myaccount.du.ae Open in urlscan Pro
94.203.234.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://myaccount.du.ae/webapp/en/quick-pay
Submission: On October 20 via manual (October 20th 2024, 2:39:24 pm UTC) from IN — Scanned from DE

Summary HTTP 114 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 62 IPs in 9 countries across 52 domains to perform 114 HTTP transactions. The main IP is 94.203.234.2, located in Abu Dhabi, United Arab Emirates and belongs to DU-AS1, AE. The main domain is myaccount.du.ae.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 30th 2024. Valid for: a year.

This is the only time myaccount.du.ae was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	94.203.234.2 94.203.234.2	15802 (DU-AS1) (DU-AS1)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.209.37.110 52.209.37.110	16509 (AMAZON-02) (AMAZON-02)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.132.130 172.67.132.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
3	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.160.150.128 3.160.150.128	16509 (AMAZON-02) (AMAZON-02)
5	2.23.7.34 2.23.7.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.11.213 104.18.11.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.44.201.179 23.44.201.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.175.234.12 172.175.234.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	35.214.136.108 35.214.136.108	15169 (GOOGLE) (GOOGLE)
1	51.178.195.217 51.178.195.217	16276 (OVH) (OVH)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.210.96.13 52.210.96.13	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	54.171.69.160 54.171.69.160	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.52.120.27 23.52.120.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.58.152.190 52.58.152.190	16509 (AMAZON-02) (AMAZON-02)
1	54.144.83.91 54.144.83.91	14618 (AMAZON-AES) (AMAZON-AES)
1	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4280:7142:e7da:8b9:e6d5	14618 (AMAZON-AES) (AMAZON-AES)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.213.165.82 23.213.165.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1	99.80.210.41 99.80.210.41	16509 (AMAZON-02) (AMAZON-02)
1	3.124.72.5 3.124.72.5	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
4	34.79.52.164 34.79.52.164	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
114	62

17 94.203.234.2 (Abu Dhabi, United Arab Emirates)

ASN15802 (DU-AS1, AE)

myaccount.du.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.37.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-37-110.eu-west-1.compute.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

itp.s2stracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.132.130 (United States)

ASN13335 (CLOUDFLARENET, US)

userjournies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.160.150.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-128.fra60.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.7.34 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-7-34.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.213 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

14114321.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.201.179 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-179.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.195.217 (France)

ASN16276 (OVH, FR)
PTR: ip217.ip-51-178-195.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.96.13 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-96-13.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.69.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-69-160.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.152.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-152-190.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.83.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-83-91.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:7142:e7da:8b9:e6d5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-82.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.210.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-210-41.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.72.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-72-5.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.79.52.164 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.52.79.34.bc.googleusercontent.com

ingesteu.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	du.ae myaccount.du.ae eum.du.ae Failed	1 MB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 14114321.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 150 cm.g.doubleclick.net — Cisco Umbrella Rank: 283	2 KB
5	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2492 ingesteu.quantummetric.com — Cisco Umbrella Rank: 20688 rl.quantummetric.com Failed	92 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	139 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 893 tr6.snapchat.com — Cisco Umbrella Rank: 1360	732 B
5	criteo.com 1 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3850 gum.criteo.com — Cisco Umbrella Rank: 461 sslwidget.criteo.com — Cisco Umbrella Rank: 2477 dis.criteo.com — Cisco Umbrella Rank: 650	27 KB
4	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 n.clarity.ms — Cisco Umbrella Rank: 15771	29 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 479 ib.adnxs.com — Cisco Umbrella Rank: 267	4 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401 www.google.com — Cisco Umbrella Rank: 3	991 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	430 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
3	userjournies.com userjournies.com — Cisco Umbrella Rank: 122106	5 KB
3	s2stracking.com itp.s2stracking.com — Cisco Umbrella Rank: 191281	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 503	739 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 243	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1988	1 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	465 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 4017	41 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	16 KB
2	omguk.com track.omguk.com — Cisco Umbrella Rank: 49678	3 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1136	378 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2090	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3351	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 6600	235 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 415	140 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2920	399 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 3027	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 413	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 905	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 881	218 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 969	422 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1695	882 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 658	817 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 14280	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 734	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 522	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 806	342 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1888	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 399	183 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 8268	997 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 962	723 B
1	t.co t.co — Cisco Umbrella Rank: 859	625 B
1	gstatic.com www.gstatic.com	217 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 960	15 KB
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1089	24 KB
0	sharethrough.com Failed match.sharethrough.com Failed
114	52

	Domain	Requested by
17	myaccount.du.ae	myaccount.du.ae
5	analytics.tiktok.com	myaccount.du.ae analytics.tiktok.com
4	ingesteu.quantummetric.com	cdn.quantummetric.com
4	tr.snapchat.com	sc-static.net
4	www.googletagmanager.com	myaccount.du.ae www.googletagmanager.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.com	myaccount.du.ae www.gstatic.com
3	www.facebook.com	myaccount.du.ae
3	userjournies.com	track.omguk.com cdn.appdynamics.com
3	itp.s2stracking.com	track.omguk.com cdn.appdynamics.com
2	sync.1rx.io	2 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	1 redirects
2	n.clarity.ms	cdn.appdynamics.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	bat.bing.net	bat.bing.com myaccount.du.ae
2	14114321.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	secure.adnxs.com	1 redirects myaccount.du.ae
2	connect.facebook.net	myaccount.du.ae connect.facebook.net
2	cdn.appdynamics.com	www.googletagmanager.com cdn.appdynamics.com
2	bat.bing.com	www.googletagmanager.com bat.bing.com
2	gum.criteo.com	1 redirects dynamic.criteo.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	track.omguk.com	myaccount.du.ae
1	sync.targeting.unrulymedia.com
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	eb2.3lift.com
1	criteo-partners.tremorhub.com
1	criteo-sync.teads.tv
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	contextual.media.net
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	dis.criteo.com
1	x.bidswitch.net
1	cm.g.doubleclick.net
1	analytics.pangle-ads.com	analytics.tiktok.com
1	ad.doubleclick.net	myaccount.du.ae
1	px4.ads.linkedin.com	myaccount.du.ae
1	analytics.twitter.com	myaccount.du.ae
1	t.co	myaccount.du.ae
1	www.gstatic.com	www.google.com
1	cdn.quantummetric.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	tr6.snapchat.com	sc-static.net
1	www.google.de	myaccount.du.ae
1	region1.analytics.google.com	www.googletagmanager.com
1	sc-static.net	myaccount.du.ae
1	dynamic.criteo.com	www.googletagmanager.com
0	rl.quantummetric.com Failed	cdn.quantummetric.com
0	eum.du.ae Failed	cdn.appdynamics.com
0	match.sharethrough.com Failed
114	66

This site contains links to these domains. Also see Links.

Domain
www.du.ae

Subject Issuer	Validity	Valid
myaccount.du.ae DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-30` - `2025-04-29`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.omguk.com Amazon RSA 2048 M03	`2024-06-23` - `2025-07-22`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.google.de WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
s2stracking.com WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
userjournies.com WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-29` - `2024-10-27`	3 months	crt.sh
*.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-20` - `2025-07-21`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
quantummetric.com WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-09-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-07-30` - `2025-01-26`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2024-08-13` - `2025-09-13`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-23` - `2024-12-21`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
itm.ivitrack.com R10	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2024-09-25` - `2025-10-23`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2024-07-31` - `2024-11-27`	4 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
teads.tv R10	`2024-09-02` - `2024-12-01`	3 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-08` - `2025-08-10`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-03`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-19` - `2025-02-13`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://myaccount.du.ae/webapp/en/quick-pay
Frame ID: 79E25AEC793A5DC74CB21D5F7E97038B
Requests: 77 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=e3239706-b608-460b-9fbe-507ea833fff9&u_scsid=cff0d816-01b8-416b-8c89-b74eda936db5&u_sclid=767319c7-4533-46c2-b6d6-194ebed6000d
Frame ID: F6560922D2BC741E8BF7B1F189E343EB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=myaccount.du.ae&origin=onetag
Frame ID: FB611489C0EDEAA9ACAE27FB46299D65
Requests: 1 HTTP requests in this frame

Frame: https://14114321.fls.doubleclick.net/activityi;dc_pre=COXMrIGYnYkDFZchVQgdiNE5yg;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9190762205z86507099za201zb6507099;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: D8D4C8441867EB8C41CEA37F29EDFB8D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD&co=aHR0cHM6Ly9teWFjY291bnQuZHUuYWU6NDQz&hl=de&type=image&v=lqsTZ5beIbCkK4uGEGv9JmUR&theme=light&size=invisible&badge=bottomright&cb=ay28bmtnon9
Frame ID: 5A441D4C95E729186FF02167917D6E14
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD
Frame ID: 906C5251D9A346EE5AE0A91F247E8730
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-WHyvmVD8dDRM-czDnohEgUSWBAvm0KcyzitqAA&google_cm&google_hm=ay1XSHl2bVZEOGREUk0tY3pEbm9oRWdVU1dCQXZtMEtjeXppdHFBQQ
Frame ID: 55C7358D2139F648C5893A970A75B64D
Requests: 26 HTTP requests in this frame

Frame: https://ingesteu.quantummetric.com/horizon/du?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1729435162186&v=1729435162726&S=0&N=0&P=0&z=1
Frame ID: A9A0DA9309923618643E5D1EB996AC94
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

du - My Account

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimise (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

track\.omguk\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

114
Requests

91 %
HTTPS

21 %
IPv6

52
Domains

66
Subdomains

62
IPs

9
Countries

2539 kB
Transfer

4906 kB
Size

69
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.du.ae/personal
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.du.ae/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.du.ae/homewireless?utm_source=webbannerHW&utm_medium=quickpaypage&utm_campaign=homewirelessonquickpay
Title: More info

Search URL Search Domain Scan URL

URL: https://www.du.ae/sitemap
Title: Site map

Search URL Search Domain Scan URL

URL: https://www.du.ae/terms-and-conditions
Title: Terms & conditions

Search URL Search Domain Scan URL

URL: https://www.du.ae/legal
Title: Legal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://secure.adnxs.com/px?id=1794038&seg=37526141&t=2&gtmcb=429804444 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1794038%26seg%3D37526141%26t%3D2%26gtmcb%3D429804444

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6530625&time=1729435156358&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6530625&time=1729435156358&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&e_ipv6=AQLHg9FOhMPFFwAAAZKqXkA7paEtAGJIov_XW0eEvO82EnS6z0rVX_Zlc80vM-WqsmBa6mKS

Request Chain 55

https://14114321.fls.doubleclick.net/activityi;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9190762205z86507099za201zb6507099;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay HTTP 302
https://14114321.fls.doubleclick.net/activityi;dc_pre=COXMrIGYnYkDFZchVQgdiNE5yg;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9190762205z86507099za201zb6507099;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Request Chain 79

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2608134473358928931

Request Chain 83

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0SQQuVD8dDRM-czDnohEgUSWBAviz-yjV1uQFQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0SQQuVD8dDRM-czDnohEgUSWBAviz-yjV1uQFQ&C=1

Request Chain 84

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=_rFSVEOpdBVCQa2ycpzIUP9pT4UgpioR HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_rFSVEOpdBVCQa2ycpzIUP9pT4UgpioR

Request Chain 101

https://sync.1rx.io/usersync/criteodsp/k-_60e01D8dDRM-czDnohEgUSWBAs8BAWWvfDjyA HTTP 302
https://sync.1rx.io/usersync/criteodsp/k-_60e01D8dDRM-czDnohEgUSWBAs8BAWWvfDjyA?zcc=1&cb=1729435162732 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-51d000c9-1959-4f3e-9561-22b1e2f41dc7-003

114 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request quick-pay Show response
myaccount.du.ae/webapp/en/ 970 B
3 KB 981ms
180ms Document
text/html 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

cf6dee205e57ac6cda73caf1d766d8d3955af0f7590a766380e74db47aa5671e

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: private
content-length: 970
content-type: text/html
date: Sun, 20 Oct 2024 14:39:13 GMT
last-modified: Mon, 23 Sep 2024 01:44:37 GMT
p3p: CP="NON DSP COR CURa TIA"
server: Apache
strict-transport-security: max-age=157680000
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H/1.1 200 main.e05c93b0.js Show response
myaccount.du.ae/webapp/static/js/ 838 KB
839 KB 202ms
201ms Script
application/javascript 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/js/main.e05c93b0.js

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

10d013498cb7e80a9a9c39fc8d30602c235483a226d41755b1188e22d86058ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 14:39:14 GMT
p3p: CP="NON DSP COR CURa TIA"
date: Sun, 20 Oct 2024 14:39:14 GMT
last-modified: Mon, 23 Sep 2024 01:44:38 GMT
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=157680000
cache-control: max-age=86400, public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 857744
x-xss-protection: 1; mode=block
server: Apache

GET
H/1.1 200 main.bba639bf.css
myaccount.du.ae/webapp/static/css/ 14 KB
15 KB 703ms
388ms Stylesheet
text/css 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

4a24c30b0539bb73800bbce76781f9eca46be9a87c22bf5ba0c13b84a0158f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 21 Oct 2024 14:39:14 GMT
p3p: CP="NON DSP COR CURa TIA"
date: Sun, 20 Oct 2024 14:39:14 GMT
last-modified: Mon, 23 Sep 2024 01:44:37 GMT
vary: Accept-Encoding,User-Agent
content-type: text/css
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=157680000
cache-control: max-age=86400, public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14354
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
92 KB 161ms
71ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJPLS3Q

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c7cc1c811e9233ca2180e1a2ddc8c23a2c2941f68e202c8a0ff2a4156a10cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 20 Oct 2024 14:39:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93616
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
101 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PSF2QWHVDC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJPLS3Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

894508d7ce6aaabbf0501875a6f211e1f46e52d95797697aef36f7d37181c51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 20 Oct 2024 14:39:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102993
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 50 KB
21 KB 485ms
92ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102684

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJPLS3Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f31a9d40f653d51496043a01b33e63ed4a35efb3508601c5e89cb127605208f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: public,max-age=10800
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept-Encoding
server: Kestrel

GET
H2 200 / Show response
track.omguk.com/e/qs/ 2 KB
1 KB 198ms
71ms Script
text/javascript 52.209.37.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://track.omguk.com/e/qs/?action=Content&MID=2354084&PID=55663&ref=https%3A//myaccount.du.ae/webapp/en/quick-pay

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.209.37.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-37-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5a24e19d08ab6d31b2d790989bd01fa9fd2b521d42152f77bcaed800adbbe1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
date: Sun, 20 Oct 2024 14:39:14 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
vary: accept-encoding

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 146ms
63ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23694
x-amz-cf-id: lT4FMVuX9-r5EjeUhYu56GlVurJ7UgzRXGadEvbMBW1Ci2e7Jn5pSg==
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: TXL50-P4
server: CloudFront
access-control-allow-headers: Content-Type

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 141ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PSF2QWHVDC&gtm=45je4ah0v9186991485z8898604534za200zb898604534&_p=1729435154045&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=721764025.1729435155&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729435154&sct=1&seg=0&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&dt=du%20-%20My%20Account&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1529
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PSF2QWHVDC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://myaccount.du.ae
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
545 B 151ms
50ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PSF2QWHVDC&cid=721764025.1729435155&gtm=45je4ah0v9186991485z8898604534za200zb898604534&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PSF2QWHVDC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://myaccount.du.ae
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 1654ms
1604ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PSF2QWHVDC&cid=721764025.1729435155&gtm=45je4ah0v9186991485z8898604534za200zb898604534&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686685&tag_exp=101686685&z=1036045686

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 e3239706-b608-460b-9fbe-507ea833fff9.json Show response
tr.snapchat.com/config/ae/ 120 B
404 B 247ms
145ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/ae/e3239706-b608-460b-9fbe-507ea833fff9.json?v=3.33.0-2409301510

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d9abd6b9645c8e709747fe863b510cb8b7282a1c692e44264d46ea70cb707573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://myaccount.du.ae
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame F656 0
0 151ms
50ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=e3239706-b608-460b-9fbe-507ea833fff9&u_scsid=cff0d816-01b8-416b-8c89-b74eda936db5&u_sclid=767319c7-4533-46c2-b6d6-194ebed6000d

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 20 Oct 2024 14:39:14 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 itp.js Show response
itp.s2stracking.com/ 978 B
1 KB 4480ms
4277ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itp.s2stracking.com/itp.js
Requested by: Host: track.omguk.com
URL: https://track.omguk.com/e/qs/?action=Content&MID=2354084&PID=55663&ref=https%3A//myaccount.du.ae/webapp/en/quick-pay
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1ab02df07901d819d0c788c848900659d00f14e37971a25d9236d4a2bcf00437

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"3d2-Tpxq3EnLLVs+Evtilz1ERj59IXI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLajLO6y8iHpWpgfSznrNaoGNCBE663%2B0mfsBOEHCqVuzhKfPYza3egJpefRbbwwlFFAo3dypv%2BPRXtGZTNcVD3PNKaE2nkyeN8oK2Hegaine2nFgi75fjuXMgJbRO%2BF3i%2Fo5TtL"}],"group":"cf-nel","max_age":604800}
expires: 0, 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=183773&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4140&recv_bytes=4363&delivery_rate=131&cwnd=12000&unsent_bytes=0&cid=d901844ec0ecf8c5&ts=4281&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 20 Oct 2024 14:39:18 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache, no-cache
cf-ray: 8d59c1962f5ecfed-SJC
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

GET
H3 200 journey.js Show response
userjournies.com/ 8 KB
4 KB 7436ms
7374ms Script
application/javascript 172.67.132.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userjournies.com/journey.js
Requested by: Host: track.omguk.com
URL: https://track.omguk.com/e/qs/?action=Content&MID=2354084&PID=55663&ref=https%3A//myaccount.du.ae/webapp/en/quick-pay
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b3529f883571c4250e024ed3d93afddf83a87b5a76b6ef025cd086b57bfa988b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"1ee9-eoWL/vRIJ3jBxp9CsHM6QLExwPg"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqKsx%2FKKxWSQ5bPRNazg9uSEmgwELK7KLBDTBZwp1nwDzuDc4PtLiNt7A7uPzwqU%2FD3Hv3Fp9eKxDs%2BZmMW7VNdIWcfxh0NaIFs%2BMH%2FiqYP4Tmsl9TUXivI1R6aUBCX1LBUG"}],"group":"cf-nel","max_age":604800}
expires: 0, 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39002&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4366&delivery_rate=433&cwnd=12000&unsent_bytes=0&cid=b6e8f6eb73e0ef32&ts=7380&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache, no-cache
cf-ray: 8d59c194ce824da6-FRA
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

GET
H2 200 /
track.omguk.com/e/qi/ 823 B
1 KB 62ms
62ms Image
image/gif 52.209.37.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.omguk.com/e/qi/?action=Content&mid=2354084&pid=55663&ref=https://myaccount.du.ae/webapp/en/quick-pay&

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.209.37.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-37-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0e9946930825f59fa538bd840a51c3fb376bc566cf6b50c070805f30ccff7e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag: W/"337-1928f7f9888"
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
content-length: 823
date: Sun, 20 Oct 2024 14:39:14 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Tue, 15 Oct 2024 09:25:57 GMT
vary: accept-encoding

POST
H2 200 p
tr.snapchat.com/ 0
239 B 146ms
53ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://myaccount.du.ae
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 20 Oct 2024 14:39:14 GMT
server: API Gateway

GET
H2 200 syncframe
gum.criteo.com/ Frame FB61 0
0 140ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=myaccount.du.ae&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 14:39:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 373251
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 200 p
tr6.snapchat.com/ 0
45 B 67ms
53ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://myaccount.du.ae/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 20 Oct 2024 14:39:15 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 147ms
51ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=102684&v=5.29.0&otl=1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh%26tms%3DCriteo%2520GTM%2520Enhanced%2520(Retail)%2520(GA4)%2520-%2520v12&p2=e%3Ddis&adce=1&bundle=SWO67V8xMGppSmNBYkpydEU2eXU0T3pTTVFYQ3QlMkJ0bGJHR0JhMk53dlNWU3BleFB2MlJhazRyT0drZEVSa1lraUtybWJKbm5RdmRQR2FBYmNSZTlvcVBvTFNSY01zVkg2Wk1DdmFYQVVNJTJGRkNHN2tNSDJJRDdFVjYzYVh2eVclMkI5STFBTzZvNEdDSjgwem00YVNwUHVzZ1FHREElM0QlM0Q&tld=du.ae&dy=1&fu=https%253A%252F%252Fmyaccount.du.ae%252Fwebapp%252Fen%252Fquick-pay&ceid=db50762c-84e4-4d91-a189-b724af64569c

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a5d60d669a70430001607b729944c0ee6a4b4bd186364d599e3add057dd93630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7056691
expires: 0
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
date: Sun, 20 Oct 2024 14:39:14 GMT
content-type: application/x-javascript
server: Kestrel

POST
H2 200 p
tr.snapchat.com/ 0
44 B 55ms
53ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://myaccount.du.ae
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 20 Oct 2024 14:39:15 GMT
server: API Gateway

GET
H2 200 tr
www.facebook.com/ 0
274 B 127ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1163842104689183&ev=PageView&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&eid=d0174772465f4e03b451197d74316d2f&cd[application_id]=423936147658676&ud[external_id]=670633c65ec0b01985389e146923e9031c230ba9137eb2739289e0966d0e43d8&fbp=fb.1.1729435154000.686079395&cd[is_app_event]=n&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1297, tbw=2890, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 20 Oct 2024 14:39:15 GMT
content-type: text/plain
server: proxygen-bolt

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 612 KB
157 KB 117ms
116ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c73f9896c3c0708f5bcb1342b54cfd3dd65ef8082c394fe2a50096c1abf8b2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 20 Oct 2024 14:39:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 160289
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
991 B 157ms
50ms Script
text/javascript 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/js/main.e05c93b0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

ESF /

Resource Hash

f613a19c2c0474befde6e48fe65b446dfb1d1a78b99ffcb0a39b0fc1f7086462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 20 Oct 2024 14:39:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200 cc-visa-logo.9de5ed976961133ab058d183b905b998.svg
myaccount.du.ae/webapp/static/media/ 3 KB
4 KB 510ms
505ms Image
image/svg+xml 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-visa-logo.9de5ed976961133ab058d183b905b998.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

b7b05ad1c3a308d4781fb953d46080e6ee5bfbacb166eb0e807105f3fefc79fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 2637
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:42 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 cc-master-logo.0fced2f492f163434103b9c040995d7c.svg
myaccount.du.ae/webapp/static/media/ 2 KB
3 KB 192ms
186ms Image
image/svg+xml 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-master-logo.0fced2f492f163434103b9c040995d7c.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

28bd53cec442bda2a970bfd4d1b058fd202cbd3438c05550f4c949fe5f6f3918

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 1731
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:41 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 cc-amex-logo.648a329e891cf2e3116e3c0efcd19e75.svg
myaccount.du.ae/webapp/static/media/ 7 KB
8 KB 743ms
206ms Image
image/svg+xml 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-amex-logo.648a329e891cf2e3116e3c0efcd19e75.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

6fb89b9b4777899a66f229fe91f71ab2ebaf8f37be14d18b5a77c55307944475

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 7539
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:40 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 cc-gpay.13c2633fad5a00954ea3556fe54ba8e5.svg
myaccount.du.ae/webapp/static/media/ 3 KB
4 KB 936ms
193ms Image
image/svg+xml 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-gpay.13c2633fad5a00954ea3556fe54ba8e5.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

12b202bf544bcf07c2a1518593744311d84ad54b4efba0e9c6130afa89e0fa63

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 2642
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:42 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 cc-samsung-pay.4c4f2008827273647ce1b99bbbde9f3a.svg
myaccount.du.ae/webapp/static/media/ 5 KB
6 KB 1166ms
347ms Image
image/svg+xml 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-samsung-pay.4c4f2008827273647ce1b99bbbde9f3a.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

95252dc7fa29cefd4d6ca742d89193cdc773d9842c358ee4caff4cf9d7254e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 5440
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:41 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/svg+xml
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 HWenglish.jpg
myaccount.du.ae/du/common/images/ 14 KB
15 KB 1039ms
204ms Image
image/jpeg 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/du/common/images/HWenglish.jpg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

df0cb0e85b4978adc8810c77b70112b853e28fe8b3e4eb4a9cb038426fa7baf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 06 Jan 2025 10:40:23 GMT
p3p: CP="NON DSP COR CURa TIA"
date: Sun, 20 Oct 2024 14:39:16 GMT
last-modified: Mon, 05 Feb 2024 10:40:23 GMT
vary: Accept-Encoding,User-Agent
content-type: image/jpeg
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14031
x-xss-protection: 1; mode=block
server: Apache

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22da92d2d0ed9dd76507088702badb488453899d661b7c5cbb4ccf94c6ea0efe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a816e9dc211c37e763505eb70bf524eed8db8cc268f956345a5bdad8bc88604

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200 ProximaNova-Bold.5e38a54e924b84960be0.woff2
myaccount.du.ae/webapp/static/media/ 42 KB
43 KB 323ms
186ms Font
text/plain 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/ProximaNova-Bold.5e38a54e924b84960be0.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

ae663f7733f0aac1c25cbf0d449180f98fb52fcf233efcb3bfa9e6df7145baa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://myaccount.du.ae
Referer: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Response headers

strict-transport-security: max-age=157680000
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 43424
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:41 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/plain
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 ProximaNova-Regular.4d6b0ae73bbc0ee103b8.woff2
myaccount.du.ae/webapp/static/media/ 43 KB
44 KB 442ms
183ms Font
text/plain 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/ProximaNova-Regular.4d6b0ae73bbc0ee103b8.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

ac63bd0ec4d73b90237949f24859de711328276f21a41b18b4248759deff16fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://myaccount.du.ae
Referer: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Response headers

strict-transport-security: max-age=157680000
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 43624
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:39 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/plain
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 DubaiW23-Regular.c56831cd808f5e4e0717.woff2
myaccount.du.ae/webapp/static/media/ 63 KB
64 KB 442ms
184ms Font
text/plain 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/DubaiW23-Regular.c56831cd808f5e4e0717.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

90809b509d33d74aea99990102c5cc60ed19e9fec7f05f82a12b9fe99a35c4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://myaccount.du.ae
Referer: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Response headers

strict-transport-security: max-age=157680000
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 64056
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:41 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/plain
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 ProximaNova-Medium.bf55a58d7d04853add13.woff2
myaccount.du.ae/webapp/static/media/ 51 KB
52 KB 450ms
194ms Font
text/plain 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/ProximaNova-Medium.bf55a58d7d04853add13.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

31f633ffb1cded2c62b7331f92ed3c15da2ef41e3d2d3c20d8a80e4aaaa4f321

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://myaccount.du.ae
Referer: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Response headers

strict-transport-security: max-age=157680000
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 52108
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:42 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/plain
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 duCo_WHeadline16_Bd.2496de66e37e8637049a.woff2
myaccount.du.ae/webapp/static/media/ 72 KB
73 KB 462ms
208ms Font
text/plain 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/duCo_WHeadline16_Bd.2496de66e37e8637049a.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

984bc8c91a0bb9498f4bfd59db79215c02c5a4c4da1184896c65477560672a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://myaccount.du.ae
Referer: https://myaccount.du.ae/webapp/static/css/main.bba639bf.css

Response headers

strict-transport-security: max-age=157680000
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 74024
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:42 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/plain
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H/1.1 200 mya-quick-pay-payment.html Show response
myaccount.du.ae/servlet/myaccount/en/ 190 KB
192 KB 2700ms
2269ms Fetch
text/html 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/servlet/myaccount/en/mya-quick-pay-payment.html

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/js/main.e05c93b0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

9f2010e151c7fd5b5de10d514b5fdf57aad1dda0bc76d897d62441f9fe7ea372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

host_service: FutureTenseContentServer:11.1.1.8.0
transfer-encoding: chunked
cache-control: no-store
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Oct 2024 14:39:16 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: text/html;charset=UTF-8
x-frame-options: SAMEORIGIN, SAMEORIGIN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: gzip
age: 4381
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 20 Oct 2024 15:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 13:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 140ms
40ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Sun, 20 Oct 2024 14:39:16 GMT
x-tw-cdn: FT
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220047-FRA
x-amz-server-side-encryption: AES256

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 141ms
40ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: max-age=24458
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Sun, 20 Oct 2024 14:39:16 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 199ms
62ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84B6316D69064BFCB60EAF93F5530B4D Ref B: FRA31EDGE0615 Ref C: 2024-10-20T14:39:16Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H2 200 adrum-4.5.7.1910.js Show response
cdn.appdynamics.com/adrum/ 79 KB
25 KB 154ms
44ms Script
text/javascript 3.160.150.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-128.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e72944b40f2b0a6a7f2310df4fbf98b3305bc9e16a8d335353aecd9c147b44ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"48faeb301a8c6edaee1bc59ea0b1f2c1"
age: 47247
cross-origin-resource-policy: cross-origin
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: HPCKHHkBoqUIQ7TVNSSxevkAlRG2tuym8873B8HllqPf7h95EfP-gQ==
date: Sun, 20 Oct 2024 08:15:59 GMT
content-type: text/javascript
last-modified: Fri, 15 Feb 2019 18:45:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
vary: Accept-Encoding, Origin

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 271ms
154ms Script
application/javascript 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAK6Q7RC77U1E8B1DB1G&lib=ttq
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 167eefb4678a2d71c271ac837ccf4026464a7829163dbf3556f04a91064f085b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: gzip
expires: Sun, 20 Oct 2024 14:39:16 GMT
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=98
x-cache: TCP_MISS from a2-23-7-15.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 1b8ae620
x-tt-trace-host: 01e68f26c3a9b73ae1f5007f932e91ef3274d10ebb7006d9d8197553a2d9de9e9e25ea7f55093ae0e26ee40c0fc525ff8c55431311afef6866bd33e0d5aa03705a375e5d194bf628fb5989cb037a9333c2d8f2c141db409167d5ef50d255bf182a
x-origin-response-time: 99,2.23.7.15
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2410201439164A431B7E4EA996AD524D-6582D5C6748D382B-00
content-length: 2143
x-tt-logid: 202410201439164A431B7E4EA996AD524D
server: nginx

GET
H3 200 quantum-du.js Show response
cdn.quantummetric.com/qscripts/ 255 KB
92 KB 128ms
69ms Script
text/javascript 104.18.11.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-du.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.213 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40e28b2f4a2938ce949aac4c5b0e45e60083f4a631b607a03d629b3286427758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000
x-robots-tag: noindex
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
content-encoding: gzip
cf-cache-status: HIT
etag: W/"172830738003117291779708901729411202716"
x-content-type-options: no-sniff
cf-ray: 8d59c19ed92762b9-HAM
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 60ms
59ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14114321&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a5969316a8a10866152cbac5ab0d0bd80688fc4b47d6627c94b43419b56cf833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sun, 20 Oct 2024 14:39:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81762
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 89ms
44ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4411, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6verL5CAvlJeLMBeVeCTjAROgRhQOOeDgsDd85c3dLsD7ortNGfsQYH3kyrFrRmPD9Ff8WrtxFplchosONuxTw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1794038&seg=37526141&t=2&gtmcb=429804444
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1794038%26seg%3D37526141%26t%3D2%26gtmcb%3D429804444

43 B
1 KB

75ms
74ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1794038%26seg%3D37526141%26t%3D2%26gtmcb%3D429804444

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 24e33d90-d444-4dd4-8939-687e6fb884e9
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1794038%26seg%3D37526141%26t%3D2%26gtmcb%3D429804444
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 80.255.7.107; 80.255.7.107; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 5653e8da-21b2-44be-861a-242a2f9fd7ab
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 20 Oct 2024 14:39:16 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 546 KB
217 KB 106ms
42ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://myaccount.du.ae
Referer: https://myaccount.du.ae/

Response headers

content-encoding: gzip
age: 241449
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 19:35:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 17 Oct 2024 19:35:07 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221971
x-xss-protection: 0
server: sffe

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
421 B 50ms
46ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=890795050&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ul=de-de&de=UTF-8&dt=du%20-%20My%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=847462301&gjid=1247603158&cid=721764025.1729435155&tid=UA-407073-6&_gid=482417373.1729435156&_slc=1&gtm=45He4ah0n71PK3S7Mv6507099za200&cd17=EN&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101836706&cd3=721764025.1729435155&npa=1&z=496650204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://myaccount.du.ae/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:16 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://myaccount.du.ae
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
361 B 54ms
51ms XHR
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-407073-6&cid=721764025.1729435155&jid=847462301&gjid=1247603158&_gid=482417373.1729435156&npa=1&_u=YCDAgEABAAAAAGAEK~&z=1181470589

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://myaccount.du.ae/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 14:39:16 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://myaccount.du.ae
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 adsct
t.co/1/i/ 43 B
625 B 375ms
259ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e0b137b3-a942-4892-938b-c8eb45df17b9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=b24f9840-0b86-4c78-9a98-b86aaa0fb045&tw_document_href=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tw_iframe_status=0&txn_id=ojbki&type=javascript&version=2.3.30

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 66a54af5ff39e426
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d01c8b230425e1c3fa001aab5e9a9b00cd39b32c6b93f15d794f8a2493e45969
cf-cache-status: DYNAMIC
cf-ray: 8d59c1a01c6062c8-HAM
x-response-time: 190
content-length: 43
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 320ms
211ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=e0b137b3-a942-4892-938b-c8eb45df17b9&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=b24f9840-0b86-4c78-9a98-b86aaa0fb045&tw_document_href=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tw_iframe_status=0&txn_id=ojbki&type=javascript&version=2.3.30

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: b1a4d043c9175f7b
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 95063c15d3ea7ff2ef8e718e7e5b5f0a3819e507cca7ef48a50b76216767c0f5
x-response-time: 171
content-length: 43
date: Sun, 20 Oct 2024 14:39:16 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
437 B 284ms
169ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5DD9AE150EA248738FEA95C146E01B4B Ref B: FRAEDGE1415 Ref C: 2024-10-20T14:39:16Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYk6YAq1qcfGPCkV4v1rg==
x-li-proto: http/2
access-control-allow-origin: https://myaccount.du.ae
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 14:39:16 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 260ms
148ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6530625&time=1729435156358&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://myaccount.du.ae/

Response headers

x-li-pop: afd-prod-lva1-x
content-encoding: gzip
x-fs-uuid: 000624e9802addadacd64c6fd4599631
x-msedge-ref: Ref A: 2FAFD2B092AE4C18A4A0E096CC14EB32 Ref B: FRAEDGE1711 Ref C: 2024-10-20T14:39:16Z
x-li-fabric: prod-lva1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYk6YAq3a2s1kxv1FmWMQ==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 14:39:15 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6530625&time=1729435156358&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6530625&time=1729435156358&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&e_ipv6=AQLHg9FOhMPFFwAAAZKqXkA7paEtAGJIov_XW0eEvO...

0
267 B

244ms
141ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6530625&time=1729435156358&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&e_ipv6=AQLHg9FOhMPFFwAAAZKqXkA7paEtAGJIov_XW0eEvO82EnS6z0rVX_Zlc80vM-WqsmBa6mKS
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8819AF6CEEC14754BBEAD2289B2834FD Ref B: DUS30EDGE0314 Ref C: 2024-10-20T14:39:16Z
x-li-fabric: prod-lva1
x-li-uuid: AAYk6YAu5U+Zt8iYzlUGBw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6530625&time=1729435156358&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&e_ipv6=AQLHg9FOhMPFFwAAAZKqXkA7paEtAGJIov_XW0eEvO82EnS6z0rVX_Zlc80vM-WqsmBa6mKS
x-msedge-ref: Ref A: 34D79A102D334FAEA7E133F16B1CB73B Ref B: FRAEDGE1415 Ref C: 2024-10-20T14:39:16Z
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: AAYk6YAqz5Alo4iZqVq4ng==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Sun, 20 Oct 2024 14:39:16 GMT

GET
H2

200

activityi;dc_pre=COXMrIGYnYkDFZchVQgdiNE5yg;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
14114321.fls.doubleclick.net/ Frame D8D4
Redirect Chain

https://14114321.fls.doubleclick.net/activityi;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
https://14114321.fls.doubleclick.net/activityi;dc_pre=COXMrIGYnYkDFZchVQgdiNE5yg;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;...

0
0

66ms
63ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14114321.fls.doubleclick.net/activityi;dc_pre=COXMrIGYnYkDFZchVQgdiNE5yg;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9190762205z86507099za201zb6507099;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14114321&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 650
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 14:39:16 GMT
expires: Sun, 20 Oct 2024 14:39:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 14:39:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14114321.fls.doubleclick.net/activityi;dc_pre=COXMrIGYnYkDFZchVQgdiNE5yg;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9190762205z86507099za201zb6507099;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noa...
ad.doubleclick.net/ 0
23 B 142ms
75ms Image
image/png 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14114321;type=gm_du0;cat=gm_dc008;ord=9914351467908;npa=1;auiddc=1869593259.1729435156;ps=1;pcor=459320095;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ah0v9190762205z86507099za201zb6507099;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sun, 20 Oct 2024 14:39:16 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"15693588426198771472"}],"aggregatable_trigger_data":[{"filters":[{"14":["49466144"]}],"key_piece":"0xad4e2a41a0d9c034","source_keys":["12","13","14","15","16","17","18","19","20","21","19860396","19860397","19860398","19860399","22064168","22064169","22064170","22064171","628494764","628494765","628494766","628494767","628570260","628570261","628570262","628570263","628615604","628615605","628615606","628615607","628663268","628663269","628663270","628663271"]},{"key_piece":"0x5f0f90bbf575849c","not_filters":{"14":["49466144"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","19860396","19860397","19860398","19860399","22064168","22064169","22064170","22064171","628494764","628494765","628494766","628494767","628570260","628570261","628570262","628570263","628615604","628615605","628615606","628615607","628663268","628663269","628663270","628663271"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"19860396":32,"19860397":32,"19860398":32,"19860399":3177,"20":65,"21":6356,"22064168":34,"22064169":34,"22064170":34,"22064171":3345,"628494764":32,"628494765":32,"628494766":32,"628494767":3177,"628570260":32,"628570261":32,"628570262":32,"628570263":3177,"628615604":32,"628615605":32,"628615606":32,"628615607":3177,"628663268":32,"628663269":32,"628663270":32,"628663271":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"3462396855193955025","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15693588426198771472","filters":[{"14":["49466144"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15693588426198771472","filters":[{"14":["49466144"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15693588426198771472","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15693588426198771472","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14114321"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 599409307633963 Show response
connect.facebook.net/signals/config/ 66 KB
13 KB 46ms
44ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/599409307633963?v=2.9.172&r=stable&domain=myaccount.du.ae&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

e50d6d4be266ab5b659e0a22b61e31e4a5e40c3db10a5c6d7fe494e97cedac04

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=74, mss=1232, tbw=67705, tp=65, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 0GSpZBUx4/PLDgqAFl+mqKG0obCuGgldE6DXaWuZlfdKyxU3uNEtNpRHbMSNFQKQH44G1T45obq+fTla6Q/LNg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13219
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 343110853.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 67ms
62ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343110853.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4306555497ea9a321e90c828294b88684bd222fe9c3081752129711d40deaab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BB7AF728E42B4BEEB13514294FEAF254 Ref B: FRA31EDGE0615 Ref C: 2024-10-20T14:39:16Z
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 main.MWMyZjYwMzkyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
95 KB 47ms
45ms Script
application/javascript 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAK6Q7RC77U1E8B1DB1G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

x-cache: TCP_MEM_HIT from a2-23-7-15.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=17
x-tt-trace-id: 00-241017114327ECA869408CABC333F6D5-262346485BD90435-00
content-length: 97074
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241017114327ECA869408CABC333F6D5
server: nginx
x-akamai-request-id: 1b8ae8f9
x-tt-trace-host: 0159593ef14df22c5f6ff9602a87e1262cd744816811202511b6fe92e89a0947d097f41357eedea725529c9c106b2a6132d9776b4904b838d6a6b1701e17e477154b50add59d8bb0aa12e98805a277b073f6454eacd2de7eab5a815e8fa307600b

GET
H2 200 /
www.facebook.com/tr/ 0
126 B 49ms
43ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=599409307633963&ev=PageView&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&rl=&if=false&ts=1729435156503&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729435156500.365074252936886161&ler=empty&cdl=API_unavailable&it=1729435156424&coo=false&rqm=GET

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3256, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 208ms
203ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=599409307633963&ev=PageView&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&rl=&if=false&ts=1729435156503&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729435156500.365074252936886161&ler=empty&cdl=API_unavailable&it=1729435156424&coo=false&rqm=FGET

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427867437046784290"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: CC6OFgMlcLvX8R7G5gIyJZVdFeEMO9HXMtW/aienOTZ436AuoRwDxgRIOopEkzfOYMaFRTZMnJqxtlW/ubfnbA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427867437046784290", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3426, tp=-1, tpl=-1, uplat=161, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 0
bat.bing.net/actionp/ 0
119 B 228ms
78ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=343110853&tm=gtm002&Ver=2&mid=9e00d817-038b-40ff-8ab5-a189771a8f18&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8CE0239D915E412E881E26725598D722 Ref B: FRA31EDGE0608 Ref C: 2024-10-20T14:39:16Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 14:39:16 GMT

GET
H2 200 343110853 Show response
www.clarity.ms/tag/uet/ 744 B
1000 B 457ms
155ms Script
application/x-javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/343110853
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/343110853.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed8d3853275936011bac58c9d082a9b7a6e2ee91f5d0817d67964b8452676952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 744
date: Sun, 20 Oct 2024 14:39:17 GMT
content-type: application/x-javascript
x-azure-ref: 20241020T143916Z-176d4fdd79ch82xmy0gvrmdxe40000000n2g00000001ggnn

GET
H2 204 0
bat.bing.net/action/ 0
346 B 225ms
77ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=343110853&tm=gtm002&Ver=2&mid=9e00d817-038b-40ff-8ab5-a189771a8f18&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=du%20-%20My%20Account&p=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&r=&lt=2788&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=830756
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3ADB02B3C07D4A7F8E25A8DCFCBE224F Ref B: FRA31EDGE0608 Ref C: 2024-10-20T14:39:16Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 20 Oct 2024 14:39:16 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 5A44 0
0 145ms
67ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD&co=aHR0cHM6Ly9teWFjY291bnQuZHUuYWU6NDQz&hl=de&type=image&v=lqsTZ5beIbCkK4uGEGv9JmUR&theme=light&size=invisible&badge=bottomright&cb=ay28bmtnon9

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/js/main.e05c93b0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WyhZs6hg4SF9BIBFonnfQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WyhZs6hg4SF9BIBFonnfQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 14:39:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 46ms
46ms Script
application/javascript 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

x-cache: TCP_MEM_HIT from a2-23-7-15.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-240830022549715656255D15BE8340E8-6B8DB5AF81A94A0F-00
content-length: 39305
date: Sun, 20 Oct 2024 14:39:16 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20240830022549715656255D15BE8340E8
server: nginx
x-akamai-request-id: 1b8aecb0
x-tt-trace-host: 01b91415785712562dcafded52f150554e97ee1cefc9439b45eb7ad5c31212c91437a07b8d48a66d71744d4adab6c816372e7d42b6a47820f5ab52dd3c7e657125de30c06767c3165356727260463b0f9b2aa34d5295b45ad405cc08b80319c174

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
997 B 475ms
143ms Ping
text/plain 23.44.201.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.179 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://myaccount.du.ae/

Response headers

access-control-max-age: 86400
x-cache-remote: TCP_MISS from a23-207-199-41.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-30d892fcde524eb1bee7eeb45111707d) (-)
x-bytefaas-request-id: 2024102014391725C456775E9405AB5FD7
access-control-allow-methods: *
expires: Sun, 20 Oct 2024 14:39:17 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=13, inner; dur=7
x-cache: TCP_MISS from a23-44-200-115.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-30d892fcde524eb1bee7eeb45111707d) (-)
date: Sun, 20 Oct 2024 14:39:17 GMT
content-type: text/plain; charset=utf-8
x-akamai-request-id: 21813f21.432b1154
x-bytefaas-execution-duration: 5.07
access-control-allow-headers: *
x-tt-trace-host: 01b5611c10e67fd7b62b972475fb95eb1ef37240fb29d3217ac12a364ba7184e088307c5f41db5d2be725bb885bc882d41eb34a3642ab6a8b708d50dfcedd8e0f706c7dd2acd7ea3c69575ca9d7c6fda67392e2de21141cdfabc73cd4a3642f780f042db26b5652482f21c6f7846a221ec
x-origin-response-time: 13,23.207.199.41
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-credentials: true
access-control-allow-origin: *
x-tt-trace-id: 00-24102014391725C456775E9405AB5FD7-6B3466853A0EDD2B-00
content-length: 0
x-parent-response-time: 22,23.44.200.115
x-tt-logid: 2024102014391725C456775E9405AB5FD7
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
870 B 206ms
204ms Ping
text/plain 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://myaccount.du.ae/

Response headers

x-cache-remote: TCP_MISS from a23-218-223-88.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 20 Oct 2024 14:39:16 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=59, inner; dur=56
x-cache: TCP_MISS from a2-23-7-15.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sun, 20 Oct 2024 14:39:16 GMT
x-akamai-request-id: 1a63b83.1b8aecf0
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01e68f26c3a9b73ae1f5007f932e91ef323ccdfe916f4d5449d4a27b307e7f7cd59fa06ab0e2253adb2a2bb71df5de9b42ec614e04ec6168a7f512dd21a20dd99d29d7922706575a85cacf6271c8583003f15edab76761b7fa67bf3980c703ae903b0985c5593ad73c4ebbb3a43eca468b
x-origin-response-time: 59,23.218.223.88
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410201439166EAC2F765A87B4B0B2AB-7C0948D97596954E-00
content-length: 0
x-parent-response-time: 146,2.23.7.15
x-tt-logid: 202410201439166EAC2F765A87B4B0B2AB
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
714 B 589ms
581ms Ping
text/plain 2.23.7.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://myaccount.du.ae/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sun, 20 Oct 2024 14:39:17 GMT
server-timing: inner; dur=405, cdn-cache; desc=MISS, edge; dur=12, origin; dur=525
x-cache: TCP_MISS from a2-23-7-15.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sun, 20 Oct 2024 14:39:17 GMT
x-akamai-request-id: 1b8af110
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01e68f26c3a9b73ae1f5007f932e91ef3274d10ebb7006d9d8197553a2d9de9e9ed421bc13522806b1abfcf4b6a3a03b5edffc4ba1c1de73d817de23d80452a0b686f94b4529fb588e94ab456784ab3fdaaeb7d7dccf07be12957e66815d740930
x-origin-response-time: 525,2.23.7.15
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241020143917617BF1513D6DF9B2AB55-67C2E3EE4FA611C0-00
content-length: 0
x-tt-logid: 20241020143917617BF1513D6DF9B2AB55
server: nginx

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.49/ 64 KB
27 KB 129ms
129ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.49/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/343110853
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

x-azure-ref: 20241020T143917Z-176d4fdd79ch82xmy0gvrmdxe40000000n2g00000001ggpa
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCF0FBF8E94E61"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 490d94a4-501e-0029-41e8-2210af000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sun, 20 Oct 2024 14:39:17 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 20 Oct 2024 11:40:18 GMT

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
279 B 414ms
127ms XHR
text/plain 172.175.234.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://myaccount.du.ae/

Response headers

Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin: https://myaccount.du.ae
Date: Sun, 20 Oct 2024 14:39:17 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 906C 0
0 57ms
56ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kBp3rgl_Y6EOKV-aqtbVtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kBp3rgl_Y6EOKV-aqtbVtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Oct 2024 14:39:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 tracck
itp.s2stracking.com/j2/ Frame 0
0 1032ms
892ms Preflight 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itp.s2stracking.com/j2/tracck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://myaccount.du.ae
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8d59c1b19d9b806c-ORD
content-length: 0
date: Sun, 20 Oct 2024 14:39:20 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ek6c8Mow4IuP0QUU0nwNV6xErJW4LeKk4VPM0NgTEtitN1vF319UwVg%2FGYsF7JlxLli7EqBP2OmBtQbuTApyk%2FnAi%2Fu5PAGHzqviw8VgmTZBZj9lVN%2Bi2A%2BqIo9fuwDyVOgYoIED"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=137272&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4167&recv_bytes=4425&delivery_rate=127&cwnd=12000&unsent_bytes=0&cid=8db76b5f1a1235f0&ts=896&x=1" cfExtPri cfHdrFlush;dur=0
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H3 200 tracck Show response
itp.s2stracking.com/j2/ 2 B
745 B 413ms
411ms Fetch
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itp.s2stracking.com/j2/tracck
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://myaccount.du.ae/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORTVH3F%2FbHlPTjSZNETyROu2pvS5NayTc%2Fz%2BLOmG0l0HY0ST6SOfA0VDGzs1Rx6v612hGnr9sjA%2F2Jq1ZfPQ3DoRw6WBQQhjCzG5HFDwuWDgj9fvY5%2B2rg3p%2FfAWGo1Usb3wI9BE"}],"group":"cf-nel","max_age":604800}
expires: 0, 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=136964&sent=15&recv=12&lost=0&retrans=0&sent_bytes=4983&recv_bytes=4909&delivery_rate=5704&cwnd=12000&unsent_bytes=0&cid=8db76b5f1a1235f0&ts=1309&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 20 Oct 2024 14:39:20 GMT
content-type: text/html; charset=utf-8
priority: u=1,i
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache, no-cache
cf-ray: 8d59c1b73a95806c-ORD
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

POST
H3 200 user Show response
userjournies.com/track/ 2 B
738 B 484ms
483ms Fetch
text/html 172.67.132.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userjournies.com/track/user
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Cache-Control: no-cache
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Pragma: no-cache
Content-Type: application/json

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpWu%2Fw7585BB9rIFqHWDx0%2BjVCzH%2BENR2HodFvgaK7GuyAOR%2FPzNzgtbpMvi6Zb4fQxWvVPaorqUVjm01bDxjLQDgple98NxokZ219pwK8sC6WK2ONx1uZ2wCOEQ1y71cP6Q"}],"group":"cf-nel","max_age":604800}
expires: 0, 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=187029&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4970&recv_bytes=5028&delivery_rate=4036&cwnd=12000&unsent_bytes=0&cid=1830187985f4a497&ts=917&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 20 Oct 2024 14:39:23 GMT
content-type: text/html; charset=utf-8
priority: u=1,i
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache, no-cache
cf-ray: 8d59c1c72fdf83f8-LAX
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

OPTIONS
H3 204 user
userjournies.com/track/ Frame 0
0 611ms
428ms Preflight 172.67.132.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userjournies.com/track/user
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.132.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,pragma
Access-Control-Request-Method: POST
Origin: https://myaccount.du.ae
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: cache-control,content-type,pragma
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8d59c1c48d6d83f8-LAX
content-length: 0
date: Sun, 20 Oct 2024 14:39:22 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2ofyhoRLwwKrHMcpvgb79Zz7uJCMGtzb%2BgAMCwlYrOFKy1eefwsPlU2xVUPGIfK56RsZVO0x1mFRTLlk2CFNjhgGVaB9uEucauDHn8yGLtE0pKbLaCzQF4deF0l8K%2Bgf65A"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=178099&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4405&delivery_rate=3308&cwnd=12000&unsent_bytes=0&cid=1830187985f4a497&ts=432&x=1" cfExtPri cfHdrFlush;dur=0
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 55C7 170 B
409 B 188ms
87ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-WHyvmVD8dDRM-czDnohEgUSWBAvm0KcyzitqAA&google_cm&google_hm=ay1XSHl2bVZEOGREUk0tY3pEbm9oRWdVU1dCQXZtMEtjeXppdHFBQQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Sun, 20 Oct 2024 14:39:22 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2 200 sync
x.bidswitch.net/ Frame 55C7 43 B
183 B 153ms
46ms Image
image/gif 35.214.136.108
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-7qKs1FD8dDRM-czDnohEgUSWBAsigyeEJfZowQ&expires=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 55C7
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2608134473358928931

43 B
370 B

47ms
44ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2608134473358928931

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1111026
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2608134473358928931
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: b2e5793c-7153-4fe6-9239-c41ae7441b19
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 20 Oct 2024 14:39:22 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 55C7 43 B
163 B 175ms
50ms Image
image/gif 51.178.195.217
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-6SHVbVD8dDRM-czDnohEgUSWBAtRfRrx3j-0LQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.178.195.217 , France, ASN16276 (OVH, FR),
Reverse DNS: ip217.ip-51-178-195.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

transfer-encoding: chunked
date: Sun, 20 Oct 2024 14:39:21 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 55C7 0
99 B 153ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6tHKWlD8dDRM-czDnohEgUSWBAu6irN55bxFRA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt: 41632
date: Sun, 20 Oct 2024 14:39:22 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 55C7 49 B
342 B 186ms
63ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-mijZHFD8dDRM-czDnohEgUSWBAutnqmURnxIJA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 5
x-content-type-options: nosniff
expires: 0
p3p: CP="CAO PSA OUR"
content-length: 49
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
vary: Accept-Encoding
server: ayl-lb-fra02

GET
H2

200

rum
r.casalemedia.com/ Frame 55C7
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0SQQuVD8dDRM-czDnohEgUSWBAviz-yjV1uQFQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0SQQuVD8dDRM-czDnohEgUSWBAviz-yjV1uQFQ&C=1

43 B
330 B

78ms
70ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0SQQuVD8dDRM-czDnohEgUSWBAviz-yjV1uQFQ&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnPWXKcgldm%2B2vvmxXC%2BmlgTHJ3QKTO1hS%2BSgFD%2BK2198%2BNb2wRRoXgPPNlyVBGkDy%2BlXJh%2FXRX4q60EPYJbh6ikteaniuaomEV2nw30YczWQHImPVOgT4cOLH0jsVplAdKo"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d59c1c43ae5727e-HAM
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache
location: /rum?cm_dsp_id=20&external_user_id=k-0SQQuVD8dDRM-czDnohEgUSWBAviz-yjV1uQFQ&C=1
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V882F9h66mMpRC2kRKLS%2Fgng8dMK9A5SoI0gNuxAHmWIlosqGIxCRj1VOE61IpSTf8tmw50xjIggN3OOdbLpFl7VlcJKcvdqgeELFIknez2hDLma1v7lwRKakESjwZG3LSWl"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d59c1c3ba05727e-HAM
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Sun, 20 Oct 2024 14:39:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 55C7
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=_rFSVEOpdBVCQa2ycpzIUP9pT4UgpioR
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_rFSVEOpdBVCQa2ycpzIUP9pT4UgpioR

42 B
718 B

58ms
58ms

Image
image/gif

52.210.96.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_rFSVEOpdBVCQa2ycpzIUP9pT4UgpioR

Protocol

Server

52.210.96.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-96-13.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v067-0473b926e.edge-irl1.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: hLlADPB+SQM=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=_rFSVEOpdBVCQa2ycpzIUP9pT4UgpioR
dcs: dcs-prod-irl1-1-v067-007596d29.edge-irl1.demdex.com 0 ms
pragma: no-cache
x-tid: FJYofaimSaI=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sun, 20 Oct 2024 14:39:22 GMT

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 55C7 43 B
1 KB 138ms
41ms Image
image/gif 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-aPgibVD8dDRM-czDnohEgUSWBAvHIE4epNaJag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 match
ad.360yield.com/ Frame 55C7 43 B
199 B 194ms
57ms Image
image/gif 54.171.69.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-2dMg8VD8dDRM-czDnohEgUSWBAvbNS0Ev55K3w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.171.69.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-69-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin: *
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif

GET
H2 200 sync
matching.ivitrack.com/ Frame 55C7 42 B
265 B 150ms
50ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-NG5RLVD8dDRM-czDnohEgUSWBAsx1vc7ibQnYw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
server: istio-envoy

GET
H2 200 cksync.php
contextual.media.net/ Frame 55C7 61 B
817 B 188ms
90ms Image
image/gif 23.52.120.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-r2xJVVD8dDRM-czDnohEgUSWBAtYl3KNbQhfxQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-120-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
expires: Sun, 20 Oct 2024 14:39:22 GMT
x-mnet-hl2: E
alt-svc: h3=":443"; ma=93600
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length: 61
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
server: Apache

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 55C7 0
882 B 134ms
42ms Image
text/html 52.58.152.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-tHeAY1D8dDRM-czDnohEgUSWBAvw9LzL_4hSkg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.152.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-152-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, no-cache
content-encoding: gzip
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 55C7 43 B
422 B 551ms
234ms Image
image/gif 54.144.83.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-4izqX1D8dDRM-czDnohEgUSWBAtXhYTlqIpIlw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.83.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-83-91.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 43
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
server: nginx

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 55C7 0
218 B 416ms
120ms Image
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZKOJHlD8dDRM-czDnohEgUSWBAvhD09x7Ik76g&initiator=partner

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 0
date: Sun, 20 Oct 2024 14:39:22 GMT
x-traceid: dfb83954718abc377a4dba0a09d0d80b

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 55C7 0
225 B 150ms
42ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Nhd3j1D8dDRM-czDnohEgUSWBAuopmOToVrxFg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding: gzip
date: Sun, 20 Oct 2024 14:39:21 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 55C7 0
239 B 181ms
42ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-0LfeBlD8dDRM-czDnohEgUSWBAsvFXgtRX54Fg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 7d6e3b6fefbbeb4d018118d74243a2fc
Pragma: no-cache
Content-Type: image/gif

GET v1
match.sharethrough.com/sync/ Frame 55C7 0
0

GET
H2 200 um
criteo-sync.teads.tv/ Frame 55C7 23 B
163 B 270ms
63ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-Vwg-11D8dDRM-czDnohEgUSWBAsywUpRXjsB7Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

expires: Sun, 20 Oct 2024 14:39:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
pragma: no-cache
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
server: pekko-http/1.0.1

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 55C7 43 B
399 B 489ms
124ms Image
image/gif 2600:1f18:612b:4280:7142:e7da:8b9:e6d5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-IkTJxFD8dDRM-czDnohEgUSWBAsnuAhiesA95g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:7142:e7da:8b9:e6d5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif
server: nginx

GET
H2 200 xuid
eb2.3lift.com/ Frame 55C7 37 B
140 B 212ms
40ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-W-t2pVD8dDRM-czDnohEgUSWBAsWy4D1siOu6A&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 55C7 0
235 B 193ms
55ms Image
text/plain 23.213.165.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-74sOwFD8dDRM-czDnohEgUSWBAsq1Ci_WEoavg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Expires: Sat, 19 Oct 2024 14:39:22 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Date: Sun, 20 Oct 2024 14:39:22 GMT
Connection: keep-alive

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 55C7 0
38 B 351ms
53ms Image
text/plain 99.80.210.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-aBYpS1D8dDRM-czDnohEgUSWBAsvPMtPsWSs1g&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.210.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-210-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

date: Sun, 20 Oct 2024 14:39:22 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 55C7 0
44 B 139ms
39ms Image
text/plain 3.124.72.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-3njXo1D8dDRM-czDnohEgUSWBAvnVodmpkmRdA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.72.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-72-5.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

date: Sun, 20 Oct 2024 14:39:22 GMT
server: awselb/2.0

GET
H2

200

RX-51d000c9-1959-4f3e-9561-22b1e2f41dc7-003
sync.targeting.unrulymedia.com/csync/ Frame 55C7
Redirect Chain

https://sync.1rx.io/usersync/criteodsp/k-_60e01D8dDRM-czDnohEgUSWBAs8BAWWvfDjyA
https://sync.1rx.io/usersync/criteodsp/k-_60e01D8dDRM-czDnohEgUSWBAs8BAWWvfDjyA?zcc=1&cb=1729435162732
https://sync.targeting.unrulymedia.com/csync/RX-51d000c9-1959-4f3e-9561-22b1e2f41dc7-003

43 B
378 B

158ms
48ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-51d000c9-1959-4f3e-9561-22b1e2f41dc7-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Sun, 20 Oct 2024 14:39:22 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-51d000c9-1959-4f3e-9561-22b1e2f41dc7-003
date: Sun, 20 Oct 2024 14:39:22 GMT
pragma: no-cache
content-type: text/html

GET
H2 200 adrum-ext.5af4efac0bb62cd6a369676618596c4a.js Show response
cdn.appdynamics.com/ 50 KB
16 KB 41ms
40ms Script
text/javascript 3.160.150.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.appdynamics.com/adrum-ext.5af4efac0bb62cd6a369676618596c4a.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-128.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

577f961869445c9b84603a4d2e76072ca2bd4a67637e84640b41bc5f24fc20cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000, immutable
content-encoding: br
etag: W/"43e2b3b8d90d647794f43b97ec4777ed"
age: 49153
cross-origin-resource-policy: cross-origin
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 9x5sdFEniGttis9t7GOEPhhPMo98RnxPK5IepU38Rd9fN9Kz6vyNqA==
date: Sun, 20 Oct 2024 01:00:09 GMT
content-type: text/javascript
last-modified: Fri, 15 Feb 2019 18:45:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
vary: Accept-Encoding, Origin

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 41ms
40ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=890795050&t=timing&_s=2&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ul=de-de&de=UTF-8&dt=du%20-%20My%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=9036&pdt=3&dns=487&rrt=0&srt=179&tcp=314&dit=1037&clt=2787&_gst=3158&_gbt=3316&_u=YCDAgEABAAAAAGAEK~&jid=&gjid=&cid=721764025.1729435155&tid=UA-407073-6&_gid=482417373.1729435156&gtm=45He4ah0n71PK3S7Mv6507099za200&cd17=EN&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101836706&cd3=721764025.1729435155&npa=1&z=1695968773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/

Response headers

age: 38177
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 20 Oct 2024 04:03:05 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H/1.1 200 favicon.png
myaccount.du.ae/webapp/ 4 KB
5 KB 180ms
179ms Other
image/png 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

0a2dc6f130f290ca8a7f1b48bee079fd3e035d244b959ee0dff7ec60d5d243a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
expires: Mon, 25 Aug 2025 01:44:37 GMT
p3p: CP="NON DSP COR CURa TIA"
date: Sun, 20 Oct 2024 14:39:22 GMT
last-modified: Mon, 23 Sep 2024 01:44:37 GMT
vary: Accept-Encoding,User-Agent
content-type: image/png
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4118
x-xss-protection: 1; mode=block
server: Apache

GET
H2 200 setuid
ib.adnxs.com/ Frame 55C7 43 B
1 KB 57ms
57ms Image
image/gif 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-dn7pGVD8dDRM-czDnohEgUSWBAutmxWNhpnz3A

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 80.255.7.107; 80.255.7.107; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 1d103621-9cfa-41fd-b2bb-f71a229bf56c
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 20 Oct 2024 14:39:22 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

GET
H/1.1 200 favicon.ico
myaccount.du.ae/webapp/ 4 KB
5 KB 181ms
180ms Other
image/x-icon 94.203.234.2
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.203.234.2 Abu Dhabi, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

0a2dc6f130f290ca8a7f1b48bee079fd3e035d244b959ee0dff7ec60d5d243a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://myaccount.du.ae/webapp/en/quick-pay

Response headers

strict-transport-security: max-age=157680000
cache-control: max-age=2419200, public
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="NON DSP COR CURa TIA"
content-length: 4118
date: Sun, 20 Oct 2024 14:39:22 GMT
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Sep 2024 01:44:37 GMT
vary: Accept-Encoding,User-Agent
server: Apache
content-type: image/x-icon
x-frame-options: SAMEORIGIN, SAMEORIGIN

POST
H2 200 du Show response
ingesteu.quantummetric.com/horizon/ Frame A9A0 90 B
245 B 187ms
65ms Fetch
application/json 34.79.52.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingesteu.quantummetric.com/horizon/du?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1729435162186&v=1729435162726&S=0&N=0&P=0&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.79.52.164 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

164.52.79.34.bc.googleusercontent.com

Software

Resource Hash

70d1f934a907392c40995aeb49b99a33c7c8c64a83b026b5447bf04526e6ed44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://myaccount.du.ae
content-length: 90
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 du
ingesteu.quantummetric.com/horizon/ Frame A9A0 0
0 116ms
108ms Fetch
application/json 34.79.52.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingesteu.quantummetric.com/horizon/du?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1729435162186&v=1729435162923&H=1a161567fbbf06dab65eea60&s=d4a1fbb0f11b8debcbb69eb108871777&Q=1&Y=1&X=79410212a9154a83b458754357ccc868&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.79.52.164 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

164.52.79.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://myaccount.du.ae
content-length: 0
date: Sun, 20 Oct 2024 14:39:23 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 du
ingesteu.quantummetric.com/horizon/ Frame A9A0 0
0 63ms
61ms Fetch
application/json 34.79.52.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingesteu.quantummetric.com/horizon/du?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1729435162186&v=1729435162931&H=1a161567fbbf06dab65eea60&s=d4a1fbb0f11b8debcbb69eb108871777&U=5076e4666c7cff2f7b03ebcd4eb84d6a&Q=2&S=0&N=0&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.79.52.164 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

164.52.79.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://myaccount.du.ae
content-length: 0
date: Sun, 20 Oct 2024 14:39:22 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 du
ingesteu.quantummetric.com/horizon/ Frame A9A0 0
0 68ms
66ms Fetch
application/json 34.79.52.164
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingesteu.quantummetric.com/horizon/du?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1729435162186&v=1729435163000&H=1a161567fbbf06dab65eea60&s=d4a1fbb0f11b8debcbb69eb108871777&S=1142&N=4&P=1&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.79.52.164 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

164.52.79.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://myaccount.du.ae
content-length: 0
date: Sun, 20 Oct 2024 14:39:23 GMT
content-type: application/json
access-control-allow-credentials: true

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
279 B 128ms
127ms XHR
text/plain 172.175.234.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://myaccount.du.ae/

Response headers

Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin: https://myaccount.du.ae
Date: Sun, 20 Oct 2024 14:39:23 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

POST adrum
eum.du.ae/eumcollector/beacons/browser/v1/EUM-AAB-AUB/ 0
0

OPTIONS hash-check
rl.quantummetric.com/du/ Frame 0
0

POST hash-check
rl.quantummetric.com/du/ Frame A9A0 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.sharethrough.com
URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-5okjFFD8dDRM-czDnohEgUSWBAvBx9qWQyl_cQ

Domain: eum.du.ae
URL: https://eum.du.ae/eumcollector/beacons/browser/v1/EUM-AAB-AUB/adrum

Domain: rl.quantummetric.com
URL: https://rl.quantummetric.com/du/hash-check

Domain: rl.quantummetric.com
URL: https://rl.quantummetric.com/du/hash-check

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 00:25:21	Name: X-AB Value: cc8f398e6c2d4b84b15908c5e6ccf9a3
www.google.com/recaptcha	1970-01-21 04:43:07	Name: _GRECAPTCHA Value: 09AGteOyrxk8ZBx6FZLO1f0BLByTgXm32j3WR3cOE2kvDIKi9lT4xo4Tz_mE3nJUAeYlNFoDAyoHCyctsavig1XOk
myaccount.du.ae/servlet	1969-12-31 23:59:59	Name: JSESSIONID Value: "ENCAAAAAAUC3oLwS7DqCp3dcmoy2p3nx9wll+xaWxB5BL2QyVGifHs4q7cOolRmzSbH2ZrtiMdiSyCaDZv55fCsym5LFREZq4ZHv/2Rnxzxz6L1zzP3z8D56Hz/Sr2rNFhOxktuSpKZX7OqSs+NZbPLyLLNU6/u"
myaccount.du.ae/	1969-12-31 23:59:59	Name: 54e6ef1e44ecf3bdd6a3100628da47fb Value: "ENCAAAAAAWHCVDAnfSFE4/wRDB7SqecAH/R4mWR/4bMlQ16Q7PchydUvKrkTKREiIHHnQRCVJWJbUK9sUFbe9zqjow8VQMZ0tMRRIDzzcJ57MLPhn4OqQ=="
.du.ae/	1970-01-21 09:53:41	Name: _scid Value: wE4zB9Cz3r-1sIAaVzUvO9tT_4GHT1mg
.du.ae/	1970-01-21 09:53:41	Name: _scid_r Value: wE4zB9Cz3r-1sIAaVzUvO9tT_4GHT1mg
track.omguk.com/	1970-01-21 01:50:22	Name: OMG-Channel-2354084 Value: Channel%3D
track.omguk.com/	1970-01-21 01:50:22	Name: OMGID Value: UUserID%3D%7Bc087c9f2-4654-42a5-9bab-b6b958f72de0%7D%26ReadCount%3D1
track.omguk.com/	1970-01-21 00:23:56	Name: OMGSession Value: SessionID%3D6bda1d2a9ede45509f36cc9d464b5d83%26SessionCount%3D1
.du.ae/	1970-01-21 00:33:59	Name: _ScCbts Value: %5B%5D
.criteo.com/	1970-01-21 09:45:31	Name: uid Value: 3bb43595-a669-412e-bfa7-66f326f181b4
.criteo.com/	1970-01-21 09:45:31	Name: receive-cookie-deprecation Value: 1
.du.ae/	1970-01-21 09:53:19	Name: cto_bundle Value: SWO67V8xMGppSmNBYkpydEU2eXU0T3pTTVFYQ3QlMkJ0bGJHR0JhMk53dlNWU3BleFB2MlJhazRyT0drZEVSa1lraUtybWJKbm5RdmRQR2FBYmNSZTlvcVBvTFNSY01zVkg2Wk1DdmFYQVVNJTJGRkNHN2tNSDJJRDdFVjYzYVh2eVclMkI5STFBTzZvNEdDSjgwem00YVNwUHVzZ1FHREElM0QlM0Q
.du.ae/	1970-01-21 02:33:31	Name: _gcl_au Value: 1.1.1869593259.1729435156
.du.ae/	1970-01-21 09:59:55	Name: _ga Value: GA1.2.721764025.1729435155
.du.ae/	1970-01-21 00:25:21	Name: _gid Value: GA1.2.482417373.1729435156
.du.ae/	1970-01-21 00:23:55	Name: _dc_gtm_UA-407073-6 Value: 1
.tiktok.com/	1970-01-21 09:45:31	Name: _ttp Value: 2nhpRqQ16DLB0wAnXcflK86ZNxS
.du.ae/	1970-01-21 02:33:31	Name: _fbp Value: fb.1.1729435156500.365074252936886161
.adnxs.com/	1970-01-21 02:33:31	Name: XANDR_PANID Value: xHN2YX6pPf32rmXpgYCcHKNLBcLAIaWL6gLhD4b0t7IZE47LybcyGVaSa7Gf3S7x3ssRR4jxg2zBAktoK-SiXC0vIz9RnEbl9Y_DEXvvIxE.
.adnxs.com/	1970-01-21 09:59:55	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:33:31	Name: uuid2 Value: 2608134473358928931
.doubleclick.net/	1970-01-21 01:07:07	Name: ar_debug Value: 1
.linkedin.com/	1970-01-21 00:25:21	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=3326:u=1:x=1:i=1729435156:t=1729521556:v=2:sig=AQFkPPasdhE_9jj7Ap8Mrt1kw2UKCBp7"
.linkedin.com/	1970-01-21 09:09:31	Name: bcookie Value: "v=2&e3480531-31b5-4a2a-808d-dbeb787943c4"
.linkedin.com/	1970-01-21 04:43:07	Name: li_gc Value: MTswOzE3Mjk0MzUxNTY7MjswMjHWsxEsQjmCvgR/57tAtm1h5qTt8hpBA4oyCI572Svb5A==
.doubleclick.net/	1970-01-21 09:45:31	Name: IDE Value: AHWqTUnyqbkjWJIP9HZD_w2v5qFCvZi2z_9ilRkBtMvJsjJ4fidB-d_n-njJOC4fdvE
.doubleclick.net/	1970-01-21 04:43:07	Name: receive-cookie-deprecation Value: 1
.twitter.com/	1970-01-21 09:59:55	Name: guest_id_marketing Value: v1%3A172943515653882182
.twitter.com/	1970-01-21 09:59:55	Name: guest_id_ads Value: v1%3A172943515653882182
.twitter.com/	1970-01-21 09:59:55	Name: personalization_id Value: "v1_PD9rfefXZZbccv9SALgeww=="
.twitter.com/	1970-01-21 09:59:55	Name: guest_id Value: v1%3A172943515653882182
.du.ae/	1970-01-21 09:45:31	Name: _tt_enable_cookie Value: 1
.du.ae/	1970-01-21 09:45:31	Name: _ttp Value: jERqxjfkfw2uyyNjA3M0ekQDhB3
.t.co/	1970-01-21 09:59:55	Name: muc_ads Value: ae8be10c-1a5f-497b-a1a7-c02e4ec8e8ea
.t.co/	1970-01-21 00:23:56	Name: __cf_bm Value: uUGkxvcNG.IPzyaoTzmYVuNO0mUCtARPrDXFVRtzgI8-1729435156-1.0.1.1-UlC1tt4jeTWQinil5uNIej9mWZLn_HUnOY_5Q_kJq.ON3vc6AW6Z8s0i2wdvfDKWs6ccuz7BdwIkoRH1gPQw9w
trk.adbutter.net/	1970-01-21 01:07:07	Name: apx_seg36774993 Value: 1
trk.adbutter.net/	1970-01-21 01:07:07	Name: apx_conv1770837 Value: 1
myaccount.du.ae/	1970-01-21 00:23:55	Name: SameSite Value: "ENCAAAAAAXy8GPdY/1XHlDMcJOUANu1SkZLtTjBPq2GiqxMOtE+Z6bHt3vuPvCPstQrSTQb2kM="
myaccount.du.ae/	1970-01-21 00:23:55	Name: ADRUM_BTa Value: "ENCAAAAAAWMKOx1jIrM/o3Aw24QzLmbANHmrddiANym7du73bCnoI4FJQIUi1xeja/UrMPW1PFvfC9Z9fyvJ14OK1DtDE3KZJwWdK6YM+M2Nw5k+d5G7l++ui3CF+JDIeHbc45C+JbYfIZezNSGkzD7/ZYA5Eow8uwRoCWK9qZvnlzq5genyfvkvrjC9wiaAfMR+vaZzJA="
myaccount.du.ae/	1970-01-21 00:23:55	Name: ADRUM_BT1 Value: "ENCAAAAAAUtboa4vJdEhUc3ouFJX1D8Lv3P+h2cMsYNR5dS1K7wG1CnyY84rrhfnsped+xmww0FvbM/TZ/1iC3+QLrJSXkn"
myaccount.du.ae/	1970-01-21 01:07:07	Name: s2stracking Value: b1217262-3df0-4604-a486-12b9b3fe4e3c
myaccount.du.ae/	1970-01-21 01:07:07	Name: userjournies Value: d825718e-7d52-4c58-be92-0b26d2132f58
.du.ae/	1970-01-21 09:59:55	Name: _ga_PSF2QWHVDC Value: GS1.1.1729435154.1.0.1729435162.52.0.0
.criteo.com/	1970-01-21 09:45:31	Name: cto_bundle Value: V4HP_19PczclMkZKakpjd25taUhkVkQyelRpQUdQbHRWdW4lMkZFQUdnVGw5JTJCTm1mRmh0JTJGd2IyeVQlMkZGeWIycjFqUDFkY05pTk8wY1loMVNSSDhuY29ZM1BnREYxaUd0Y2hxeUlHdHdUNkJ5RnBDUmFLSjRoaGVpbVBzTXVLS2hzNVFJT200UWY
.casalemedia.com/	1970-01-21 09:09:31	Name: CMID Value: ZxUWGlVbLawAAAk.AGwkqAAA
.casalemedia.com/	1970-01-21 02:33:31	Name: CMPS Value: 3358
.casalemedia.com/	1970-01-21 02:33:31	Name: CMPRO Value: 3358
.omnitagjs.com/	1970-01-21 01:07:07	Name: ayl_visitor Value: e5873c0f727fd694b7438f7e9c2a57b9
exchange.mediavine.com/	1970-01-21 00:44:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2218a36a40-8ef1-11ef-9261-7fc23650ae9f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:44:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2218a36a40-8ef1-11ef-9261-7fc23650ae9f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:44:04	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2218a36a40-8ef1-11ef-9261-7fc23650ae9f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:44:04	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2218a36a40-8ef1-11ef-9261-7fc23650ae9f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-21 00:44:04	Name: criteo Value: %7B%22id%22%3A%22k-tHeAY1D8dDRM-czDnohEgUSWBAvw9LzL_4hSkg%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-21 09:09:31	Name: visitor-id Value: 3724367629085906000V10
.media.net/	1970-01-21 01:07:07	Name: data-c-ts Value: 1729435162
.media.net/	1970-01-21 01:07:07	Name: data-c Value: k-r2xJVVD8dDRM-czDnohEgUSWBAtYl3KNbQhfxQ~~3
.demdex.net/	1970-01-21 04:43:07	Name: demdex Value: 71790704747546724461018982754399808113
.dpm.demdex.net/	1970-01-21 04:43:07	Name: dpm Value: 71790704747546724461018982754399808113
myaccount.du.ae/	1970-01-21 00:23:55	Name: NSC_TFMGDBSF_TTM_443 Value: "ENCAAAAAAVrgFso+COxGWHsWsqQK1RySTboemnlboAycQrCITR1aGFJ3mPB25RNHf0pTJOquSKIb/Cqg/h2IfLMhNlVzSnftQMfYDXwB5YY7THJk2w9UubIJRZXYoSh7im69GhcTBRqHJA9WC6J5GcS7tI0i8KS"
myaccount.du.ae/	1970-01-21 00:23:55	Name: NSC_TFMGDBSF_TTM_443_OFX Value: "ENCAAAAAAX9MqWqmzmtqesxVaj+0M74WtlLJl6G76R53+4x+oO1TQi2mSThm2wF1xPAalcCjSK4RC9q3SvmHYwjoYFn+NVAyOa9J//W51oOypReA0TRBTd83jvQiSonD2CO07JeJzqm8wVPc6aRd2nqY2Unr/U9"
.adnxs.com/	1970-01-21 02:33:31	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2GVIejtlB!fst<%b+2Jo5i@?nrTu!>!$4II#D$u<=#y/jT65jfnn#P=g1`GKF/8ifkToGg>*L746SE!`LBYE5D8-@P)[Q]P)j.gX668/
.1rx.io/	1970-01-21 09:09:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-51d000c9-1959-4f3e-9561-22b1e2f41dc7-003%22%7D
.postrelease.com/	1970-01-21 09:09:31	Name: opt_out Value: 1
.tremorhub.com/	1970-01-21 09:09:52	Name: tvid Value: b41844b3f4b342358ab686c80b884feb
.tremorhub.com/	1970-01-21 01:07:07	Name: tv_UICR Value: k-IkTJxFD8dDRM-czDnohEgUSWBAsnuAhiesA95g
.du.ae/	1970-01-21 00:23:56	Name: QuantumMetricSessionID Value: d4a1fbb0f11b8debcbb69eb108871777
.du.ae/	1970-01-21 09:09:31	Name: QuantumMetricUserID Value: 5076e4666c7cff2f7b03ebcd4eb84d6a
.targeting.unrulymedia.com/	1970-01-21 09:09:31	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-51d000c9-1959-4f3e-9561-22b1e2f41dc7-003%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14114321.fls.doubleclick.net
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
bat.bing.net
cdn.appdynamics.com
cdn.quantummetric.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
eum.du.ae
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
ingesteu.quantummetric.com
itp.s2stracking.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
myaccount.du.ae
n.clarity.ms
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
region1.analytics.google.com
rl.quantummetric.com
rtb-csync.smartadserver.com
sc-static.net
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
t.co
tr.snapchat.com
tr6.snapchat.com
track.omguk.com
userjournies.com
visitor.omnitagjs.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
eum.du.ae
match.sharethrough.com
rl.quantummetric.com
104.18.11.213
104.18.36.155
104.244.42.3
13.107.42.14
13.248.245.213
141.226.228.48
142.250.181.227
142.250.184.230
142.250.185.134
142.250.185.68
142.250.185.98
142.250.186.35
142.250.186.78
146.75.120.157
157.240.252.13
162.159.140.229
162.19.138.118
172.175.234.12
172.67.132.130
178.250.1.9
185.255.84.153
185.89.210.20
188.114.97.3
198.47.127.205
2.18.161.51
2.23.7.34
2001:4860:4802:32::36
216.58.206.40
23.213.165.82
23.44.201.179
23.52.120.27
2600:1f18:612b:4280:7142:e7da:8b9:e6d5
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:bdf::64
2620:1ec:c11::237
2a00:1450:4001:806::2008
2a00:1450:4001:828::200e
2a00:1450:400c:c1d::9a
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:10::210:a99
2a03:2880:f177:83:face:b00c:0:25de
3.124.72.5
3.160.150.128
3.163.248.4
34.117.157.22
34.79.52.164
35.190.43.134
35.214.136.108
46.228.174.117
51.178.195.217
52.209.37.110
52.210.96.13
52.58.152.190
54.144.83.91
54.171.69.160
69.173.144.139
70.42.32.127
94.203.234.2
99.80.210.41
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
0a2dc6f130f290ca8a7f1b48bee079fd3e035d244b959ee0dff7ec60d5d243a2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e9946930825f59fa538bd840a51c3fb376bc566cf6b50c070805f30ccff7e71
10d013498cb7e80a9a9c39fc8d30602c235483a226d41755b1188e22d86058ca
12b202bf544bcf07c2a1518593744311d84ad54b4efba0e9c6130afa89e0fa63
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
167eefb4678a2d71c271ac837ccf4026464a7829163dbf3556f04a91064f085b
1a816e9dc211c37e763505eb70bf524eed8db8cc268f956345a5bdad8bc88604
1ab02df07901d819d0c788c848900659d00f14e37971a25d9236d4a2bcf00437
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22da92d2d0ed9dd76507088702badb488453899d661b7c5cbb4ccf94c6ea0efe
28bd53cec442bda2a970bfd4d1b058fd202cbd3438c05550f4c949fe5f6f3918
31f633ffb1cded2c62b7331f92ed3c15da2ef41e3d2d3c20d8a80e4aaaa4f321
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
40e28b2f4a2938ce949aac4c5b0e45e60083f4a631b607a03d629b3286427758
4306555497ea9a321e90c828294b88684bd222fe9c3081752129711d40deaab3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a24c30b0539bb73800bbce76781f9eca46be9a87c22bf5ba0c13b84a0158f90
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577f961869445c9b84603a4d2e76072ca2bd4a67637e84640b41bc5f24fc20cf
5a24e19d08ab6d31b2d790989bd01fa9fd2b521d42152f77bcaed800adbbe1b0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fb89b9b4777899a66f229fe91f71ab2ebaf8f37be14d18b5a77c55307944475
70d1f934a907392c40995aeb49b99a33c7c8c64a83b026b5447bf04526e6ed44
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
8257d5a78bc54902d7af44125a9adb813b495d3a5dea731a8a565f55dc2d6bd1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
894508d7ce6aaabbf0501875a6f211e1f46e52d95797697aef36f7d37181c51d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8c7cc1c811e9233ca2180e1a2ddc8c23a2c2941f68e202c8a0ff2a4156a10cc0
90809b509d33d74aea99990102c5cc60ed19e9fec7f05f82a12b9fe99a35c4bb
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
95252dc7fa29cefd4d6ca742d89193cdc773d9842c358ee4caff4cf9d7254e48
984bc8c91a0bb9498f4bfd59db79215c02c5a4c4da1184896c65477560672a2e
9f2010e151c7fd5b5de10d514b5fdf57aad1dda0bc76d897d62441f9fe7ea372
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5969316a8a10866152cbac5ab0d0bd80688fc4b47d6627c94b43419b56cf833
a5d60d669a70430001607b729944c0ee6a4b4bd186364d599e3add057dd93630
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
ac63bd0ec4d73b90237949f24859de711328276f21a41b18b4248759deff16fa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae663f7733f0aac1c25cbf0d449180f98fb52fcf233efcb3bfa9e6df7145baa5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3529f883571c4250e024ed3d93afddf83a87b5a76b6ef025cd086b57bfa988b
b7b05ad1c3a308d4781fb953d46080e6ee5bfbacb166eb0e807105f3fefc79fa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c73f9896c3c0708f5bcb1342b54cfd3dd65ef8082c394fe2a50096c1abf8b2e5
cf6dee205e57ac6cda73caf1d766d8d3955af0f7590a766380e74db47aa5671e
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d9abd6b9645c8e709747fe863b510cb8b7282a1c692e44264d46ea70cb707573
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0cb0e85b4978adc8810c77b70112b853e28fe8b3e4eb4a9cb038426fa7baf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50d6d4be266ab5b659e0a22b61e31e4a5e40c3db10a5c6d7fe494e97cedac04
e72944b40f2b0a6a7f2310df4fbf98b3305bc9e16a8d335353aecd9c147b44ba
ed8d3853275936011bac58c9d082a9b7a6e2ee91f5d0817d67964b8452676952
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f31a9d40f653d51496043a01b33e63ed4a35efb3508601c5e89cb127605208f0
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
f613a19c2c0474befde6e48fe65b446dfb1d1a78b99ffcb0a39b0fc1f7086462
ffaf3b7f34955e1c40b72cab3f9c84a08869774c525b76cbca16dc4b08593b08

myaccount.du.ae Open in urlscan Pro 94.203.234.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

91 %HTTPS

21 %IPv6

52 Domains

66 Subdomains

62 IPs

9 Countries

2539 kBTransfer

4906 kBSize

69 Cookies

6 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myaccount.du.ae Open in urlscan Pro
94.203.234.2 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

91 %
HTTPS

21 %
IPv6

52
Domains

66
Subdomains

62
IPs

9
Countries

2539 kB
Transfer

4906 kB
Size

69
Cookies

114 HTTP transactions
2 data transactions