:275d:4000:11:652e:c280:93a1
2606:4700::6810:5049
2606:4700::6813:d04a
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::2004
2a00:1450:400c:c0d::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.186.235.99
44.197.221.236
54.171.122.26
80.158.18.121
01c93337b9fa092c42c645ebae7f067d72b5a40ca31326b52c0c5e5b517e5c32
0586472de4b2eb54b547389a3c3d67f4d69b251df0afff8d23c0baf5df036f68
084381e80222ad30ee1766a9e21df49565b2302f14ea00bdf88fa788b01c4953
0a8da80d1062389db08f11c07d41d113292a3818f8e09bb46ecec65b549d7b1a
0bc8d719dc8f30bd4dc20a5ae8d92054e48221ab532b423ea666277519800d27
0c57044e48c07d8ae0055b6a83d4070f87d18948ef8fa4734152e1e4d5b04f04
0d0ab30c0ec4569b34f9e3703c1f21ba1e763a56a041f84170998bfdd44e5be0
0e276dbb1f3984400e421100be79917f2f8cdc3e16e7d93915fdc6cd18a28bbb
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f573a4455cb8b51c25cca70d5af890f7066cedcc4e0e33fcd6ac16b5011c527
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
23edcb0b1e30fbc40951906e1000635dacf3db3f0ca0f37ae09fbedee510d2e4
284d7b0fcc5fe291342ac5a088e9d840e484bf825e28e84b9548ff7bc35a4b3b
28abed6f77e6b09080782f845d33ff2e32aa6d153f3522061a73042b47e50814
2ab268a5118de4b05766654f4bbac9f01ea4d3dfded907e3e4a2ac9720d30570
2adcf9fd70c1c834f4b13d732b66f4900cec9a6bbdc587b85dbc68cdd9a34be4
2edaf0e6444c03e7119728fba41747d071b3c10858ae4d0361e6a6b771db988e
35599d12c272c8ae277a8e361f40aaa205bf92db7981e44ed240f93b97dfcf8e
38532628a138aaf6aca4feec551b0e16e3503c46ec3e53d2a5ba87ac9bb1aca8
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
43fc587d4c7860e824a47a42fc2b758455429aaf36b6eeb270d7cfb6a8975c56
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47026c2924e6e9359975bbed4f47aaba36fae5ed462740374ac65fe25dd958f5
4ed44440a6fe857f3da312ba98b33e0e165eb4b0f38569e80785c67ddf01e1fb
509fc08cf1e15eb03028c2b490eee6ae196ff914fa3f63d07f61579d054ef684
538ebdf07d591f0d6e2aa69f00fa706aedc4068f93cb807238e32291ccfd96f8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56e84fec079632a7adb31be50e9c22f1727325bf0424142aef7b67f956c032b2
579a5d32e8e65a55457c112f9211f67c5510a39d5f8b326043f93ff435321e72
59c7152962a016bac7802e330cbd5a6568db53c48cfde3a31a46d299700d0c7b
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
5faba25136fdc5c7c932092441e43b9149dd672b2a6fc9181ba80a084ef80e60
6ea2c28da7f21f5aa59c0c7e0010396d075e4e3da3ff84a72f404a8db320a23f
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
712cd40cf73ca483fb7fb2b4652d6f6fc8bb13f787d7b4205219e8d36531d2ad
775c9180de5186f3e7cc0c71a14a0e43745ba69e32fb0d73305011f5bdafc8db
778e9d4cb080128b906951e94507022aa23d5a04b464c48c6670f699ed436c35
77a0c579569d555b85779097f64b3a6622800ba2b4e6e22192786d1a2b4c3cbd
794817ce5f63fb881869fa4efd4f416515eb84d8846f3309ca963a94a0e44814
7e50762892e97ea4638c86302b07e50d15dc157b9fbd3389320faf398f89d197
81d04e7473d92b7d53a4aea1a8429ce64ede1b3c85daf6af012d2d454837dfa1
82e683c70db983f0fdc891a8a62a0f9f6ac979030cd6f340b4450b13dbbaed9c
8435ab6aa57efeab26d39224208da870f5d0b74706e473780717433a3e971a26
870ea79fe1826d6e5543d70942bd23d72399efbebf30ad8b6ecd05780e0a9f87
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e53c1f2608a655c0f48e6a32ac58745b14af168164ec159c09ed6c88e65bc84
94ef49ae36122d2aba42d4e9afa41e2c4a25bed44276f4de176b57a59ea98e0e
9507f26d5914a59c60c9976e6852011e89a8729b243806ef4eb297d989df9e87
979ab4b8c0a0cbbfddb64170f85b35dde4d0be23bbfaed81515949a76e2232c0
97e186a9933e18c3f4c7c96cc8f4468b82415ff57322440975f638079c7e25de
9edf922182d605a48239fee4eddab22abc367aa35aec6e4a60ce62a21e3e4dc6
9f3ec8a802543bd6dd69994c55b97cda495d129455bb9661d0f5d9ae8d61afa2
a03bad15c5776988e09c6737ee13b24308515da5f034584fed3ec62055f3d0b4
a0e538f1ba41c8c27a26356ce5d7750948d6f062d3ae0d5f2283d3e9e8389677
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a29e23096588a7ba4b82a6e68b6e4984d85bb2415cf2ae9ba48a5036cf2176bd
a2d4f9e25cc14e5826484f9297ad4360181aeec218cd140c5089e8b9e7dfe2cb
a5020693a9ebe6744184fba7f7de8e6700cfc79c0627d92952112e1fa0cfbd2a
a715022e12fc0df53996d3d0636fb6918fc3d26cd3427fd430f201c572594608
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aa0057dfb8662f0c92643f9577938de523897da162c501f6a0172c22c63f2779
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
b1374318f9f268da23f622c2b3924db472de534f7a426cf9f4967f915d24ad7f
b6d8198ca3e41384fc28f82c8dd00902e2ee42a62a7ccde74014fae4288ff221
bb794fd410fe3426e4bd61836d3855ce83631e355412e8be49465186933a99e0
bb8b86a15c64fd109e4ebecafb8fe461838d1f73f1cb84d87b84da4fee00aae3
c19d35d3ab541478af2ee769d2a306f12cd47c94ecfb3dbc5c319218cf6d369b
c3f8de4edd8c4649f770f2a0c697c88ed5b9e91152c855934a6c257ab14a7de6
cbd96446aab8811d0c731cbbea6e193db54c9ad280bb13456ae4fd19a6e1d7fb
cc85b8b22c119f5741bf94feacc6c62702e6d2c63fd27c03fb7281172967aaa9
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
ce1608a2c32dc25c86f25bf03d8b7aa867350d4b656282d237721da26af8c937
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e993df03deb1676f850b402d63a272a65b0c1452b829c7c408d7c7b10e8ba483
ea8c1faecc864a7f4c7d53ecd639289c78276f5988f94dfdec667befecc85d24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ab11a134a19ab1193f8d1e4e40c7b5cf387fa0b69dcfbdacd3ac12c1836624
f3333c44c2e10f7a9f2b8cfa08c2248f19578511f967873825195084321074a3
f7346ea97307dcdc090f634286d2045dbda62dc55c6f59781a4d9089ccf5bb97
fb0bd3860759ba927b8e868df3e6679d8fadd21b5975ac9ba00da5798afae6a6
ff2711ac074766d0f5f2fc844058c3443121d24cff1c6c55e2143ae7c50b257a

om.almosafer.com Open in urlscan Pro 104.17.62.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

95 %HTTPS

59 %IPv6

25 Domains

34 Subdomains

32 IPs

6 Countries

3261 kBTransfer

13191 kBSize

22 Cookies

1 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

om.almosafer.com Open in urlscan Pro
104.17.62.7 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

95 %
HTTPS

59 %
IPv6

25
Domains

34
Subdomains

32
IPs

6
Countries

3261 kB
Transfer

13191 kB
Size

22
Cookies

102 HTTP transactions
2 data transactions