myaccount.du.ae Open in urlscan Pro
5.32.4.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://myaccount.du.ae/webapp/en/quick-pay
Submission Tags: falconsandbox
Submission: On January 18 via api (January 18th 2024, 6:47:08 pm UTC) from US — Scanned from DE

Summary HTTP 156 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 72 IPs in 11 countries across 58 domains to perform 156 HTTP transactions. The main IP is 5.32.4.153, located in Dubai, United Arab Emirates and belongs to DU-AS1, AE. The main domain is myaccount.du.ae.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 15th 2023. Valid for: a year.

This is the only time myaccount.du.ae was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	5.32.4.153 5.32.4.153	15802 (DU-AS1) (DU-AS1)
7	2a02:6ea0:e80... 2a02:6ea0:e800::5	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
6 12	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
2	18.66.248.129 18.66.248.129	16509 (AMAZON-02) (AMAZON-02)
5	2.23.7.41 2.23.7.41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.252.165.148 34.252.165.148	16509 (AMAZON-02) (AMAZON-02)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	34.107.173.171 34.107.173.171	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 5	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	34.107.149.195 34.107.149.195	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.16.100.161 2.16.100.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
5	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	52.224.189.152 52.224.189.152	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f11... 2a03:2880:f113:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	52.59.145.139 52.59.145.139	16509 (AMAZON-02) (AMAZON-02)
1	23.32.184.20 23.32.184.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	89.149.192.201 89.149.192.201	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.19.104.4 2.19.104.4	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	23.36.163.16 23.36.163.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.65.124.66 188.65.124.66	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 2	54.154.75.101 54.154.75.101	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	3.248.133.210 3.248.133.210	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.28.172.205 52.28.172.205	16509 (AMAZON-02) (AMAZON-02)
1	52.48.249.53 52.48.249.53	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.157.200.172 18.157.200.172	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.32.185.192 23.32.185.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	52.31.7.212 52.31.7.212	16509 (AMAZON-02) (AMAZON-02)
1	5.32.4.235 5.32.4.235	15802 (DU-AS1) (DU-AS1)
5	34.76.43.190 34.76.43.190	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.66.3.160 34.66.3.160	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
156	72

13 5.32.4.153 (Dubai, United Arab Emirates)

ASN15802 (DU-AS1, AE)

myaccount.du.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6ea0:e800::5 (Istanbul, Turkey)

ASN60068 (CDN77 ^_^, GB)

f1-as.readspeaker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.198 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

12094659.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
13303464.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8468600.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10162949.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10089018.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12709077.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-129.dus51.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.7.41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-7-41.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.165.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-165-148.eu-west-1.compute.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

i.l-dsp.inmobicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.173.171 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 171.173.107.34.bc.googleusercontent.com

consentag.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f013:d:face:b00c:0:3 (Helsinki, Finland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.149.195 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 195.149.107.34.bc.googleusercontent.com

webtrafficsource.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.100.161 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-100-161.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

i.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.224.189.152 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

advertiser.inmobiapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f113:81:face:b00c:0:25de (Helsinki, Finland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.145.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-145-139.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.201 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.104.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.36.163.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-16.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.75.101 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-75-101.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.133.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-133-210.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.172.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-172-205.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.249.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-249-53.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.200.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-200-172.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-192.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.7.212 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-7-212.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.32.4.235 (Dubai, United Arab Emirates)

ASN15802 (DU-AS1, AE)

eum.du.ae	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.76.43.190 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 190.43.76.34.bc.googleusercontent.com

du-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.66.3.160 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 160.3.66.34.bc.googleusercontent.com

rl.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	doubleclick.net 7 redirects 12094659.fls.doubleclick.net 13303464.fls.doubleclick.net 8468600.fls.doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 415 10162949.fls.doubleclick.net 10089018.fls.doubleclick.net — Cisco Umbrella Rank: 777145 12709077.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	8 KB
15	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98	105 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	738 KB
14	du.ae myaccount.du.ae eum.du.ae	1 MB
9	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2356 du-app.quantummetric.com rl.quantummetric.com — Cisco Umbrella Rank: 3769	91 KB
9	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4057 gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123 sslwidget.criteo.com — Cisco Umbrella Rank: 2254 dis.criteo.com — Cisco Umbrella Rank: 608	33 KB
7	ctnsnet.com cdn.ctnsnet.com — Cisco Umbrella Rank: 28748 i.ctnsnet.com — Cisco Umbrella Rank: 8331	1 KB
7	readspeaker.com f1-as.readspeaker.com — Cisco Umbrella Rank: 399533	76 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	146 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6518 adservice.google.de — Cisco Umbrella Rank: 14609	1 KB
4	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	2 KB
4	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 564	3 KB
3	webtrafficsource.com webtrafficsource.com — Cisco Umbrella Rank: 66457	874 B
3	consentag.eu consentag.eu — Cisco Umbrella Rank: 25287	10 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1743	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	140 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	91 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1465 insight.adsrvr.org — Cisco Umbrella Rank: 637	3 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 4434	49 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	338 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4474	235 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 33181	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3209	398 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	35 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 829	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1144	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1421	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10355	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 698	199 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	1 KB
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2469	123 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 731	341 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1147	163 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	319 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 412	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2620	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1704	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	813 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	inmobiapis.com advertiser.inmobiapis.com — Cisco Umbrella Rank: 76076
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2898	964 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 789	725 B
1	t.co t.co — Cisco Umbrella Rank: 656	376 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 745	15 KB
1	permutive.com api.permutive.com — Cisco Umbrella Rank: 2271	205 B
1	inmobicdn.net i.l-dsp.inmobicdn.net — Cisco Umbrella Rank: 6485	1 KB
1	omguk.com track.omguk.com — Cisco Umbrella Rank: 39474	966 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	141 KB
156	58

	Domain	Requested by
13	myaccount.du.ae	myaccount.du.ae
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	myaccount.du.ae www.gstatic.com www.google.com
7	f1-as.readspeaker.com	myaccount.du.ae f1-as.readspeaker.com cdn.quantummetric.com
6	adservice.google.com	12094659.fls.doubleclick.net 12709077.fls.doubleclick.net 8468600.fls.doubleclick.net 13303464.fls.doubleclick.net 10162949.fls.doubleclick.net 10089018.fls.doubleclick.net
5	du-app.quantummetric.com	cdn.quantummetric.com
5	i.ctnsnet.com	consentag.eu
5	fonts.gstatic.com	www.google.com myaccount.du.ae
5	ib.adnxs.com	3 redirects creativecdn.com
5	analytics.tiktok.com	myaccount.du.ae analytics.tiktok.com
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	creativecdn.com	1 redirects myaccount.du.ae creativecdn.com
3	adservice.google.de	adservice.google.com
3	webtrafficsource.com	myaccount.du.ae cdn.appdynamics.com
3	px.ads.linkedin.com	2 redirects cdn.appdynamics.com
3	consentag.eu	www.googletagmanager.com consentag.eu cdnjs.cloudflare.com
3	bat.bing.com	myaccount.du.ae bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	rl.quantummetric.com	cdn.quantummetric.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	cdn.ctnsnet.com	consentag.eu
2	cdnjs.cloudflare.com	consentag.eu
2	connect.facebook.net	myaccount.du.ae connect.facebook.net
2	cdn.quantummetric.com	www.googletagmanager.com cdn.quantummetric.com
2	12709077.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10089018.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	10162949.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	pubads.g.doubleclick.net	myaccount.du.ae
2	cdn.appdynamics.com	www.googletagmanager.com cdn.appdynamics.com
2	8468600.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	13303464.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	12094659.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	eum.du.ae	cdn.appdynamics.com
1	beacon.krxd.net
1	insight.adsrvr.org	js.adsrvr.org
1	ad.yieldlab.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	public-prod-dspcookiematching.dmxleo.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	www.facebook.com	myaccount.du.ae
1	advertiser.inmobiapis.com	myaccount.du.ae
1	analytics.pangle-ads.com	analytics.tiktok.com
1	sslwidget.criteo.com	dynamic.criteo.com
1	mug.criteo.com	myaccount.du.ae
1	www.google.de	myaccount.du.ae
1	px4.ads.linkedin.com	myaccount.du.ae
1	analytics.twitter.com	myaccount.du.ae
1	t.co	myaccount.du.ae
1	stats.g.doubleclick.net	www.google-analytics.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	api.permutive.com	myaccount.du.ae
1	i.l-dsp.inmobicdn.net	myaccount.du.ae
1	dynamic.criteo.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	track.omguk.com	myaccount.du.ae
1	www.googletagmanager.com	myaccount.du.ae
156	79

This site contains links to these domains. Also see Links.

Domain
www.du.ae

Subject Issuer	Validity	Valid
myaccount.du.ae DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-15` - `2024-05-14`	a year	crt.sh
1820826071.rsc.cdn77.org R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-21` - `2024-07-21`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.omguk.com Amazon RSA 2048 M01	`2023-07-24` - `2024-08-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
sni2d907gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-24` - `2025-01-23`	a year	crt.sh
consentag.eu DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-15` - `2024-06-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-28` - `2024-01-26`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
webtrafficsource.com GTS CA 1D4	`2024-01-08` - `2024-04-07`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.cdn77.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.ctnsnet.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-13` - `2024-11-10`	a year	crt.sh
advertiser.inmobiapis.com Sectigo ECC Organization Validation Secure Server CA	`2023-10-26` - `2024-10-25`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-07` - `2025-01-06`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
eum.du.ae DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-24` - `2024-08-23`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-02-13`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://myaccount.du.ae/webapp/en/quick-pay
Frame ID: 9EC51A6F59FA7F0E7673F14F34A604B4
Requests: 72 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD&co=aHR0cHM6Ly9teWFjY291bnQuZHUuYWU6NDQz&hl=de&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=invisible&badge=bottomright&cb=jz9i75uaqtze
Frame ID: B37F1694261A58D091E5B1F10A35980E
Requests: 8 HTTP requests in this frame

Frame: https://12094659.fls.doubleclick.net/activityi;dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: DB0FC9B7CE9F8EDBCA0E1B63E5F78100
Requests: 2 HTTP requests in this frame

Frame: https://13303464.fls.doubleclick.net/activityi;dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: 9D9CCFC4255443671FC88C0976A089B0
Requests: 1 HTTP requests in this frame

Frame: https://8468600.fls.doubleclick.net/activityi;dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: 483686B3964DC14424AD3F6C1DFEFA35
Requests: 2 HTTP requests in this frame

Frame: https://10162949.fls.doubleclick.net/activityi;dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: B6EA86F5E62753AF6C4EA7E044AB4440
Requests: 1 HTTP requests in this frame

Frame: https://10089018.fls.doubleclick.net/activityi;dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: 8CF24920F00962C9AA24ECF6B890D7C9
Requests: 1 HTTP requests in this frame

Frame: https://12709077.fls.doubleclick.net/activityi;dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: B4B84D06A12AB630004A26FFCF273ABF
Requests: 2 HTTP requests in this frame

Frame: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1
Frame ID: 43D0C0CC651168D645D0F88E738080B8
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=myaccount.du.ae&origin=onetag
Frame ID: C0602D1A372CA3EF33B098CD0622ECA9
Requests: 2 HTTP requests in this frame

Frame: https://consentag.eu/public/3.0.1/popup_silent.html
Frame ID: 7D28288328BAB879AA54939F580552FA
Requests: 4 HTTP requests in this frame

Frame: https://creativecdn.com/ig-membership?ntk=sddXLoMqV441tBeGpVPpU4JRwimeWb-G3NoBurP1xp8V1UgtbXQutdQBiE7xZthmhvehTm4pheuZtbeQBfYVdyinvSi5pRpbr-1n1VIp2CI
Frame ID: 7FF28111DE5B13DA529BB729929C2334
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: 2EE8DD33F10B60A1F0E62E1B548A66CF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: C38BD7732ECAAE35797E5386AB98E620
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: 6C63FC3EB5F7AD043A973AA42F7AF62F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: 3703CE200293B29CC800F4F54F614496
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: 864F76D2C52ABC2A99726782F46A3549
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay
Frame ID: B2C83BC9F417ED699102E0A3CAA77189
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD
Frame ID: A00BF4D1387081C27B51E60601FC770F
Requests: 12 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uU78cy3jawnElt4EYBqMXneJarMfEvxFBsUmXw&google_gid=CAESEPVa1gKwES6iw3zPDOvPl4Q&google_cver=1&google_ula=913071,0
Frame ID: BB3064E1404C83EEC28093A1C6E042D2
Requests: 30 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3g3bvd0&ref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&upid=r8bpxny&upv=1.1.0
Frame ID: ED94AEC68DF1B47B42576BFFA6424D88
Requests: 1 HTTP requests in this frame

Frame: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.Styles.css?v=2.5.16.6672
Frame ID: EE0612205C44BC50D72A92D7554DAE11
Requests: 7 HTTP requests in this frame

Frame: https://cdn.quantummetric.com/helpers/blank
Frame ID: C76065EFAF7356BE38BA93B368484F10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

du - My Account

Detected technologies

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mustache(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Optimise (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

track\.omguk\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

156
Requests

94 %
HTTPS

32 %
IPv6

58
Domains

79
Subdomains

72
IPs

11
Countries

2765 kB
Transfer

5765 kB
Size

70
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.du.ae/personal
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.du.ae/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.du.ae/homewireless?utm_source=webbannerHW&utm_medium=quickpaypage&utm_campaign=homewirelessonquickpay
Title: More info

Search URL Search Domain Scan URL

URL: https://www.du.ae/sitemap
Title: Site map

Search URL Search Domain Scan URL

URL: https://www.du.ae/terms-and-conditions
Title: Terms & conditions

Search URL Search Domain Scan URL

URL: https://www.du.ae/legal
Title: Legal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://12094659.fls.doubleclick.net/activityi;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay HTTP 302
https://12094659.fls.doubleclick.net/activityi;dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Request Chain 26

https://13303464.fls.doubleclick.net/activityi;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay HTTP 302
https://13303464.fls.doubleclick.net/activityi;dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Request Chain 27

https://8468600.fls.doubleclick.net/activityi;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay HTTP 302
https://8468600.fls.doubleclick.net/activityi;dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Request Chain 36

https://ib.adnxs.com/getuid?https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=$UID&e=offsiteUserJourney&p=%257B%2522url%2522%253A%2522Du_Postpaid_2023%2522%252C%2522page_type%2522%253A%2522LandingPage%2522%257D&it=appnexus&gtmcb=1952051466 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fapi.permutive.com%2Fv2.0%2Fpx%2Ftrack%3Fk%3D40da2992-202e-46c3-bd6d-d27455ebb9ca%26i%3D%24UID%26e%3DoffsiteUserJourney%26p%3D%25257B%252522url%252522%25253A%252522Du_Postpaid_2023%252522%25252C%252522page_type%252522%25253A%252522LandingPage%252522%25257D%26it%3Dappnexus%26gtmcb%3D1952051466 HTTP 302
https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=3198688891573955369&e=offsiteUserJourney&p=%7B%22url%22%3A%22Du_Postpaid_2023%22%2C%22page_type%22%3A%22LandingPage%22%7D&it=appnexus&gtmcb=1952051466

Request Chain 39

https://10162949.fls.doubleclick.net/activityi;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay HTTP 302
https://10162949.fls.doubleclick.net/activityi;dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Request Chain 41

https://10089018.fls.doubleclick.net/activityi;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay HTTP 302
https://10089018.fls.doubleclick.net/activityi;dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Request Chain 43

https://12709077.fls.doubleclick.net/activityi;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay HTTP 302
https://12709077.fls.doubleclick.net/activityi;dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Request Chain 45

https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197 HTTP 302
https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1

Request Chain 60

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&cookiesTest=true&e_ipv6=AQLdYIBv_Pr0HwAAAY0d5eqwuqxAW9T-eL8FYabcuNzQoVN2RAecTF61tUzawLbC_TPQYV01ggJP

Request Chain 63

https://gum.criteo.com/sid/json?origin=onetag&domain=du.ae&sn=ChromeSyncframe&so=0&topUrl=myaccount.du.ae&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=7J8Fk3xKREYzRFlNWEI0Q3Avd05KMklvTW81MkIvY3dKa1g5elh5bFJkSExlYlV3cm1yL0g4N1pqL2lQYk40WWQva2tCS0tzL21RSnR1NUFWbE91WUFUTzdzRVRYK3I4ejVTV25Cdk5MdThsREc2V1Rla1lrK1FtMzNzVzNzc0JobFZrSWtta1VxSEFpT2Rtamx5REdPdEpJMHErSXkzTkVqdzBIZEMybDdpV0k0bkpOZzVPQXF2UE1zWGxzb0dhczA2M1paeFphSlFDN2FBTHhvS2FpejVqNG9pVzJqMlhRem5acU5vWFVMb3h5ZUR1ait6NS9Ic3NRcmJjWnFYd0pic1NqUmljRTdWbzE5aXllNTNHNnFPNU80UT09fA&cppv=2

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-uU78cy3jawnElt4EYBqMXneJarMfEvxFBsUmXw&google_cm&google_hm=ay11VTc4Y3kzamF3bkVsdDRFWUJxTVhuZUphck1mRXZ4RkJzVW1Ydw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uU78cy3jawnElt4EYBqMXneJarMfEvxFBsUmXw&google_gid=CAESEPVa1gKwES6iw3zPDOvPl4Q&google_cver=1&google_ula=913071,0

Request Chain 115

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3198688891573955369

Request Chain 126

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nzw40C3jawnElt4EYBqMXneJarPSC0NT5VQKDA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nzw40C3jawnElt4EYBqMXneJarPSC0NT5VQKDA&C=1

Request Chain 128

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=8dtS2JYX5ESe-tCW2SlWc44E9maGgDfB HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8dtS2JYX5ESe-tCW2SlWc44E9maGgDfB

Request Chain 146

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iQMI01UN6vC_jmxVfs42qR-oRF1cHDVj

156 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request quick-pay Show response
myaccount.du.ae/webapp/en/ 766 B
1 KB 719ms
144ms Document
text/html 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

c4e33db41a643c89cd81c2e2e82a7447b6ecc75cc3fdd030c585c2056b3492e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 420
Content-Type: text/html
Cteonnt-Length: 766
Date: Thu, 18 Jan 2024 18:47:01 GMT
Keep-Alive: timeout=5, max=78
Last-Modified: Mon, 15 Jan 2024 20:46:35 GMT
P3P: CP="NON DSP COR CURa TIA"
Server: Apache
Strict-Transport-Security: max-age=157680000
Vary: Accept-Encoding,User-Agent
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
x-frame-options: SAMEORIGIN

GET
H2 200 ReadSpeaker.js Show response
f1-as.readspeaker.com/script/8993/ 9 KB
4 KB 150ms
42ms Script
application/javascript 2a02:6ea0:e800::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.js?pids=embhl
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e800::5 Istanbul, Turkey, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f5a79050187027c8758bea038fff4b90bf5243a41c8732f616b5bb3a35ecb4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: istanbulTR
date: Thu, 18 Jan 2024 18:47:01 GMT
content-encoding: gzip
x-age-lb: 68014
x-77-cache: HIT
x-accel-date: 1705535607
x-77-nzt: ApySNA43Nzf/rgkBANRmOAk3Nzeh
x-accel-expires: @1706183604
x-77-age: 68014
x-cache-lb: HIT
last-modified: Tue, 15 Jun 2021 07:44:59 GMT
server: CDN77-Turbo
etag: W/"2563-5c4c926a37cc6"
x-77-nzt-ray: 8b609436e8c8a4602572a965a05b2723
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: sentry-trace

GET
H/1.1 200
OK main.7250a7fc.js Show response
myaccount.du.ae/webapp/static/js/ 817 KB
818 KB 141ms
140ms Script
application/javascript 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/js/main.7250a7fc.js

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

1c4119e28dcf548e111f26d61db49f2bfe972dac4cd2f2af9f45c2a51353ea93

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/webapp/en/quick-pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:01 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 836817
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 15 Jan 2024 20:46:36 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Expires: Fri, 19 Jan 2024 18:47:01 GMT

GET
H/1.1 200
OK main.90b9cac1.css
myaccount.du.ae/webapp/static/css/ 14 KB
7 KB 418ms
141ms Stylesheet
text/css 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

aed44135c22b408ecd6d9116befc468ae80240039faa1a6ff56f07fda5006e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/webapp/en/quick-pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:01 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 6385
X-XSS-Protection: 1; mode=block
Cteonnt-Length: 14522
Last-Modified: Mon, 15 Jan 2024 20:46:36 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Expires: Fri, 19 Jan 2024 18:47:01 GMT

GET
H2 200 ReadSpeaker.Styles.css
f1-as.readspeaker.com/script/8993/ 21 KB
4 KB 43ms
41ms Stylesheet
text/css 2a02:6ea0:e800::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.Styles.css?v=2.5.16.6672
Requested by: Host: f1-as.readspeaker.com
URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.js?pids=embhl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e800::5 Istanbul, Turkey, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0aaca9bc3dde7d71787fce0fd2859da652434dd08d1e837abde8d1a65433d87f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: istanbulTR
date: Thu, 18 Jan 2024 18:47:01 GMT
content-encoding: gzip
x-age-lb: 64224
x-77-cache: HIT
x-accel-date: 1705539397
x-77-nzt: ApySNA43Nzf/4PoAANRmOJw3Nzeh
x-accel-expires: @1705625792
x-77-age: 64224
x-cache-lb: HIT
last-modified: Mon, 01 Feb 2021 12:24:38 GMT
server: CDN77-Turbo
etag: W/"52ce-5ba457005d989"
x-77-nzt-ray: 8b609436e8c8a4602572a965a515e725
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-headers: sentry-trace
expires: Thu, 02 Nov 2023 05:50:41 GMT

GET
H2 200 ReadSpeaker.Core.js Show response
f1-as.readspeaker.com/script/8993/ 29 KB
10 KB 52ms
51ms Script
application/javascript 2a02:6ea0:e800::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.Core.js?v=2.5.16.6672
Requested by: Host: f1-as.readspeaker.com
URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.js?pids=embhl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e800::5 Istanbul, Turkey, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b1077fe05a8a2eae432916d52ad1edce698b5ee5cc97f988a28ffe421f24437a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: istanbulTR
date: Thu, 18 Jan 2024 18:47:01 GMT
content-encoding: gzip
x-age-lb: 552879
x-77-cache: HIT
x-accel-date: 1705050742
x-77-nzt: ApySNA43Nzf/r28IANRmOJw3Nzeh
x-accel-expires: @1705667421
x-77-age: 552879
x-cache-lb: HIT
last-modified: Mon, 01 Feb 2021 15:18:01 GMT
server: CDN77-Turbo
etag: W/"735e-5ba47dc1ddeb5"
x-77-nzt-ray: 8b609436e8c8a4602572a96530bbf925
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: sentry-trace

GET
H2 200 ReadSpeaker.pub.Config.js Show response
f1-as.readspeaker.com/script/8993/ 23 KB
6 KB 60ms
59ms Script
application/javascript 2a02:6ea0:e800::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.pub.Config.js?v=2.5.16.6672
Requested by: Host: f1-as.readspeaker.com
URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.js?pids=embhl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e800::5 Istanbul, Turkey, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 81fd54c0410f4d5b0945b4d3795428cef0a773aaae3b3b31c36290d548df4eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: istanbulTR
date: Thu, 18 Jan 2024 18:47:01 GMT
content-encoding: gzip
x-age-lb: 267961
x-77-cache: HIT
x-accel-date: 1705335660
x-77-nzt: ApySNA43Nzf/uRYEANRmOAk3Nzeh
x-accel-expires: @1705983660
x-77-age: 267961
x-cache-lb: HIT
last-modified: Wed, 15 Jan 2020 12:31:20 GMT
server: CDN77-Turbo
etag: W/"5a2c-59c2ce2bc902a"
x-77-nzt-ray: 8b609436e8c8a4602572a96575b70026
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: sentry-trace

GET
H2 200 ReadSpeaker.lib.RSLib.js Show response
f1-as.readspeaker.com/script/8993/ 25 KB
9 KB 47ms
47ms Script
application/javascript 2a02:6ea0:e800::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.lib.RSLib.js?v=2.5.16.6672
Requested by: Host: f1-as.readspeaker.com
URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.js?pids=embhl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e800::5 Istanbul, Turkey, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0e79cede02b20c3bab8736bf4457f51415177d0411d9f059beb9cd94db08d2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: istanbulTR
date: Thu, 18 Jan 2024 18:47:01 GMT
content-encoding: gzip
x-age-lb: 553101
x-77-cache: HIT
x-accel-date: 1705050520
x-77-nzt: ApySNA43Nzf/jXAIACUTwig3Nzeh
x-accel-expires: @1705698504
x-77-age: 553101
x-cache-lb: HIT
last-modified: Mon, 01 Feb 2021 12:24:28 GMT
server: CDN77-Turbo
etag: W/"6220-5ba456f735350"
x-77-nzt-ray: 8b609436e8c8a4602572a9656737bc29
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: sentry-trace

GET
H2 200 ReadSpeaker.Base.js Show response
f1-as.readspeaker.com/script/8993/ 149 KB
38 KB 54ms
54ms Script
application/javascript 2a02:6ea0:e800::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.Base.js?v=2.5.16.6672
Requested by: Host: f1-as.readspeaker.com
URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.js?pids=embhl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e800::5 Istanbul, Turkey, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 87ea44807d7d9b225c299d01ee912eef00b288af7f3574d4f2c21ec9cbadc9b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: istanbulTR
date: Thu, 18 Jan 2024 18:47:01 GMT
content-encoding: gzip
x-age-lb: 330828
x-77-cache: HIT
x-accel-date: 1705272793
x-77-nzt: ApySNA43Nzf/TAwFACUTwig3Nzeh
x-accel-expires: @1705920790
x-77-age: 330828
x-cache-lb: HIT
last-modified: Mon, 01 Feb 2021 15:17:44 GMT
server: CDN77-Turbo
etag: W/"255e7-5ba47db17e6c2"
x-77-nzt-ray: 8b609436e8c8a4602572a965e9dad52c
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: sentry-trace

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 577 KB
141 KB 146ms
82ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8998e4803d3b8962861701c78abe3ff3c7f874832e4627ec2ea801481d2acb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143948
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 18:47:03 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 62ms
25ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/js/main.7250a7fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58fc72734c2424f0bfea397ccc278acde00f0e1b760aed4cb9a202f12edcae5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:47:02 GMT

GET
H/1.1 200
OK cc-visa-logo.9de5ed976961133ab058d183b905b998.svg
myaccount.du.ae/webapp/static/media/ 3 KB
3 KB 151ms
150ms Image
image/svg+xml 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-visa-logo.9de5ed976961133ab058d183b905b998.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

b7b05ad1c3a308d4781fb953d46080e6ee5bfbacb166eb0e807105f3fefc79fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/webapp/en/quick-pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 2637
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 15 Jan 2024 20:46:38 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=2419200, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=141

GET
H/1.1 200
OK cc-master-logo.0fced2f492f163434103b9c040995d7c.svg
myaccount.du.ae/webapp/static/media/ 2 KB
3 KB 149ms
148ms Image
image/svg+xml 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-master-logo.0fced2f492f163434103b9c040995d7c.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

28bd53cec442bda2a970bfd4d1b058fd202cbd3438c05550f4c949fe5f6f3918

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/webapp/en/quick-pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 1731
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 15 Jan 2024 20:46:38 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=2419200, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=146

GET
H/1.1 200
OK cc-amex-logo.648a329e891cf2e3116e3c0efcd19e75.svg
myaccount.du.ae/webapp/static/media/ 7 KB
8 KB 445ms
142ms Image
image/svg+xml 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/webapp/static/media/cc-amex-logo.648a329e891cf2e3116e3c0efcd19e75.svg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

6fb89b9b4777899a66f229fe91f71ab2ebaf8f37be14d18b5a77c55307944475

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/webapp/en/quick-pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 7539
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 15 Jan 2024 20:46:37 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=2419200, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=138

GET
H/1.1 200
OK HWenglish.jpg
myaccount.du.ae/du/common/images/ 14 KB
15 KB 587ms
141ms Image
image/jpeg 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.du.ae/du/common/images/HWenglish.jpg

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

df0cb0e85b4978adc8810c77b70112b853e28fe8b3e4eb4a9cb038426fa7baf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/webapp/en/quick-pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 14031
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 27 Sep 2023 12:11:48 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2419200, public
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=137
Expires: Wed, 28 Aug 2024 12:11:48 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22da92d2d0ed9dd76507088702badb488453899d661b7c5cbb4ccf94c6ea0efe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a816e9dc211c37e763505eb70bf524eed8db8cc268f956345a5bdad8bc88604

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ProximaNova-Bold.5e38a54e924b84960be0.woff2
myaccount.du.ae/webapp/static/media/ 42 KB
43 KB 295ms
146ms Font
text/plain 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/ProximaNova-Bold.5e38a54e924b84960be0.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

ae663f7733f0aac1c25cbf0d449180f98fb52fcf233efcb3bfa9e6df7145baa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css
Origin: https://myaccount.du.ae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 43384
X-XSS-Protection: 1; mode=block
Cteonnt-Length: 43424
Last-Modified: Mon, 15 Jan 2024 20:46:38 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=145

GET
H/1.1 200
OK ProximaNova-Regular.4d6b0ae73bbc0ee103b8.woff2
myaccount.du.ae/webapp/static/media/ 43 KB
43 KB 291ms
142ms Font
text/plain 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/ProximaNova-Regular.4d6b0ae73bbc0ee103b8.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

ac63bd0ec4d73b90237949f24859de711328276f21a41b18b4248759deff16fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css
Origin: https://myaccount.du.ae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 43559
X-XSS-Protection: 1; mode=block
Cteonnt-Length: 43624
Last-Modified: Mon, 15 Jan 2024 20:46:37 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=140

GET
H/1.1 200
OK DubaiW23-Regular.c56831cd808f5e4e0717.woff2
myaccount.du.ae/webapp/static/media/ 63 KB
61 KB 428ms
147ms Font
text/plain 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/DubaiW23-Regular.c56831cd808f5e4e0717.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

90809b509d33d74aea99990102c5cc60ed19e9fec7f05f82a12b9fe99a35c4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css
Origin: https://myaccount.du.ae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Cteonnt-Length: 64056
Last-Modified: Mon, 15 Jan 2024 20:46:38 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=146

GET
H/1.1 200
OK ProximaNova-Medium.bf55a58d7d04853add13.woff2
myaccount.du.ae/webapp/static/media/ 51 KB
52 KB 426ms
145ms Font
text/plain 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/ProximaNova-Medium.bf55a58d7d04853add13.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

31f633ffb1cded2c62b7331f92ed3c15da2ef41e3d2d3c20d8a80e4aaaa4f321

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css
Origin: https://myaccount.du.ae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
Content-Length: 52012
X-XSS-Protection: 1; mode=block
Cteonnt-Length: 52108
Last-Modified: Mon, 15 Jan 2024 20:46:38 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=147

GET
H/1.1 200
OK duCo_WHeadline16_Bd.2496de66e37e8637049a.woff2
myaccount.du.ae/webapp/static/media/ 72 KB
73 KB 428ms
143ms Font
text/plain 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/webapp/static/media/duCo_WHeadline16_Bd.2496de66e37e8637049a.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

984bc8c91a0bb9498f4bfd59db79215c02c5a4c4da1184896c65477560672a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.du.ae/webapp/static/css/main.90b9cac1.css
Origin: https://myaccount.du.ae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Strict-Transport-Security: max-age=157680000
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Cteonnt-Length: 74024
Last-Modified: Mon, 15 Jan 2024 20:46:38 GMT
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=121

GET
H/1.1 200
OK mya-quick-pay-payment.html Show response
myaccount.du.ae/servlet/myaccount/en/ 189 KB
34 KB 1500ms
1222ms Fetch
text/html 5.32.4.153
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.du.ae/servlet/myaccount/en/mya-quick-pay-payment.html

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/js/main.7250a7fc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

5.32.4.153 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Apache /

Resource Hash

252c06fb0de038cb740d9a826bd953e2087239ed47b2df59b418e718455991b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/webapp/en/quick-pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:03 GMT
Content-Encoding: gzip
WWW-Authenticate: Basic realm="CT"
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
P3P: CP="NON DSP COR CURa TIA"
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
host_service: FutureTenseContentServer:11.1.1.8.0
Last-Modified: Thu, 18 Jan 2024 22:47:03 GST
Server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Keep-Alive: timeout=5, max=149

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 506 KB
204 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Origin: https://myaccount.du.ae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 14:01:26 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B37F 44 KB
28 KB 38ms
37ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD&co=aHR0cHM6Ly9teWFjY291bnQuZHUuYWU6NDQz&hl=de&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=invisible&badge=bottomright&cb=jz9i75uaqtze

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/static/js/main.7250a7fc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b13441b2c207325dbdfdb2b39c6652fcb581f82bc788432b80110390e7bdc913

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UjYvDbJJTko9LUAxsmjrmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-UjYvDbJJTko9LUAxsmjrmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
12ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 18 Jan 2024 17:26:34 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4829
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 18 Jan 2024 19:26:34 GMT

GET
H2

200

activityi;dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua... Show response
12094659.fls.doubleclick.net/ Frame DB0F
Redirect Chain

https://12094659.fls.doubleclick.net/activityi;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=...
https://12094659.fls.doubleclick.net/activityi;dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l...

517 B
519 B

49ms
48ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12094659.fls.doubleclick.net/activityi;dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

56257a1da4f7691b854b3f990c072729e4ca85487bab530cf46da3d2b481d4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 18 Jan 2024 18:47:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12094659.fls.doubleclick.net/activityi;dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv... Show response
13303464.fls.doubleclick.net/ Frame 9D9C
Redirect Chain

https://13303464.fls.doubleclick.net/activityi;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;u...
https://13303464.fls.doubleclick.net/activityi;dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l...

603 B
519 B

49ms
44ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://13303464.fls.doubleclick.net/activityi;dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

55e782c83573cf59ea8099a7caaedd282c9ec6849f173f43cff5318a8c75df26

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 343
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13303464.fls.doubleclick.net/activityi;dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a... Show response
8468600.fls.doubleclick.net/ Frame 4836
Redirect Chain

https://8468600.fls.doubleclick.net/activityi;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He4...
https://8468600.fls.doubleclick.net/activityi;dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2...

575 B
337 B

58ms
57ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8468600.fls.doubleclick.net/activityi;dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

0b3381032f05e2df8a8df800d075706acf1d51ece26731f95268f36d7ac56681

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 312
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 18 Jan 2024 18:47:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8468600.fls.doubleclick.net/activityi;dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adrum-4.5.7.1910.js Show response
cdn.appdynamics.com/adrum/ 79 KB
29 KB 43ms
12ms Script
application/javascript 18.66.248.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-129.dus51.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: e72944b40f2b0a6a7f2310df4fbf98b3305bc9e16a8d335353aecd9c147b44ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 16:58:24 GMT
content-encoding: gzip
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 1648119
x-cache: Hit from cloudfront
last-modified: Fri, 15 Feb 2019 18:45:26 GMT
server: nginx/1.16.1
etag: W/"5c6708c6-13d56"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wHC3ymU-OkEnY2eoYiPyvrXXeFWklW5Vqyi4F1G7QffnOgK4vg5VVA==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 147ms
127ms Script
application/javascript 2.23.7.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAK6Q7RC77U1E8B1DB1G&lib=ttq
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 66b685070d30aa182683c47bdc6dc016904c6fce3b9d8766cd12cdaa2d96f9f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 1ad8d7f2.19d3d7a1
date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240118184703B42814224AC9EA8ACD87-7A25ED41BFE90054-00
x-cache: TCP_MISS from a2-23-7-37.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 116,2.23.7.37
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=14, inner; dur=3
content-length: 1816
pragma: no-cache
server: nginx
x-tt-logid: 20240118184703B42814224AC9EA8ACD87
x-cache-remote: TCP_MISS from a23-220-107-207.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.220.107.207
x-tt-trace-host: 01fe45389c5a7de5e45010f17f9686eb5f05ecd2fb661026862d811ae4d4ffe81ae1ae0f46fc72137c75e2dc6d760e960df638c305255be1c5699be8ec441d16f08a866ce026b90eda91104f7adc5aae53ebdfce4fefe2b28d60ef88ed96b812bcadf987d4be556e2d0a6ee3e89e9b0725
expires: Thu, 18 Jan 2024 18:47:03 GMT

GET
H2 200 / Show response
track.omguk.com/e/qs/ 389 B
966 B 133ms
43ms Script
text/javascript 34.252.165.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://track.omguk.com/e/qs/?action=Content&MID=2325899&PID=53294&ref=https%3A//myaccount.du.ae/webapp/en/quick-pay

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.252.165.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-165-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8d7db296bea88a53d64bb97918b8322a127cf36e7930e8e9cebe508fa012b137

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache
content-length: 389
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 36ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 00:45:09 GMT
Content-Encoding: gzip
Via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Jan 2024 00:44:59 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 64915
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: _164Pf2OuTBW8pveyQoL_Wd2Q-HR-DI3L0wNM2YT8x65DYy0dF0aLA==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 54ms
26ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=102684

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5ff6b580d8969befa88e0b20c3ca6353f9683716e85dbbee5e86fffa360a9cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 51ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 18 Jan 2024 18:47:02 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5AA2DF5D99BB4B988F6BE5D23C6D3B76 Ref B: FRAEDGE1713 Ref C: 2024-01-18T18:47:03Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 min.pixel.js Show response
i.l-dsp.inmobicdn.net/helix-cors/custom/js/idspPixel/v6/ 2 KB
1 KB 413ms
53ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://i.l-dsp.inmobicdn.net/helix-cors/custom/js/idspPixel/v6/min.pixel.js
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CBF) /
Resource Hash: c68bccc901ea3e91d855bccfbf150b01701b406e1057ef2890f9c8a0b6df8df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
last-modified: Fri, 08 Dec 2023 09:39:47 GMT
server: ECAcc (frc/4CBF)
age: 280868
x-amz-request-id: X49X2NS645VSZ32V
etag: "8906a38edeb4b177fe800ff955a158a2+gzip"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
content-length: 1027
x-amz-id-2: QI7kn5Sztcs9hFjWdGpJbadbe4FITVmLO20ME/L7DQeNky2jjXS6cfImiId4Im67wLwqRI1WwzH8xTLsf5gb9A==

GET
H2 200 consenTag.js Show response
consentag.eu/public/3.0.1/ 6 KB
3 KB 56ms
18ms Script
text/javascript 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/public/3.0.1/consenTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.173.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 03:15:58 GMT
content-encoding: gzip
age: 487865
x-guploader-uploadid: ABPtcPqHSuo6IJqTw1ey0Un2Z_2r650AB8Kwummx9DnvkKpFUNhyVC2ZqFhxeE7TRuF_SqjqEXw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2606
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
etag: "bbf29cf3e8db1d93e091a797634232a9"
x-goog-hash: crc32c=Uvujaw==, md5=u/Kc8+jbHZPgkaeXY0IyqQ==
x-goog-generation: 1640523991137254
content-language: en
content-type: text/javascript
cache-control: no-transform
x-goog-stored-content-length: 2606
accept-ranges: bytes
expires: Sun, 12 Jan 2025 03:15:58 GMT

GET
H2

201

track
api.permutive.com/v2.0/px/
Redirect Chain

https://ib.adnxs.com/getuid?https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=$UID&e=offsiteUserJourney&p=%257B%2522url%2522%253A%2522Du_Postpaid_2023%2522%252C%2522p...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fapi.permutive.com%2Fv2.0%2Fpx%2Ftrack%3Fk%3D40da2992-202e-46c3-bd6d-d27455ebb9ca%26i%3D%24UID%26e%3DoffsiteUserJourney%26p%3D%25257B%252522url%...
https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=3198688891573955369&e=offsiteUserJourney&p=%7B%22url%22%3A%22Du_Postpaid_2023%22%2C%22page_type%22%3A%22LandingPage%...

35 B
205 B

81ms
27ms

Image
image/gif

34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=3198688891573955369&e=offsiteUserJourney&p=%7B%22url%22%3A%22Du_Postpaid_2023%22%2C%22page_type%22%3A%22LandingPage%22%7D&it=appnexus&gtmcb=1952051466
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
server: Permutive
vary: Origin
content-type: image/gif
cache-control: private, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
an-x-request-uuid: 00759e4a-bddb-4865-8da8-5313e6b7936d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://api.permutive.com/v2.0/px/track?k=40da2992-202e-46c3-bd6d-d27455ebb9ca&i=3198688891573955369&e=offsiteUserJourney&p=%7B%22url%22%3A%22Du_Postpaid_2023%22%2C%22page_type%22%3A%22LandingPage%22%7D&it=appnexus&gtmcb=1952051466
x-proxy-origin: 178.162.209.135; 178.162.209.135; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 activity;xsp=5109819;ord=9202965120600090
pubads.g.doubleclick.net/ 42 B
542 B 90ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=5109819;ord=9202965120600090?

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=9202965120600090;dc_seg=7792235717
pubads.g.doubleclick.net/activity;dc_iu=/7229/ 42 B
209 B 86ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/7229/DFPAudiencePixel;ord=9202965120600090;dc_seg=7792235717?

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefi... Show response
10162949.fls.doubleclick.net/ Frame B6EA
Redirect Chain

https://10162949.fls.doubleclick.net/activityi;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=und...
https://10162949.fls.doubleclick.net/activityi;dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20...

775 B
584 B

48ms
48ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10162949.fls.doubleclick.net/activityi;dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

8dab4661bda2cb8c1d9d787b1d949518d81021353c7536bf19f97060e824dbe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10162949.fls.doubleclick.net/activityi;dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 43ms
8ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220059-FRA

GET
H2

200

activityi;dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua... Show response
10089018.fls.doubleclick.net/ Frame 8CF2
Redirect Chain

https://10089018.fls.doubleclick.net/activityi;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=...
https://10089018.fls.doubleclick.net/activityi;dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l...

605 B
520 B

50ms
50ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10089018.fls.doubleclick.net/activityi;dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

57e77b65624bc16a044a3c6914c15e1d954b3981b4f4b00be7dbedc9d2b80ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10089018.fls.doubleclick.net/activityi;dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 44ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jan 2024 16:29:26 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=61074
accept-ranges: bytes
content-length: 15732

GET
H3

200

activityi;dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua... Show response
12709077.fls.doubleclick.net/ Frame B4B8
Redirect Chain

https://12709077.fls.doubleclick.net/activityi;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=...
https://12709077.fls.doubleclick.net/activityi;dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l...

517 B
332 B

55ms
55ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12709077.fls.doubleclick.net/activityi;dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

7a556bd24432052b4674c0674b9fefbb91e8150e1de415c2c188db39d99bc319

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 18 Jan 2024 18:47:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12709077.fls.doubleclick.net/activityi;dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 quantum-du.js Show response
cdn.quantummetric.com/qscripts/ 300 KB
87 KB 46ms
29ms Script
text/javascript 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-du.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK3S7M&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc542ab32f726aa64d1f3ef831445b7c9174207f503e463f6dd3d888e3351eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: HIT
content-encoding: br
age: 216
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"170436168183217054341258101691740804464"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 847901155ac01d86-FRA

GET
H2

200

tags Show response
creativecdn.com/ Frame 43D0
Redirect Chain

https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2F...
https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2F...

531 B
866 B

18ms
18ms

Document
text/html

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 5a8ad48b4bb4f6886473fb8c6ca5bbf97ccb9b448bdcf01b8a733b7c69290be7

Request headers

Referer: https://myaccount.du.ae/webapp/en/quick-pay
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-encoding: gzip
content-length: 397
content-type: text/html;charset=utf-8
date: Thu, 18 Jan 2024 18:47:03 GMT Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
vary: Origin, Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
vary: Origin

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 116ms
38ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jan 2024 18:47:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: LrZN2Oz0teJIZoLjtFBTsD+UF747J6GKa9wiNPNDped1FKpSJW71bdrjcKSJLVidaUHTi1tsY6oMvODzI4/CPQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame B37F 55 KB
24 KB 46ms
17ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD&co=aHR0cHM6Ly9teWFjY291bnQuZHUuYWU6NDQz&hl=de&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=invisible&badge=bottomright&cb=jz9i75uaqtze

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 00:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 00:09:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame B37F 506 KB
203 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 14:01:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 21ms
21ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=354042809&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ul=en-us&de=UTF-8&dt=du%20-%20My%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAEK~&jid=1716649582&gjid=572259009&cid=17439976.1705603623&tid=UA-407073-6&_gid=1217470357.1705603623&_slc=1&gtm=45He41a0n71PK3S7Mv6507099&cd17=EN&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=17439976.1705603623&z=2001597127

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.du.ae
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-407073-6&cid=17439976.1705603623&jid=1716649582&gjid=572259009&_gid=1217470357.1705603623&_u=YGBAgEABAAAAAGAEK~&z=1226912026

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.du.ae
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 17552657.js Show response
bat.bing.com/p/action/ 0
117 B 32ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17552657.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 18 Jan 2024 18:47:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B8D7F6F93F241ACB13E276BFB5FAEC9 Ref B: FRAEDGE1713 Ref C: 2024-01-18T18:47:03Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 80ms
79ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17552657&Ver=2&mid=41eae2a9-eb41-47ae-a171-6e3713acd9d9&sid=f8693470b63111ee8c43e3db992bfc58&vid=f86942b0b63111eeac80cb6cc0d4b3ff&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=du%20-%20My%20Account&p=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&r=&lt=2149&evt=pageLoad&sv=1&rn=494330

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 18:47:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF4A82B5313F4F218AF65405BE398AB4 Ref B: FRAEDGE1713 Ref C: 2024-01-18T18:47:03Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C060 14 KB
6 KB 44ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=myaccount.du.ae&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 307408
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 popup_silent.html Show response
consentag.eu/public/3.0.1/ Frame 7D28 12 KB
4 KB 18ms
14ms Document
text/html 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/public/3.0.1/popup_silent.html
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.173.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 028a986dd20d66c3950495d957214cda50669a831b7a5c8fcb9bf94c91f861f2

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 489546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-language: en
content-length: 3889
content-type: text/html
date: Sat, 13 Jan 2024 02:47:57 GMT
etag: "961f6921c00edbfac20c24cc4deda043"
expires: Sun, 12 Jan 2025 02:47:57 GMT
last-modified: Sun, 26 Dec 2021 13:06:31 GMT
server: UploadServer
x-goog-generation: 1640523991162202
x-goog-hash: crc32c=fNucYA== md5=lh9pIcAO2/rCDCTMTe2gQw==
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3889
x-guploader-uploadid: ABPtcPrxKFz8v55d2wzHye-xDWaSeKKfCGaP1UyV48gxTT6cGFMQHNY1Invx65BViwa7B1jF3I5mFeWlIA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ Frame 7D28 84 KB
27 KB 45ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consentag.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4281019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26909
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0N%2B4SSVlcM0oBSa1G4PR1B4mlVK2fxlltwAq%2Fj6wUz7%2BWUIdpnSx18vQT3HTM6GhQglxZO988U2iR1diN3vZvMAdWkDz3LB9pl7IwHbn0GCxPkzxIOz%2BcqVPK%2Bc0yyZp4RwtwOStgCWwE6lo%2BmJz7Kc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8479011599ce1c11-FRA
expires: Tue, 07 Jan 2025 18:47:03 GMT

GET
H2 200 mustache.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/ Frame 7D28 9 KB
3 KB 41ms
17ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mustache.js/2.3.0/mustache.min.js

Requested by

Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/popup_silent.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consentag.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5666794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2513
last-modified: Mon, 04 May 2020 16:13:29 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f29-2538"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSHUC7w8qd8fpKdOMGnDkoc1N%2Bl%2BNdgSBSN3O8gXRNhoWRN61PIpmDRH%2BSPU%2BkHJaViIFZdLLet9CnbGL8%2FfiWYXy9d8aa7ZG1QUch8ZS26yXKPvCngMoBtTkNon2z36C2%2Fh7RDyiyLnpJz3yjNHkMuW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8479011599d01c11-FRA
expires: Tue, 07 Jan 2025 18:47:03 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 223ms
198ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=8c655d5f-c591-4c42-b366-9c60714ed586&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=bff44f4d-67bb-4e2b-b881-743310c49e17&tw_document_href=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tw_iframe_status=0&txn_id=o5gkt&type=javascript&version=2.3.29

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 191
date: Thu, 18 Jan 2024 18:47:02 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3ae3ace6a53f753c
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: daf3bbd6e35af0df6af32318a20ce6623203a217c98bac36d64f585b14acb033
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 216ms
193ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=8c655d5f-c591-4c42-b366-9c60714ed586&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=bff44f4d-67bb-4e2b-b881-743310c49e17&tw_document_href=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tw_iframe_status=0&txn_id=o5gkt&type=javascript&version=2.3.29

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-response-time: 186
date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 79476cb6253b94ac
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 4bf72476349a2e4f69f62ad6240e0e614527ee0e7b14bcef3f6f2c11d84200d7
content-length: 43

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
442 B 206ms
189ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9A25B9FBBCAF48E0BAD8DB443B67D7F6 Ref B: FRAEDGE1419 Ref C: 2024-01-18T18:47:03Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://myaccount.du.ae
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYPPMoZhlMV9kFR6v5Z4w==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&cookiesTest=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&cookiesTest=true&e_ipv6=AQLdYIBv_Pr0HwAAAY0d5eqwu...

0
267 B

233ms
192ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&cookiesTest=true&e_ipv6=AQLdYIBv_Pr0HwAAAY0d5eqwuqxAW9T-eL8FYabcuNzQoVN2RAecTF61tUzawLbC_TPQYV01ggJP
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2FDEAF608B3B4D58B3F60314FEBC5502 Ref B: AMS04EDGE2316 Ref C: 2024-01-18T18:47:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPPMogJhgSSYPEqYNvqw==

Redirect headers

date: Thu, 18 Jan 2024 18:47:03 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4304FCC23BD14988B2F1C6FD0EEAAC3D Ref B: FRAEDGE1419 Ref C: 2024-01-18T18:47:03Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2489801&time=1705603623283&url=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&tm=gtmv2&cookiesTest=true&e_ipv6=AQLdYIBv_Pr0HwAAAY0d5eqwuqxAW9T-eL8FYabcuNzQoVN2RAecTF61tUzawLbC_TPQYV01ggJP
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPPMocquVXki2O0p8zBg==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
36ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-407073-6&cid=17439976.1705603623&jid=1716649582&_u=YGBAgEABAAAAAGAEK~&z=959852196

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 95ms
39ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-407073-6&cid=17439976.1705603623&jid=1716649582&_u=YGBAgEABAAAAAGAEK~&z=959852196

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C060
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=du.ae&sn=ChromeSyncframe&so=0&topUrl=myaccount.du.ae&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=7J8Fk3xKREYzRFlNWEI0Q3Avd05KMklvTW81MkIvY3dKa1g5elh5bFJkSExlYlV3cm1yL0g4N1pqL2lQYk40WWQva2tCS0tzL21RSnR1NUFWbE91WUFUTzdzRVRYK3I4ejVTV25Cdk5MdThsREc2V1Rla1lrK1FtMzNzVz...

422 B
652 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=7J8Fk3xKREYzRFlNWEI0Q3Avd05KMklvTW81MkIvY3dKa1g5elh5bFJkSExlYlV3cm1yL0g4N1pqL2lQYk40WWQva2tCS0tzL21RSnR1NUFWbE91WUFUTzdzRVRYK3I4ejVTV25Cdk5MdThsREc2V1Rla1lrK1FtMzNzVzNzc0JobFZrSWtta1VxSEFpT2Rtamx5REdPdEpJMHErSXkzTkVqdzBIZEMybDdpV0k0bkpOZzVPQXF2UE1zWGxzb0dhczA2M1paeFphSlFDN2FBTHhvS2FpejVqNG9pVzJqMlhRem5acU5vWFVMb3h5ZUR1ait6NS9Ic3NRcmJjWnFYd0pic1NqUmljRTdWbzE5aXllNTNHNnFPNU80UT09fA&cppv=2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3d2c4ea9cdd0d756db84b768c6f16a6d6436146d798341a6d51bb15515f99744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1603650
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=7J8Fk3xKREYzRFlNWEI0Q3Avd05KMklvTW81MkIvY3dKa1g5elh5bFJkSExlYlV3cm1yL0g4N1pqL2lQYk40WWQva2tCS0tzL21RSnR1NUFWbE91WUFUTzdzRVRYK3I4ejVTV25Cdk5MdThsREc2V1Rla1lrK1FtMzNzVzNzc0JobFZrSWtta1VxSEFpT2Rtamx5REdPdEpJMHErSXkzTkVqdzBIZEMybDdpV0k0bkpOZzVPQXF2UE1zWGxzb0dhczA2M1paeFphSlFDN2FBTHhvS2FpejVqNG9pVzJqMlhRem5acU5vWFVMb3h5ZUR1ait6NS9Ic3NRcmJjWnFYd0pic1NqUmljRTdWbzE5aXllNTNHNnFPNU80UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 284784
content-length: 0
expires: 0

GET
H3 200 xBCOM0nJGRF-m--wl6VQ1aNLQoz6KTYsNI8IYqWNoW0.js Show response
www.google.com/js/bg/ Frame B37F 17 KB
7 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/xBCOM0nJGRF-m--wl6VQ1aNLQoz6KTYsNI8IYqWNoW0.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4108e3349c919117e9befb097a550d5a34b428cfa29362c348f0862a58da16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD&co=aHR0cHM6Ly9teWFjY291bnQuZHUuYWU6NDQz&hl=de&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=invisible&badge=bottomright&cb=jz9i75uaqtze
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6865
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 18:01:24 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B37F 2 KB
2 KB 13ms
13ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:45:59 GMT
x-content-type-options: nosniff
age: 162064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 23 Jan 2024 21:45:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B37F 15 KB
15 KB 52ms
17ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 306913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B37F 15 KB
16 KB 47ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 207469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:09:14 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame 43D0 43 B
1 KB 7ms
7ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=315&code=HZNFeZ7aiUOonSjOtx7aW-IHtVaqZ5Sj7HKiNO4nGdU

Requested by

Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
an-x-request-uuid: 38ca78cc-1525-49ee-bd4d-9e5b17c54070
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.135; 178.162.209.135; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 topics-membership Show response
creativecdn.com/ Frame 43D0 880 B
626 B 17ms
16ms Script
application/javascript 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/topics-membership?ntk=FH3a4WP_v-etWKEcUyMcQWBonM8mzKDHOCF_MeJ6sifUjvGgUrsvrfDYVWpykcmKdgQo1xovI1nkvYtlvSwKJw
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 13bdef7567aa2c895cd70b51e0720b6f768fdb50e879c8c56f3f3d80f9866e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 18:47:03 GMT
date: Thu, 18 Jan 2024 18:47:03 GMT, Thu, 18 Jan 2024 18:47:03 GMT
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 424
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame B37F 102 B
135 B 22ms
21ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD&co=aHR0cHM6Ly9teWFjY291bnQuZHUuYWU6NDQz&hl=de&type=image&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=invisible&badge=bottomright&cb=jz9i75uaqtze
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:47:03 GMT

GET
H2 200 dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=*;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
adservice.google.com/ddm/fls/z/ Frame DB0F 42 B
107 B 89ms
53ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=*;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: 12094659.fls.doubleclick.net
URL: https://12094659.fls.doubleclick.net/activityi;dc_pre=CMKD39DM54MDFUdWHgIdr10AVQ;src=12094659;type=invmedia;cat=miqpr0;ord=3691943560981;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12094659.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=*;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
adservice.google.com/ddm/fls/z/ Frame B4B8 42 B
118 B 84ms
50ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=*;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: 12709077.fls.doubleclick.net
URL: https://12709077.fls.doubleclick.net/activityi;dc_pre=CMGf4NDM54MDFb9SHgIdecUGnA;src=12709077;type=invmedia;cat=du-pa0;ord=4481825260769;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://12709077.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=*;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_...
adservice.google.com/ddm/fls/z/ Frame 4836 42 B
107 B 84ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=*;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: 8468600.fls.doubleclick.net
URL: https://8468600.fls.doubleclick.net/activityi;dc_pre=CNu_39DM54MDFSRfHgIdN7MBYg;src=8468600;type=invmedia;cat=duesa0;ord=1173183098302;auiddc=236011341.1705603623;u1=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8468600.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ig-membership Show response
creativecdn.com/ Frame 7FF2 2 KB
757 B 14ms
14ms Document
text/html 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://creativecdn.com/ig-membership?ntk=sddXLoMqV441tBeGpVPpU4JRwimeWb-G3NoBurP1xp8V1UgtbXQutdQBiE7xZthmhvehTm4pheuZtbeQBfYVdyinvSi5pRpbr-1n1VIp2CI
Requested by: Host: creativecdn.com
URL: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: 7d32eed2aeda44bdccaf8aa21b4db2682a932408740042154808b1435823e98c

Request headers

Referer: https://creativecdn.com/tags?type=iframe&id=pr_fUe5epIYkfe21xtnZY4b&id=pr_fUe5epIYkfe21xtnZY4b_custom_lang_EN&id=pr_fUe5epIYkfe21xtnZY4b_lid_Hma5aw6laQAQNVGyKidX&su=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&sr=&ts=1705603623197&tc=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
content-length: 569
content-type: text/html;charset=utf-8
date: Thu, 18 Jan 2024 18:47:03 GMT Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 19 Jan 2024 18:47:03 GMT
vary: Accept-Encoding

GET
H2 200 dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;... Show response
adservice.google.com/ddm/fls/i/ Frame 2EE8 602 B
719 B 69ms
47ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: 13303464.fls.doubleclick.net
URL: https://13303464.fls.doubleclick.net/activityi;dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcc678b259924d7b30382cfbbf630018c883463d77e533e77475754eefac1e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://13303464.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub... Show response
adservice.google.com/ddm/fls/i/ Frame C38B 774 B
479 B 65ms
49ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: 10162949.fls.doubleclick.net
URL: https://10162949.fls.doubleclick.net/activityi;dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7fea04c7c9a75f36d843525707822ae20038528c46f1ff772e16f83fac8e0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10162949.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=... Show response
adservice.google.com/ddm/fls/i/ Frame 6C63 604 B
410 B 64ms
49ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: 10089018.fls.doubleclick.net
URL: https://10089018.fls.doubleclick.net/activityi;dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db0d957f6d01815f16c66afae78f04d790a1cb5b0d7ebef64f404c30b48cd7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10089018.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 344
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 code.js Show response
webtrafficsource.com/track/ 644 B
862 B 59ms
23ms Script
application/javascript 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/track/code.js
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash: fc63f9ef51602b46dc51a0256b3369d483e2f7300ebd2e9cb8269f72e795aa30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
content-type: application/javascript;charset=UTF-8

GET
H2 200 main.MTc3MGUxMzJiMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 396 KB
105 KB 15ms
15ms Script
application/javascript 2.23.7.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAK6Q7RC77U1E8B1DB1G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 19d3da3f
date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240112163220453E9CDC947E545DB230
x-tt-trace-id: 00-240112163220453E9CDC947E545DB230-74DC439080CAE265-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-7-37.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c36acb90e1b36cdfa66d9cb67796463ee840c48e929198f139d58349bb3dff126446a69ad54d0655c132963e68976f29bd6ffeee9e88866d0b3f486af64d57fe02ce5a9c4f1309443079962231a91b6f6b50fc491e9db091f4704b642244c95b
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 106572

GET
H2 200 599409307633963 Show response
connect.facebook.net/signals/config/ 131 KB
35 KB 119ms
118ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/599409307633963?v=2.9.140&r=stable&domain=myaccount.du.ae

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 Helsinki, Finland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1850e7a91a9faf761443d6d5d9638bc06cb2b699b6edc030625211f7dfd23b6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jan 2024 18:47:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: LyjVmxqrpc/+u4p3R10mBoXUKklQiwF1n9J2cX9jvn72ZqiMSvdKOePJ0Ly+ynp91wCtBAEpIU204+HOQP5lAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 68ms
21ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=102684&v=5.20.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&bundle=lfFpbV95clBFcjRYRG53NVhZd3lkWlh3RU0zTjZwNDdad1ZYeDBQaE15ZnBIME1zQUIyN1Vib3ZJT2hJcktKWXBqNyUyQjB6eml3UzdyUVBmZmkwbDNVdnY1UXlLbTVFdHQlMkJFNzgxcVBFeklpRldxeUo5ZmMzalFtYXRBRWMyM0pnb1NHZEhWVEMlMkJOZDFxZHdLcWtIWHJOSVJhVkElM0QlM0Q&tld=du.ae&dy=1&fu=https%253A%252F%252Fmyaccount.du.ae%252Fwebapp%252Fen%252Fquick-pay&ceid=396ea607-70c6-40b2-926a-2f79c5e83488&dtycbr=95783

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=102684

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

949677a371da36358e69e661712717db867e11b2cf93fdfceb094051e0530e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7665092
timing-allow-origin: *
expires: 0

POST
H3 200 getuam Show response
consentag.eu/manager/consent/user/ Frame 7D28 3 KB
3 KB 21ms
21ms XHR
application/json 34.107.173.171
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://consentag.eu/manager/consent/user/getuam
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.173.171 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 171.173.107.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: f918991c819f61975d59ef0fa79b1af5f7bfc23f5c6bf6b4b4fb23e888716ebc

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://consentag.eu/public/3.0.1/popup_silent.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 18:47:02 GMT
via: 1.1 google
server: Apache-Coyote/1.1
etag: uk-1705603623-bc7765bb99c04ee2800a9304d294aab0
content-length: 2832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 51ms
46ms Script
application/javascript 2.23.7.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 19d3db42
date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024010415144999CE49A231F669FAB62C
x-tt-trace-id: 00-24010415144999CE49A231F669FAB62C-22E4A9E374DDE643-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-23-7-37.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011b02d110eee95bf6e6e0c647db3739fe667955eea7e14446e259e80e2e1fabac2591b8ebd869abdbfd7857cd8993ebb22592e84c7469a2cb7e42a08980c5587ea8a250628d7264bb53b0ffa76740e95cbbb4f7ddda4685fe61811d937cf69c78
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
content-length: 36820

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
964 B 236ms
202ms Ping
text/plain 2.16.100.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.100.161 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-100-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 234ef2db.3653f1f4
date: Thu, 18 Jan 2024 18:47:03 GMT
x-bytefaas-request-id: 202401181847030D90145A2D44228C8428
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401181847030D90145A2D44228C8428-4A55CF16D87FBD2A-00
x-cache: TCP_MISS from a2-16-100-157.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
x-parent-response-time: 174,2.16.100.157
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=92, inner; dur=89
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401181847030D90145A2D44228C8428
x-cache-remote: TCP_MISS from a23-55-171-75.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0-53477943) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 87.70
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01fe45389c5a7de5e45010f17f9686eb5f89cfb1a10e97761fdebb052045f7a3eff0284f541da992d00a735283f47536c266a1d322f34bac1ec02182e7c1f47379e393abec581952746bf6fbbd935f8e8630e069f96b6986e51c7094a03de1cc9d4434dd882f2de8c24721cbae6d0b17b2
x-origin-response-time: 93,23.55.171.75
access-control-allow-headers: *
expires: Thu, 18 Jan 2024 18:47:03 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
841 B 174ms
174ms Ping
text/plain 2.23.7.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 650f21ce.19d3db43
date: Thu, 18 Jan 2024 18:47:03 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240118184703FB1A14649E8EBF5A3E86-57F9A6837095BCDE-00
x-cache: TCP_MISS from a2-23-7-37.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 141,2.23.7.37
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=53, inner; dur=50
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240118184703FB1A14649E8EBF5A3E86
x-cache-remote: TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 53,23.48.100.71
x-tt-trace-host: 01fe45389c5a7de5e45010f17f9686eb5fd06df683591a79ca5243c5fc0a679d6d558f5fb0426c620d527728e8a9c68fb3f1ea0cfd02cf5eb0c08fdd533992702e4dc3ae530202e373cd0c2b12e81b09421f317540cf467c781d54054a3c665e5157280ae64a98e30069a0182470c1aca8
access-control-allow-headers: Authorization,*
expires: Thu, 18 Jan 2024 18:47:03 GMT

GET
H2 200 dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;... Show response
adservice.google.de/ddm/fls/i/ Frame 3703 194 B
150 B 105ms
57ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL6G3tDM54MDFc9BwgodKVUPyg;src=13303464;type=du-es0;cat=du-es0;ord=6825479909781;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 18 Jan 2024 18:47:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub... Show response
adservice.google.de/ddm/fls/i/ Frame 864F 194 B
515 B 90ms
56ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNHE3tDM54MDFahCHgIdweMC0Q;src=10162949;type=duweb0;cat=unive0;ord=9340197705855;auiddc=236011341.1705603623;u1=EN;u2=Login%20Status;u3=User%20ID;u4=Vertical;u5=undefined;u6=undefined;u7=Sub%20Sub%20Category;u8=undefined;u27=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 18 Jan 2024 18:47:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=... Show response
adservice.google.de/ddm/fls/i/ Frame B2C8 194 B
150 B 91ms
58ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIG739DM54MDFbJDHgIdtYYKCA;src=10089018;type=invmedia;cat=uae_d0;ord=9100617653488;auiddc=236011341.1705603623;gtm=45He41a0v6507099;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Thu, 18 Jan 2024 18:47:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 d41d8cd98f00b204e9800998ecf8427e.js Show response
cdn.ctnsnet.com/ase/fetch/scraper/76037480/ 0
287 B 48ms
7ms Script
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctnsnet.com/ase/fetch/scraper/76037480/d41d8cd98f00b204e9800998ecf8427e.js?caid=cd88bbb5a1714247b44506a241bdaa2c&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-nzt: EgwBw7WvJwH3BFoDAAwBisclxAH3KAAAAA
x-accel-expires: @1705643131
date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
x-77-age: 219692
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 219652
x-77-pop: frankfurtDE
x-77-nzt-ray: 25b021310a41026f2772a9653c01b322
x-77-cache: HIT
content-type: application/json
accept-ranges: bytes
x-accel-date: 1705383971
content-length: 0

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
311 B 58ms
21ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=68738460&nid=2142538&cont=s&loc=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:02 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
141 B 87ms
50ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=76037483&nid=2142538&cont=s&loc=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d41d8cd98f00b204e9800998ecf8427e.js Show response
cdn.ctnsnet.com/ase/fetch/scraper/67704427/ 0
285 B 48ms
7ms Script
application/json 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctnsnet.com/ase/fetch/scraper/67704427/d41d8cd98f00b204e9800998ecf8427e.js?caid=cd88bbb5a1714247b44506a241bdaa2c&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-nzt: EgwBw7WvJwH30AMDAAwBJRPCNAH3FQAAAA
x-accel-expires: @1705665218
date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
x-77-age: 197605
x-cache-lb: HIT
server: CDN77-Turbo
x-age-lb: 197584
x-77-pop: frankfurtDE
x-77-nzt-ray: 25b021310a41026f2772a965482bba22
x-77-cache: HIT
content-type: application/json
accept-ranges: bytes
x-accel-date: 1705406039
content-length: 0

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
142 B 71ms
34ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=76037490&nid=2142538&cont=s&loc=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
142 B 70ms
33ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=69616513&nid=2142538&cont=s&loc=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integration Show response
i.ctnsnet.com/int/ 0
142 B 58ms
21ms Script
text/javascript 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ctnsnet.com/int/integration?pixel=79158399&nid=2142538&cont=s&loc=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ref=&cst=true&gdpr_consent=
Requested by: Host: consentag.eu
URL: https://consentag.eu/public/3.0.1/consenTag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
content-type: text/javascript
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 tr
webtrafficsource.com/ Frame 0
0 53ms
24ms Preflight 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://myaccount.du.ae
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type
access-control-allow-methods: POST,GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 18 Jan 2024 18:47:03 GMT
via: 1.1 google

POST
H3 200 tr Show response
webtrafficsource.com/ 0
12 B 33ms
33ms XHR
text/plain 34.107.149.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://webtrafficsource.com/tr
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.149.195 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 195.149.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Length
date: Thu, 18 Jan 2024 18:47:03 GMT
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A00B 7 KB
1 KB 26ms
25ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3f9fe9b03aa9fbf70f7f41494a0b39743c30afc3117401c96ff89e96e549256

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NoKb5US8hG9D2KIudSXyhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NoKb5US8hG9D2KIudSXyhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 18 Jan 2024 18:47:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame A00B 55 KB
24 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 00:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 00:09:22 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame A00B 506 KB
203 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 14:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207845
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Jan 2025 14:01:26 GMT

GET
H2 200 pixel
advertiser.inmobiapis.com/tpce/v1/events/ 0
0 326ms
102ms Image
application/json 52.224.189.152
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advertiser.inmobiapis.com/tpce/v1/events/pixel?impId=&advId=cb83995b715f4cd4951c7ff8ec3abd8b&bUrl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ckId=6b06e501-f833-4ffa-af5a-802118a0b591&eventTime=1705603623615&stratGuid=
Requested by: Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.224.189.152 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 115ms
38ms Image
text/plain 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=599409307633963&ev=PageView&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&rl=&if=false&ts=1705603623619&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705603623619.1843442159&ler=empty&it=1705603623467&coo=false&rqm=GET

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de Helsinki, Finland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Jan 2024 18:47:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame A00B 21 KB
15 KB 46ms
45ms XHR
application/json 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fcd34384be1ec221c03f6caf8cbf76d07e9a7de93ef21fd6e6ddda0ba6ff7bc5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:47:03 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
840 B 164ms
164ms Ping
text/plain 2.23.7.41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.7.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-7-41.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 93a6a07.19d3dd80
date: Thu, 18 Jan 2024 18:47:03 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240118184703B6152CC4C0BA18D8AB34-2F1D36C18912CF0C-00
x-cache: TCP_MISS from a2-23-7-37.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 116,2.23.7.37
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=30, inner; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240118184703B6152CC4C0BA18D8AB34
x-cache-remote: TCP_MISS from a23-222-16-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.222.16.71
x-tt-trace-host: 01fe45389c5a7de5e45010f17f9686eb5f05ecd2fb661026862d811ae4d4ffe81ab93495ae51ebdaadc9cc18de315872cb5f42a7d7fd7d33a7dc2bc9a91a2f23054d81e9dffe97c448f502266540978082c40623e029290ee36cdab541ffd44c638bd9ff81646ad233656be74e47e8b794
access-control-allow-headers: Authorization,*
expires: Thu, 18 Jan 2024 18:47:03 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame A00B 600 B
624 B 13ms
13ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 00:05:05 GMT
x-content-type-options: nosniff
age: 153718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 24 Jan 2024 00:05:05 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame A00B 530 B
554 B 15ms
14ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 19:17:32 GMT
x-content-type-options: nosniff
age: 257371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 22 Jan 2024 19:17:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame A00B 665 B
689 B 15ms
15ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 11:42:02 GMT
x-content-type-options: nosniff
age: 25501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 25 Jan 2024 11:42:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A00B 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 306913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A00B 15 KB
15 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 00:11:33 GMT
x-content-type-options: nosniff
age: 498930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 00:11:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A00B 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 207469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 09:09:14 GMT

GET
H3 200 xBCOM0nJGRF-m--wl6VQ1aNLQoz6KTYsNI8IYqWNoW0.js Show response
www.google.com/js/bg/ Frame A00B 17 KB
7 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/xBCOM0nJGRF-m--wl6VQ1aNLQoz6KTYsNI8IYqWNoW0.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4108e3349c919117e9befb097a550d5a34b428cfa29362c348f0862a58da16d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:01:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6865
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jan 2025 18:01:24 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame A00B 44 KB
44 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA7A_JAiKm_aZJNyyB_CUK90gm7gcFqDMVcru4Ht0ncUBB6JderktQ8_cxMPqqM2ACQJ7xGVYnNhs4sPopalA44oonfqrMF93vs0iVZ-bdJ_yWOEKrlANIK19bo2BqaxlbI1NYv87_zqa-okur2v0eY0Tc8cRwCgG96qV69l8lanmc8D7uWtsVntxUBG4vJ2McvwGTimdhVtv3Tc22n0_XH5bn9Sjg&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD

Requested by

Host: myaccount.du.ae
URL: https://myaccount.du.ae/webapp/en/quick-pay

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3cc652282db2f29fabbd840852ca679ae6bf9e58400814d6e7c9c831906cfd2a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lf3YxEUAAAAAMxuBSiyKBkvZihtdWFM8fg79LiD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 18 Jan 2024 18:47:03 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BB30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-uU78cy3jawnElt4EYBqMXneJarMfEvxFBsUmXw&google_cm&google_hm=ay11VTc4Y3kzamF3bkVsdDRFWUJxTVhuZUphck1mRXZ4R...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uU78cy3jawnElt4EYBqMXneJarMfEvxFBsUmXw&google_gid=CAESEPVa1gKwES6iw3zPDOvPl4Q&google_cver=1&google_ula=913071,0

43 B
369 B

15ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uU78cy3jawnElt4EYBqMXneJarMfEvxFBsUmXw&google_gid=CAESEPVa1gKwES6iw3zPDOvPl4Q&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 662473
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-uU78cy3jawnElt4EYBqMXneJarMfEvxFBsUmXw&google_gid=CAESEPVa1gKwES6iw3zPDOvPl4Q&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame BB30 43 B
146 B 181ms
7ms Image
image/gif 52.59.145.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-ya44Zi3jawnElt4EYBqMXneJarM0Ot5KrXOiNA&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.145.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-145-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BB30
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3198688891573955369

43 B
369 B

15ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3198688891573955369

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 924188
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
an-x-request-uuid: e51f4f8a-113b-451b-81b4-b9061d55b065
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3198688891573955369
x-proxy-origin: 178.162.209.135; 178.162.209.135; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame BB30 57 B
813 B 111ms
61ms Image
image/gif 23.32.184.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-tiSTGS3jawnElt4EYBqMXneJarPq6PwEY2ubSA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.184.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-184-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 18:47:04 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Thu, 18 Jan 2024 18:47:04 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame BB30 0
239 B 65ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-PeiCuC3jawnElt4EYBqMXneJarOzWsjCZo6iJw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BB30 43 B
163 B 81ms
13ms Image
image/gif 89.149.192.201
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-yn2Zwy3jawnElt4EYBqMXneJarMui66sk4pwGQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.201 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BB30 0
99 B 88ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-25jF7S3jawnElt4EYBqMXneJarO-HByqZebcHw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12505

GET
H2 200 um
criteo-sync.teads.tv/ Frame BB30 23 B
163 B 82ms
37ms Image
image/gif 2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-Z8frly3jawnElt4EYBqMXneJarNM00M_Kxhgrg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 18 Jan 2024 18:47:04 GMT
pragma: no-cache
date: Thu, 18 Jan 2024 18:47:04 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame BB30 37 B
140 B 32ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-v-90UC3jawnElt4EYBqMXneJarMtRmusV5B6BQ&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame BB30 0
125 B 91ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-rVFwcC3jawnElt4EYBqMXneJarNyYQcgoQYyCQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame BB30 56 B
319 B 112ms
67ms Image
image/gif 23.36.163.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-rVFwcC3jawnElt4EYBqMXneJarNyYQcgoQYyCQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-16.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 18 Jan 2024 18:47:04 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Thu, 18 Jan 2024 18:47:04 GMT

GET
H2 200 pixel
cm.adform.net/ Frame BB30 43 B
163 B 88ms
25ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-8me48y3jawnElt4EYBqMXneJarO89Lr0h6CReQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:04 GMT
last-modified: Fri, 18 Nov 2022 14:41:46 GMT
server: nginx
accept-ranges: bytes
etag: "637799aa-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame BB30 49 B
341 B 99ms
19ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-t9crgC3jawnElt4EYBqMXneJarMccfiMOpGEeA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame BB30
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nzw40C3jawnElt4EYBqMXneJarPSC0NT5VQKDA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nzw40C3jawnElt4EYBqMXneJarPSC0NT5VQKDA&C=1

43 B
321 B

38ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nzw40C3jawnElt4EYBqMXneJarPSC0NT5VQKDA&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTw2VWuAJv6hkbENi2%2ByPH1kdYfztPeHI0rpej9VzWRaft50NySb2Ik4Pdh6A6tS3BDN2HvtTvmwi5XtSej1Dj3VCs63rwg%2Fsalr37OeU1kP11SB69XwolfSMxTd8Lqe74XU"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8479011a7d595c56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlzSCIEKm7FUctq%2BwjPA84%2FYs5cAANlt9M%2BR9Art1L8IZse7wxcrXHf4DYAPrRrsBTK45%2FQ0KgxkoFAcLAU3vxVcHVMAJKRQos8ergCdsa424s58ZkUadkLHLSZHGb3Q%2BD79"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-nzw40C3jawnElt4EYBqMXneJarPSC0NT5VQKDA&C=1
cache-control: no-cache
cf-ray: 8479011a5d355c56-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame BB30 0
123 B 84ms
20ms Image
text/plain 188.65.124.66
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1521&dspUserId=k-cdWduS3jawnElt4EYBqMXneJarOAcUQqxjPIeg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-03-pub-prod-ix7.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-8x6zb
date: Thu, 18 Jan 2024 18:47:04 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame BB30
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=8dtS2JYX5ESe-tCW2SlWc44E9maGgDfB
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8dtS2JYX5ESe-tCW2SlWc44E9maGgDfB

42 B
715 B

33ms
33ms

Image
image/gif

54.154.75.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8dtS2JYX5ESe-tCW2SlWc44E9maGgDfB

Protocol

Server

54.154.75.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-75-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 18 Jan 2024 18:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: jy0/Z84bSwI=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0df1f10d6.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 18 Jan 2024 18:47:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: ttU0gIsoQt8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8dtS2JYX5ESe-tCW2SlWc44E9maGgDfB
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame BB30 43 B
1 KB 31ms
8ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-C9EI_y3jawnElt4EYBqMXneJarPsRlrTml7htg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 18 Jan 2024 18:47:03 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame BB30 43 B
199 B 122ms
33ms Image
image/gif 3.248.133.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-8Czeii3jawnElt4EYBqMXneJarPsDmEjKMjDcA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.248.133.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-133-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 18:47:04 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame BB30 42 B
265 B 57ms
20ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-ipEo2y3jawnElt4EYBqMXneJarOl0vdI5J3_xQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:03 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame BB30 0
885 B 41ms
9ms Image
text/html 52.28.172.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-DQ_hDy3jawnElt4EYBqMXneJarM6DZP6C22iJg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.172.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-172-205.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:04 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame BB30 43 B
423 B 103ms
33ms Image
image/gif 52.48.249.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-6M7nwS3jawnElt4EYBqMXneJarMY5aNOWZObHA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.249.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-249-53.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:04 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame BB30 0
145 B 356ms
88ms Image
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-hNBuQS3jawnElt4EYBqMXneJarNlq67ke6F3wA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 18:47:04 GMT
Cache-Control: no-cache
X-TraceId: f2eb419c74243db5cfdb80aa8db161d0
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BB30 0
225 B 67ms
18ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-w3vWkC3jawnElt4EYBqMXneJarM_wi9CKlxugg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 18:47:04 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame BB30 0
35 B 43ms
7ms Image
text/plain 18.157.200.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-qgPyUS3jawnElt4EYBqMXneJarOsjfN94HPdQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.200.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-200-172.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:04 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame BB30 43 B
398 B 330ms
99ms Image
image/gif 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-OExVbC3jawnElt4EYBqMXneJarN-shAFnxTpMA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:bba5:fc0b:66fa:bb51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 18 Jan 2024 18:47:04 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame BB30 43 B
153 B 80ms
24ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-SkoMnS3jawnElt4EYBqMXneJarNNGCgLHLoxhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 18:47:04 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame BB30 0
235 B 57ms
31ms Image
text/plain 23.32.185.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-gViV3C3jawnElt4EYBqMXneJarO-utHQ4zgLow
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jan 2024 18:47:04 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 17 Jan 2024 18:47:04 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame ED94 0
60 B 100ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3g3bvd0&ref=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&upid=r8bpxny&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 18 Jan 2024 18:47:04 GMT
server: Kestrel

GET
H2 200 adrum-ext.5af4efac0bb62cd6a369676618596c4a.js Show response
cdn.appdynamics.com/ 50 KB
20 KB 11ms
11ms Script
application/javascript 18.66.248.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.5af4efac0bb62cd6a369676618596c4a.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.7.1910.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-129.dus51.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 577f961869445c9b84603a4d2e76072ca2bd4a67637e84640b41bc5f24fc20cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 22:50:41 GMT
content-encoding: gzip
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 1713382
x-cache: Hit from cloudfront
last-modified: Fri, 15 Feb 2019 18:45:26 GMT
server: nginx/1.16.1
etag: W/"5c6708c6-c888"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: prRdDr0-7BrwSYCAsyrgD0SLwauREVlyG7Jn0zby2kdJG69bjshsOQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=354042809&t=timing&_s=2&dl=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&ul=en-us&de=UTF-8&dt=du%20-%20My%20Account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3200&pdt=1&dns=0&rrt=0&srt=144&tcp=430&dit=879&clt=2146&_gst=2417&_gbt=2478&_u=YGBAgEABAAAAAGAEK~&jid=&gjid=&cid=17439976.1705603623&tid=UA-407073-6&_gid=1217470357.1705603623&gtm=45He41a0n71PK3S7Mv6507099&cd17=EN&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=17439976.1705603623&z=1505647968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.du.ae/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jan 2024 20:53:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78798
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 1347d574-e3c9-450a-8aea-3d4d092d58dc
https://myaccount.du.ae/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://myaccount.du.ae/1347d574-e3c9-450a-8aea-3d4d092d58dc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 320076b2ab4edd2f7037763d01adc545de5a0467863b24c8e8f3458f1bde53fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

GET
H2 200 setuid
ib.adnxs.com/ Frame BB30 43 B
1 KB 15ms
15ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-v-0KoS3jawnElt4EYBqMXneJarMDaFd-yp2RsA

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 18:47:03 GMT
an-x-request-uuid: c51436a2-0eda-4441-bf8e-3b3839921ada
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.135; 178.162.209.135; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame BB30 0
15 B 12ms
12ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-rVFwcC3jawnElt4EYBqMXneJarNyYQcgoQYyCQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame BB30
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iQMI01UN6vC_jmxVfs42qR-oRF1cHDVj

0
338 B

133ms
32ms

Image
text/plain

52.31.7.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iQMI01UN6vC_jmxVfs42qR-oRF1cHDVj
Protocol: H2
Server: 52.31.7.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-7-212.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Thu, 18 Jan 2024 18:47:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1705603624
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iQMI01UN6vC_jmxVfs42qR-oRF1cHDVj
date: Thu, 18 Jan 2024 18:47:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1534506
content-length: 0

GET
H2 200 ReadSpeaker.Styles.css
f1-as.readspeaker.com/script/8993/ Frame EE06 21 KB
4 KB 120ms
40ms Stylesheet
text/css 2a02:6ea0:e800::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://f1-as.readspeaker.com/script/8993/ReadSpeaker.Styles.css?v=2.5.16.6672
Requested by: Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:e800::5 Istanbul, Turkey, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0aaca9bc3dde7d71787fce0fd2859da652434dd08d1e837abde8d1a65433d87f

Request headers

Referer
Origin: https://myaccount.du.ae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: istanbulTR
date: Thu, 18 Jan 2024 18:47:04 GMT
content-encoding: gzip
x-age-lb: 64227
x-77-cache: HIT
x-accel-date: 1705539397
x-77-nzt: ApySNA43Nzf/4/oAANRmOJw3Nzeh
x-accel-expires: @1705625792
x-77-age: 64227
x-cache-lb: HIT
last-modified: Mon, 01 Feb 2021 12:24:38 GMT
server: CDN77-Turbo
etag: W/"52ce-5ba457005d989"
x-77-nzt-ray: 8b6094366dc4257c2872a9650384fa2a
vary: Accept-Encoding, Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: https://myaccount.du.ae
cache-control: max-age=86400
access-control-allow-headers: sentry-trace
expires: Thu, 02 Nov 2023 05:50:41 GMT

POST
H/1.1 200
OK adrum Show response
eum.du.ae/eumcollector/beacons/browser/v1/EUM-AAB-AUB/ 0
415 B 910ms
275ms XHR
text/html 5.32.4.235
DU-AS1

General

Check archive.org

Show headers Download Go to

Full URL

https://eum.du.ae/eumcollector/beacons/browser/v1/EUM-AAB-AUB/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.5af4efac0bb62cd6a369676618596c4a.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

5.32.4.235 Dubai, United Arab Emirates, ASN15802 (DU-AS1, AE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.du.ae/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: text/plain

Response headers

AppD-Request-Id: bea69cbfc7615b62
Date: Thu, 18 Jan 2024 18:47:05 GMT
Pragma: no-cache
X-Content-Type-Options: nosniff
Vary: *
Transfer-Encoding: chunked
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Headers: origin, content-type, accept
Expires: 0

POST
H2 200 / Show response
du-app.quantummetric.com/ Frame EE06 90 B
775 B 67ms
19ms XHR
application/json 34.76.43.190
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://du-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1705603624027&v=1705603625116&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.76.43.190 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

190.43.76.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

29d4dee9fb44b49ef1eff9d37c85cabced6b5ca7e748b5e15d6c503f8978c483

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 18:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://myaccount.du.ae
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 / Show response
du-app.quantummetric.com/ Frame EE06 28 B
732 B 19ms
19ms XHR
application/json 34.76.43.190
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://du-app.quantummetric.com/?s=12b207a8a01e8f94456a1e9633dacdae&H=c1cc34cad43daed26d8d83b9&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.76.43.190 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

190.43.76.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 18:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://myaccount.du.ae
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 200 / Show response
du-app.quantummetric.com/ Frame EE06 0
646 B 37ms
37ms XHR
application/json 34.76.43.190
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://du-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1705603624027&v=1705603625190&H=c1cc34cad43daed26d8d83b9&s=12b207a8a01e8f94456a1e9633dacdae&z=1&Q=1&Y=1&X=2f96b97526b04153c62919cce78cb226

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.76.43.190 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

190.43.76.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 18:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://myaccount.du.ae
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
du-app.quantummetric.com/ Frame EE06 0
646 B 24ms
24ms XHR
application/json 34.76.43.190
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://du-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1705603624027&v=1705603625211&H=c1cc34cad43daed26d8d83b9&s=12b207a8a01e8f94456a1e9633dacdae&U=ca86824034bfd5dbdb9454f07c49545a&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.76.43.190 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

190.43.76.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 18:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://myaccount.du.ae
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
du-app.quantummetric.com/ Frame EE06 0
646 B 21ms
20ms XHR
application/json 34.76.43.190
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://du-app.quantummetric.com/?T=B&u=https%3A%2F%2Fmyaccount.du.ae%2Fwebapp%2Fen%2Fquick-pay&t=1705603624027&v=1705603625237&H=c1cc34cad43daed26d8d83b9&s=12b207a8a01e8f94456a1e9633dacdae&z=1&S=1263&N=6&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.76.43.190 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

190.43.76.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 18:47:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://myaccount.du.ae
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 hash-check Show response
rl.quantummetric.com/du/ Frame EE06 2 B
227 B 413ms
133ms XHR
text/plain 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/du/hash-check

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 18:47:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://myaccount.du.ae
access-control-allow-credentials: true
content-length: 2

OPTIONS
H2 200 hash-check
rl.quantummetric.com/du/ Frame 0
0 412ms
132ms Preflight 34.66.3.160
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/du/hash-check

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

160.3.66.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://myaccount.du.ae
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://myaccount.du.ae
content-length: 0
date: Thu, 18 Jan 2024 18:47:06 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 blank Show response
cdn.quantummetric.com/helpers/ Frame C760 209 B
243 B 23ms
23ms Document
text/html 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/helpers/blank

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-du.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://myaccount.du.ae/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 211
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 84790130afb01d86-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 18:47:07 GMT
last-modified: Thu, 18 Jan 2024 18:43:36 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-robots-tag: noindex

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 22:05:55	Name: _GRECAPTCHA Value: 09APYnBZUMvQyxfIhy648XTU-l5faFfT5E1Q3rsaK8oE9wnoy7-7vthHoqLKhcSTGC5FAlDynMNX-kO40PFSBSt8s
myaccount.du.ae/servlet	1969-12-31 23:59:59	Name: JSESSIONID Value: "ENCAAAAAAXHmqj5f95qO/jggqd2oapmbmfu5Ynck3WPkZUeJmh9JSruNEzEbEyDjuhSK94u2Phsfsc+XWwo/P0XAR6drDOMN5lYMAVjgwwVGoqLV2ttyHRGRrPbsDE+vDY5Jdq/OIrS6AuLfPlIjZ6u9t6OqQIs"
.du.ae/	1970-01-20 19:56:19	Name: _gcl_au Value: 1.1.236011341.1705603623
.adnxs.com/	1970-01-20 19:56:19	Name: uuid2 Value: 3198688891573955369
.du.ae/	1970-01-21 03:22:43	Name: _ga Value: GA1.2.17439976.1705603623
.du.ae/	1970-01-20 17:48:10	Name: _gid Value: GA1.2.1217470357.1705603623
.du.ae/	1970-01-20 17:46:43	Name: _dc_gtm_UA-407073-6 Value: 1
.du.ae/	1970-01-20 17:48:10	Name: _uetsid Value: f8693470b63111ee8c43e3db992bfc58
.du.ae/	1970-01-21 03:08:19	Name: _uetvid Value: f86942b0b63111eeac80cb6cc0d4b3ff
.criteo.com/	1970-01-21 03:08:19	Name: uid Value: 2cb9f3c5-a392-41f2-9ee9-d3cbe171e657
.criteo.com/	1970-01-21 03:08:19	Name: receive-cookie-deprecation Value: 1
.creativecdn.com/	1970-01-21 02:32:19	Name: u Value: 2p9YOU3ltneWVAjrc3Yh
.creativecdn.com/	1970-01-21 02:32:19	Name: g Value: 2p9YOU3ltneWVAjrc3Yh_1705603623283
.creativecdn.com/	1970-01-21 02:32:19	Name: c Value: 2p9YOU3ltneWVAjrc3Yh_fUe5epIYkfe21xtnZY4b_1705603623283
.creativecdn.com/	1970-01-21 02:32:19	Name: ts Value: 1705603623
.creativecdn.com/	1970-01-21 02:32:19	Name: ar_debug Value: 1
track.omguk.com/	1970-01-20 19:13:07	Name: OMG-Channel-2325899 Value: Channel%3D
track.omguk.com/	1970-01-20 19:13:07	Name: OMGID Value: UUserID%3D%7B5c03d911-c1ad-433f-a921-0325bc769a1d%7D
track.omguk.com/	1970-01-20 17:46:45	Name: OMGSession Value: SessionID%3D4d6a762a24cd469f80806aaae5b8172c%26SessionCount%3D0
.bing.com/	1970-01-21 03:08:19	Name: MUID Value: 305DDE9C8A536AF023BECA968B536BA4
.tiktok.com/	1970-01-21 03:08:19	Name: _ttp Value: 2b8jVU3MWlGpIWuuM8ffpoD8UIG
.doubleclick.net/	1970-01-21 03:08:19	Name: IDE Value: AHWqTUlRsaOKPI7MXtwh7xtIo_uLxXsCP6ESjIz4qcUC3mWuPloN1jvMHHAkZdHPBcY
.du.ae/	1970-01-21 03:16:07	Name: cto_bundle Value: lfFpbV95clBFcjRYRG53NVhZd3lkWlh3RU0zTjZwNDdad1ZYeDBQaE15ZnBIME1zQUIyN1Vib3ZJT2hJcktKWXBqNyUyQjB6eml3UzdyUVBmZmkwbDNVdnY1UXlLbTVFdHQlMkJFNzgxcVBFeklpRldxeUo5ZmMzalFtYXRBRWMyM0pnb1NHZEhWVEMlMkJOZDFxZHdLcWtIWHJOSVJhVkElM0QlM0Q
.linkedin.com/	1970-01-20 19:56:19	Name: li_sugr Value: b38ef664-630b-4467-a695-65e0daf1f35e
.linkedin.com/	1970-01-20 17:48:10	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3107:u=1:x=1:i=1705603623:t=1705690023:v=2:sig=AQH7HgHWIktkAmeNY7Xh7GZUkx-uCoBL"
webtrafficsource.com/	1970-01-21 02:33:46	Name: uxid Value: ed5134a0-5e7d-4f26-8ab3-3215aacde990
.linkedin.com/	1970-01-21 02:32:19	Name: bcookie Value: "v=2&cede9afb-06a7-4e82-8925-9689626a0d18"
.linkedin.com/	1970-01-20 22:05:55	Name: li_gc Value: MTswOzE3MDU2MDM2MjM7MjswMjESCl0yV0+N+UZVv+2u5LR6IzMvMt1Ms7XufUAIC1sLuQ==
.twitter.com/	1970-01-21 03:22:43	Name: guest_id_marketing Value: v1%3A170560362335918009
.twitter.com/	1970-01-21 03:22:43	Name: guest_id_ads Value: v1%3A170560362335918009
.twitter.com/	1970-01-21 03:22:43	Name: personalization_id Value: "v1_see7GjUhAyBeuIZRZITywA=="
.twitter.com/	1970-01-21 03:22:43	Name: guest_id Value: v1%3A170560362335918009
.consentag.eu/	1970-01-20 21:22:43	Name: bid Value: uk-1705603623-bc7765bb99c04ee2800a9304d294aab0
.t.co/	1970-01-21 03:22:43	Name: muc_ads Value: a72f802a-93ca-4d5e-9ea9-d55d414abfc4
.du.ae/	1970-01-21 03:08:19	Name: _tt_enable_cookie Value: 1
.du.ae/	1970-01-21 03:08:19	Name: _ttp Value: HfvCG-x_4RaAPZOh9WxeDOoKiLp
myaccount.du.ae/	1970-01-21 02:32:19	Name: __tmbid Value: uk-1705603623-bc7765bb99c04ee2800a9304d294aab0
.ctnsnet.com/	1970-01-21 02:32:19	Name: cid_42a84df11d7a49c09744abb8262be5fb Value: 1
.ctnsnet.com/	1970-01-21 02:32:19	Name: cid_8fa07e9c8c9a40ca8fbfdcdde6370d85 Value: 1
.ctnsnet.com/	1970-01-21 02:32:19	Name: cid_63e43304ccaa495dbd98753716d3a2c9 Value: 1
.ctnsnet.com/	1970-01-21 02:32:19	Name: cid_3525aa3c74cb43a0864eb402bcc26931 Value: 1
.du.ae/	1970-01-20 19:56:19	Name: iDSP_Cookie Value: 6b06e501-f833-4ffa-af5a-802118a0b591*1705603623615cb83995b715f4cd4951c7ff8ec3abd8b*
.du.ae/	1970-01-20 19:56:19	Name: _fbp Value: fb.1.1705603623619.1843442159
.ctnsnet.com/	1970-01-21 02:32:19	Name: cid_c237ec9fcaf14706aa056eb5e221895e Value: 1
.adnxs.com/	1970-01-21 03:22:43	Name: XANDR_PANID Value: RZ505LK9kg2GxxVoJiVb4WLhCIr6JrQYqUQryVxlL3sBrrbFy1sOpMgCsoisE8OVr3Lzx-x0vvIKPGxMEtOYuDWGOjav0MjIPGlaB_ONl38.
.adnxs.com/	1970-01-20 19:56:19	Name: anj Value: dTM7k!M40dWIy(ghqdmU(7TZQ><v^#?nI#`%?FL5arnD2tC]y8Mb/otBNoPx<=Sk2L>pCtBKXV>UP`Ge86vSn'2u`rsBwvT@EX>pDdUIJjdD)HILfL24>ieFzpiq%]C'qZc-2G2Gc18Bm'JAUuFfDq4z2JruXJE$e251HaK*k+kD$25ADb6_:!8_b2+C=f?
.media.net/	1970-01-21 02:32:19	Name: visitor-id Value: 3486052241491951000V10
.media.net/	1970-01-20 18:29:55	Name: data-c-ts Value: 1705603624
.media.net/	1970-01-20 18:29:55	Name: data-c Value: k-tiSTGS3jawnElt4EYBqMXneJarPq6PwEY2ubSA~~3
.casalemedia.com/	1970-01-21 02:32:19	Name: CMID Value: ZalyKGuX3Fo4IJPgabQRuQAA
.casalemedia.com/	1970-01-20 19:56:19	Name: CMPS Value: 3352
.casalemedia.com/	1970-01-20 19:56:19	Name: CMPRO Value: 3352
.demdex.net/	1970-01-20 22:05:55	Name: demdex Value: 69072278322833183120007357103602040533
exchange.mediavine.com/	1970-01-20 18:06:53	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22f8ed7b70-b631-11ee-8b4a-4bfa8e56fbbc%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:06:53	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22f8ed7b70-b631-11ee-8b4a-4bfa8e56fbbc%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:06:53	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22f8ed7b70-b631-11ee-8b4a-4bfa8e56fbbc%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:06:53	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22f8ed7b70-b631-11ee-8b4a-4bfa8e56fbbc%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:06:53	Name: criteo Value: %7B%22id%22%3A%22k-DQ_hDy3jawnElt4EYBqMXneJarM6DZP6C22iJg%22%2C%22version%22%3A%22criteo%22%7D
.omnitagjs.com/	1970-01-20 18:29:55	Name: ayl_visitor Value: 28d4f2cd341c072ab07571e1e0deb7b7
.dpm.demdex.net/	1970-01-20 22:05:55	Name: dpm Value: 69072278322833183120007357103602040533
.postrelease.com/	1970-01-21 02:32:19	Name: opt_out Value: 1
.krxd.net/	1970-01-20 22:05:55	Name: _kuid_ Value: QCydVmx0
.tremorhub.com/	1970-01-21 02:32:40	Name: tvid Value: 4c02e1341a7c4e63887af279e32eeaf5
.tremorhub.com/	1970-01-20 18:29:55	Name: tv_UICR Value: k-OExVbC3jawnElt4EYBqMXneJarN-shAFnxTpMA
myaccount.du.ae/	1970-01-20 17:46:43	Name: ADRUM_BTa Value: "ENCAAAAAAWwzyFc3qgFfYbNCKoD8CVmgp4Xa01TzlWGXntZxkgyVN80jpoJ2I9CgUt5s7ftLz39iXkffTtCxznnFf/LLjF8PKbamKrTA3CAHwkPc3uwDOVDFHgYlFdwNuLnkmjwBbeSNYTgTZmFjfpHawH99uixlbYb5HkUFCyBl2tjCFEBonQhm41zmbpUWVzgJFh+bwU="
myaccount.du.ae/	1970-01-20 17:46:43	Name: SameSite Value: "ENCAAAAAAXtEdz6NZkrA4jF5L9b45Dozu7yMjCUHH2mCRL0YLaphP1TrFUib06P2dHavUK5DPA="
myaccount.du.ae/	1970-01-20 17:46:43	Name: ADRUM_BT1 Value: "ENCAAAAAAV4wTkaJ2zHHdXs95bZrA5t/OaBOym1eMyGOtXHos97H00JrtaeqekSuX8sTT/SIZ6Y52rOAynBLKMZdqcL+MQ9"
myaccount.du.ae/	1970-01-20 17:46:43	Name: NSC_TFMGDBSF_TTM_443 Value: "ENCAAAAAAUSVTT1xuDEevoQAbTPgsJuHEYvr1UFAbebXe7ify31Hpu6PDtmyMIhTQ13cXhjQnQoKHby5eI9dcPXGxWyBE7v9rVYIiQitrHeaZFZuaXCujRG+CTaCJlTPFcGbnX6EBjabIrYlM9b5L8MBAdfQoyN"
.du.ae/	1970-01-20 17:46:45	Name: QuantumMetricSessionID Value: 12b207a8a01e8f94456a1e9633dacdae
.du.ae/	1970-01-21 02:32:19	Name: QuantumMetricUserID Value: ca86824034bfd5dbdb9454f07c49545a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10089018.fls.doubleclick.net
10162949.fls.doubleclick.net
12094659.fls.doubleclick.net
12709077.fls.doubleclick.net
13303464.fls.doubleclick.net
8468600.fls.doubleclick.net
a.twiago.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
advertiser.inmobiapis.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api.permutive.com
bat.bing.com
beacon.krxd.net
cdn.appdynamics.com
cdn.ctnsnet.com
cdn.quantummetric.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
consentag.eu
contextual.media.net
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
du-app.quantummetric.com
dynamic.criteo.com
eb2.3lift.com
eum.du.ae
exchange.mediavine.com
f1-as.readspeaker.com
fonts.gstatic.com
gum.criteo.com
hb.yahoo.net
i.ctnsnet.com
i.l-dsp.inmobicdn.net
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
jadserve.postrelease.com
js.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
myaccount.du.ae
pixel.rubiconproject.com
pubads.g.doubleclick.net
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
rl.quantummetric.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
snap.licdn.com
sslwidget.criteo.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
t.co
track.omguk.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
webtrafficsource.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.244.42.131
104.244.42.197
108.138.15.119
13.107.42.14
13.248.245.213
141.226.228.48
142.250.185.130
142.250.74.198
146.75.120.157
162.19.138.116
172.64.151.101
178.250.1.9
18.157.200.172
18.66.248.129
185.184.8.90
185.255.84.153
185.64.191.210
188.65.124.66
2.16.100.161
2.19.104.4
2.23.7.41
23.32.184.20
23.32.185.192
23.36.163.16
2600:1f18:612b:4216:bba5:fc0b:66fa:bb51
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:35fc
2606:4700::6811:180e
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:400c:c00::9a
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:16::215:1484
2a02:6ea0:c700::11
2a02:6ea0:e800::5
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
3.248.133.210
3.75.62.37
34.107.149.195
34.107.173.171
34.107.254.252
34.117.157.22
34.252.165.148
34.66.3.160
34.76.43.190
35.186.193.173
37.157.3.20
37.252.172.123
5.32.4.153
5.32.4.235
52.223.40.198
52.224.189.152
52.28.172.205
52.31.7.212
52.48.249.53
52.59.145.139
54.154.75.101
64.202.112.159
69.173.144.139
85.215.5.31
89.149.192.201
028a986dd20d66c3950495d957214cda50669a831b7a5c8fcb9bf94c91f861f2
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b
0aaca9bc3dde7d71787fce0fd2859da652434dd08d1e837abde8d1a65433d87f
0b3381032f05e2df8a8df800d075706acf1d51ece26731f95268f36d7ac56681
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0e79cede02b20c3bab8736bf4457f51415177d0411d9f059beb9cd94db08d2f3
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
13bdef7567aa2c895cd70b51e0720b6f768fdb50e879c8c56f3f3d80f9866e92
1850e7a91a9faf761443d6d5d9638bc06cb2b699b6edc030625211f7dfd23b6b
1a816e9dc211c37e763505eb70bf524eed8db8cc268f956345a5bdad8bc88604
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4119e28dcf548e111f26d61db49f2bfe972dac4cd2f2af9f45c2a51353ea93
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22da92d2d0ed9dd76507088702badb488453899d661b7c5cbb4ccf94c6ea0efe
252c06fb0de038cb740d9a826bd953e2087239ed47b2df59b418e718455991b5
28bd53cec442bda2a970bfd4d1b058fd202cbd3438c05550f4c949fe5f6f3918
29d4dee9fb44b49ef1eff9d37c85cabced6b5ca7e748b5e15d6c503f8978c483
31f633ffb1cded2c62b7331f92ed3c15da2ef41e3d2d3c20d8a80e4aaaa4f321
320076b2ab4edd2f7037763d01adc545de5a0467863b24c8e8f3458f1bde53fd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3cc652282db2f29fabbd840852ca679ae6bf9e58400814d6e7c9c831906cfd2a
3d2c4ea9cdd0d756db84b768c6f16a6d6436146d798341a6d51bb15515f99744
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e782c83573cf59ea8099a7caaedd282c9ec6849f173f43cff5318a8c75df26
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
56257a1da4f7691b854b3f990c072729e4ca85487bab530cf46da3d2b481d4c8
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
577f961869445c9b84603a4d2e76072ca2bd4a67637e84640b41bc5f24fc20cf
57e77b65624bc16a044a3c6914c15e1d954b3981b4f4b00be7dbedc9d2b80ccf
58fc72734c2424f0bfea397ccc278acde00f0e1b760aed4cb9a202f12edcae5a
5a8ad48b4bb4f6886473fb8c6ca5bbf97ccb9b448bdcf01b8a733b7c69290be7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5ff6b580d8969befa88e0b20c3ca6353f9683716e85dbbee5e86fffa360a9cd6
66b685070d30aa182683c47bdc6dc016904c6fce3b9d8766cd12cdaa2d96f9f3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fb89b9b4777899a66f229fe91f71ab2ebaf8f37be14d18b5a77c55307944475
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a556bd24432052b4674c0674b9fefbb91e8150e1de415c2c188db39d99bc319
7d32eed2aeda44bdccaf8aa21b4db2682a932408740042154808b1435823e98c
81fd54c0410f4d5b0945b4d3795428cef0a773aaae3b3b31c36290d548df4eb2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ea44807d7d9b225c299d01ee912eef00b288af7f3574d4f2c21ec9cbadc9b3
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8998e4803d3b8962861701c78abe3ff3c7f874832e4627ec2ea801481d2acb97
89aa9f3b9b9ed156d219c122427f8e797c67c4030adbe4201d72030396d6b462
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d7db296bea88a53d64bb97918b8322a127cf36e7930e8e9cebe508fa012b137
8dab4661bda2cb8c1d9d787b1d949518d81021353c7536bf19f97060e824dbe1
90809b509d33d74aea99990102c5cc60ed19e9fec7f05f82a12b9fe99a35c4bb
91088a015cd36dabb6639d0b6d08fadc57be7f1b85011f5f882d4e7a8611df31
949677a371da36358e69e661712717db867e11b2cf93fdfceb094051e0530e4a
984bc8c91a0bb9498f4bfd59db79215c02c5a4c4da1184896c65477560672a2e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a536a31a18d00aa02e97459f5cb3890b7507e3034b194c6681942526862bb223
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
ac63bd0ec4d73b90237949f24859de711328276f21a41b18b4248759deff16fa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ae663f7733f0aac1c25cbf0d449180f98fb52fcf233efcb3bfa9e6df7145baa5
aed44135c22b408ecd6d9116befc468ae80240039faa1a6ff56f07fda5006e8a
b1077fe05a8a2eae432916d52ad1edce698b5ee5cc97f988a28ffe421f24437a
b13441b2c207325dbdfdb2b39c6652fcb581f82bc788432b80110390e7bdc913
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b7b05ad1c3a308d4781fb953d46080e6ee5bfbacb166eb0e807105f3fefc79fa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc678b259924d7b30382cfbbf630018c883463d77e533e77475754eefac1e34
c4108e3349c919117e9befb097a550d5a34b428cfa29362c348f0862a58da16d
c4e33db41a643c89cd81c2e2e82a7447b6ecc75cc3fdd030c585c2056b3492e0
c68bccc901ea3e91d855bccfbf150b01701b406e1057ef2890f9c8a0b6df8df7
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cc542ab32f726aa64d1f3ef831445b7c9174207f503e463f6dd3d888e3351eff
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d7fea04c7c9a75f36d843525707822ae20038528c46f1ff772e16f83fac8e0a9
db0d957f6d01815f16c66afae78f04d790a1cb5b0d7ebef64f404c30b48cd7aa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0cb0e85b4978adc8810c77b70112b853e28fe8b3e4eb4a9cb038426fa7baf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9fe9b03aa9fbf70f7f41494a0b39743c30afc3117401c96ff89e96e549256
e72944b40f2b0a6a7f2310df4fbf98b3305bc9e16a8d335353aecd9c147b44ba
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f187dc8de7fe50f1f8825c3500b64080cc78ac39df7efd31a4b1bc562be9ca3d
f5a79050187027c8758bea038fff4b90bf5243a41c8732f616b5bb3a35ecb4ff
f918991c819f61975d59ef0fa79b1af5f7bfc23f5c6bf6b4b4fb23e888716ebc
fc63f9ef51602b46dc51a0256b3369d483e2f7300ebd2e9cb8269f72e795aa30
fcd34384be1ec221c03f6caf8cbf76d07e9a7de93ef21fd6e6ddda0ba6ff7bc5
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

myaccount.du.ae Open in urlscan Pro 5.32.4.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

94 %HTTPS

32 %IPv6

58 Domains

79 Subdomains

72 IPs

11 Countries

2765 kBTransfer

5765 kBSize

70 Cookies

6 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

myaccount.du.ae Open in urlscan Pro
5.32.4.153 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

94 %
HTTPS

32 %
IPv6

58
Domains

79
Subdomains

72
IPs

11
Countries

2765 kB
Transfer

5765 kB
Size

70
Cookies

156 HTTP transactions
2 data transactions