urlscan.io logo urlscan.io
SecurityTrails logo

win.ma Open in urlscan Pro
105.73.3.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://win.ma/
Effective URL: https://win.ma/
Submission: On August 07 via manual from MA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 6 countries across 9 domains to perform 33 HTTP transactions. The main IP is 105.73.3.20, located in Morocco and belongs to MAROCCONNECT, MA. The main domain is win.ma.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 4th 2024. Valid for: a year.
This is the only time win.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 105.73.3.20 36884 (MAROCCONNECT)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 _)
1 2a00:1450:400... 15169 (GOOGLE)
7 85.222.146.21 14340 (SALESFORCE)
3 95.100.146.9 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 160.8.244.120 14340 (SALESFORCE)
2 13.51.236.196 16509 (AMAZON-02)
33 10
13    105.73.3.20 (Morocco)

ASN36884 (MAROCCONNECT, MA)
win.ma
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
web.webpushs.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    85.222.146.21 (Paris, France)

ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-cdg3.eu26-cdg.force.com
service.force.com
3    95.100.146.9 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-9.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    160.8.244.120 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl13-ncg0-cdg3.la2-c1-cdg.salesforceliveagent.com
d.la2-c1-cdg.salesforceliveagent.com
2    13.51.236.196 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-51-236-196.eu-north-1.compute.amazonaws.com
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com
Apex Domain
Subdomains		 Transfer
13 win.ma
win.ma
914 KB
7 force.com
service.force.com — Cisco Umbrella Rank: 6720
29 KB
4 salesforceliveagent.com
d.la2-c1-cdg.salesforceliveagent.com — Cisco Umbrella Rank: 605589
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com — Cisco Umbrella Rank: 50887
5 KB
3 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
139 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
73 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
110 KB
1 webpushs.com
web.webpushs.com — Cisco Umbrella Rank: 73428
37 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
775 B
0 polyfill.io Failed
polyfill.io Failed
33 9
Domain Requested by
13 win.ma 1 redirects win.ma
7 service.force.com win.ma
service.force.com
3 analytics.tiktok.com www.googletagmanager.com
analytics.tiktok.com
2 d.la1-core1.sfdc-cehfhs.salesforceliveagent.com service.force.com
2 d.la2-c1-cdg.salesforceliveagent.com service.force.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
1 www.googletagmanager.com win.ma
1 web.webpushs.com win.ma
1 fonts.googleapis.com win.ma
0 polyfill.io Failed win.ma
33 10

This site contains no links.

Subject Issuer Validity Valid
*.win.ma
Sectigo RSA Domain Validation Secure Server CA		 2024-03-04 -
2025-03-04		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
web.webpushs.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-16		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.eu26.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-03 -
2024-12-31		 a year crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-17 -
2024-08-15		 3 months crt.sh
la2-c1-cdg.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-01 -
2024-10-29		 a year crt.sh
la1-core1.sfdc-cehfhs.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-04 -
2025-06-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://win.ma/
Frame ID: FA59C5A1640CD7E354E39FE368AFD092
Requests: 33 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Frame ID: 67CECFE268A5351C5953903ABC4FA51C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

win | Premier Opérateur Mobile 100% Digital au Maroc

Page URL History Show full URLs

  1. http://win.ma/ HTTP 307
    https://win.ma/ HTTP 307
    http://win.ma/ HTTP 301
    https://win.ma/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • service\.force\.com
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

33
Requests

94 %
HTTPS

44 %
IPv6

9
Domains

10
Subdomains

10
IPs

6
Countries

1311 kB
Transfer

6061 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://win.ma/ HTTP 307
    https://win.ma/ HTTP 307
    http://win.ma/ HTTP 301
    https://win.ma/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
win.ma/
Redirect Chain
  • http://win.ma/
  • https://win.ma/
  • http://win.ma/
  • https://win.ma/
376 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
1918a6aeae5b87a6681366a518203050ddc6b9f6be547d79b18d6a507d073989
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
none
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Aug 2024 18:07:41 GMT
ETag
"5df86-DNoOydRYgQ+fphULzS/kCZHZPxQ"
Link
</_nuxt/1510ab3.js>; rel=preload; as=script, </_nuxt/ac5be21.js>; rel=preload; as=script, </_nuxt/e79182c.js>; rel=preload; as=script, </_nuxt/312c913.js>; rel=preload; as=script
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://win.ma/
Server
BigIP
1510ab3.js
win.ma/_nuxt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/1510ab3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
3220afe424971c84d14fb3fa3baa36793efb5af404c9d07d804e06401c01af98
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:42 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"14a2-1906ce84095"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
ac5be21.js
win.ma/_nuxt/ 		226 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/ac5be21.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
cc7a83482caae00cdc31ace1a59c01e340b149c0fa67ad1d62d38ffffbfcac15
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:42 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"38821-1906ce84075"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
e79182c.js
win.ma/_nuxt/ 		3 MB
514 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/e79182c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
77a6d49850096ec68d2813a91f8b1908017d26aaed430e3a2e17943a870ee567
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:42 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"29df98-1906ce84095"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
312c913.js
win.ma/_nuxt/ 		1 MB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/312c913.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
ae0fba6f6111df81b535ca9503101b46a6ac08eb75412e92d389632ac6129e9b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:42 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"1005a9-1906ce84075"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Aug 2024 18:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 07 Aug 2024 18:07:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Aug 2024 18:07:42 GMT
ca618ca695daff172389373ddf8129e6_1.js
web.webpushs.com/js/push/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.webpushs.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5329620df82cb9e1f3334b659d1fa11789e05ae3105dfc2c691fff5797d6c95f
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua https://google.com/pay *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com dl-media.viber.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.cdninstagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.sppopups.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org *.2checkout.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 07 Aug 2024 18:07:42 GMT
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua https://google.com/pay *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com dl-media.viber.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com *.cdninstagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.sppopups.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 1860267202.rsc.cdn77.org 1443908614.rsc.cdn77.org *.2checkout.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-accel-date-max
1722247157
x-77-cache
HIT
x-cache
HIT
x-age
443805
x-accel-date
1722610257
x-xss-protection
1; mode=block
x-77-nzt
EgwBisclJAHXncUGAAwBnJIhJwH3k8YDAA
x-accel-expires
@1723209316
x-77-age
443805
x-sp-ma
sp-ma-0
last-modified
Tue, 14 Mar 2023 14:19:11 GMT
server
CDN77-Turbo
etag
W/"1d013-5f6dce94f9c60"
x-77-nzt-ray
f88df72e475859eaeeb7b3669bdb531f
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
access-control-allow-origin
*
x-sp-pr
lpr-04
cache-control
max-age=604800
expires
Fri, 26 Jul 2024 13:15:12 GMT
gtm.js
www.googletagmanager.com/ 		344 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ed818aad31677b4b4e62b8e5be76e029c861dced68991867b2348767eb1ea1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112733
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Aug 2024 18:07:42 GMT
smartbanner.min.css
win.ma/smartbanner/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.css
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
ad981f0d083d45ecc8480bb4b59d5815a82c5a396cb83c1ef6936c3da0e00110
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:42 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Sun, 30 Jun 2024 20:31:21 GMT
ETag
W/"bc4-1906ad855a8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.222.146.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 04 Jul 2023 00:26:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Thu, 08 Aug 2024 18:07:42 GMT
polyfill.min.js
polyfill.io/v2/ 		0
0
smartbanner.min.js
win.ma/smartbanner/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
a5fabc8494f83fe9a7932cdb4fbb7be8bb00d0c6a519431f4e399aad85b90d22
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:42 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Sun, 30 Jun 2024 20:31:21 GMT
ETag
W/"23a6-1906ad855a8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.222.146.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Thu, 17 Feb 2022 23:57:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Thu, 08 Aug 2024 18:07:42 GMT
esw.min.css
service.force.com/embeddedservice/5.0/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.222.146.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 Aug 2021 14:11:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Thu, 08 Aug 2024 18:07:42 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.222.146.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 17 Aug 2022 20:11:18 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Thu, 08 Aug 2024 18:07:42 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHNI58RC77U441D0BTR0&lib=ttq
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
099450c5031ea664ef3594fa25b0a68cd550e6c9c58b061dc33c707b450bad20

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
66ef843.2a7c38c3
date
Wed, 07 Aug 2024 18:07:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2408071807423440664BDB8EABE2DFAB-4E359DC8980B0960-00
x-cache
TCP_MISS from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
x-parent-response-time
112,95.100.146.5
server-timing
cdn-cache; desc=MISS, edge; dur=105, origin; dur=7, inner; dur=3
content-length
2572
pragma
no-cache
server
nginx
x-tt-logid
202408071807423440664BDB8EABE2DFAB
x-cache-remote
TCP_MISS from a23-222-16-157.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.222.16.157
x-tt-trace-host
015d2718a00bc57e667372f5fc17447c77920176e30e1d981baf605ba29e39290fb7fd2ee6144c7f53f1b772cf3f6973785859c00a92b5bf85ee605ddd539be83723901fd000aae59be56e913b31fe38ea023369d6049995923e30468a7bd8a3e18664bc74bce71162545a1e07ed059ef9
expires
Wed, 07 Aug 2024 18:07:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Aug 2024 18:07:42 GMT
document-policy
force-load-at-top
x-fb-server-load
35
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=12, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
O2a1EHx3BhQLgqcAdRJZFHEXLW80JQuKl8XvAmU26ZJKLAwMZRKdyZn1I2V9RbhAzr9qxIWIg8VrTqtCS10I3g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
357379934942021
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/357379934942021?v=2.9.164&r=stable&domain=win.ma&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5425f24fe5b76fa7d0ae344d0f184a843a7a3fb314bf6063787fe6ad35ce1ffb
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 07 Aug 2024 18:07:43 GMT
document-policy
force-load-at-top
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=63, mss=1297, tbw=64402, tp=-1, tpl=-1, uplat=143, ullat=0
pragma
public
x-fb-debug
zGFf/Dwou52k3Rf1JK5ZIwBP498CPLW4MQFRFANOjzZT6tgAP4gaereJ85KGh4V8lsQLh2fmhaqWuKRerNQtcQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MWFhNzU2YTY5MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		336 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWFhNzU2YTY5MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHNI58RC77U441D0BTR0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d48ab8d60cee7ebae74ce89eecd7b4eef9e066cab216c9cfafd2f5dfeff76867

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
2a7c3d03
date
Wed, 07 Aug 2024 18:07:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240805204747C08B95487E27AC139C11
x-tt-trace-id
00-240805204747C08B95487E27AC139C11-4BE81AAB4D0E06E2-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01dabc5666e19d8b67a10e01bed6c33944d5946382c71ee02b66f480101063690ac6d55bbed7a17296fe72370fc775da98b55f2226c8259b650e2a809ee1fe81f0cfdd5777bf28072d6f307b286da698d4effe97c1849ead707425f8ca145b2f06
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
98245
identify_c2008b8c.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWFhNzU2YTY5MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.146.9 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-146-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
2a7c4150
date
Wed, 07 Aug 2024 18:07:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407291241450324560FD3E61E30080D
x-tt-trace-id
00-2407291241450324560FD3E61E30080D-1CEE7FFDC21C99E7-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a95-100-146-5.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
010f165459d4a020da8e7e4806794458ab4311fc6953f7cb24a8674ccffa8060aa6721fff6a4eb73e4144b9b1d52aad081e7a008abb2988e0b84022a4a3dbfa2289b39048ad4354832847c569354ab16fa8a3d5ee84db1b916008a3714f731a6a5
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39571
3c8fcea.js
win.ma/_nuxt/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/3c8fcea.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/1510ab3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
df9b93084165ee07dcba97feaaecd7a37c1ca899bc8b1875bf3473053c716a3e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:44 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"60a8-1906ce8406d"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
737aa68.js
win.ma/_nuxt/ 		79 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/737aa68.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/1510ab3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
2ee6a6dd3182ece9d33539055fb53ea1e005444d4cdf6996f93b1555dc78d62b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:44 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"13d11-1906ce8406d"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
eff7019.js
win.ma/_nuxt/ 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/eff7019.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/1510ab3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
318458b2f6bd1b8ecb04ca266081150b55e7917a223d3fb679db9eccc19c70d8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:48 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"e969-1906ce8406d"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
7f1a987.js
win.ma/_nuxt/ 		222 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/7f1a987.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/1510ab3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
c573762502b8ed09b552f86159d3afcf2c9c82697da070373468e7960d51a3f0
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:44 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"378dc-1906ce8406d"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
707edf1.js
win.ma/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/707edf1.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/1510ab3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
b63516967bf4bee283ba01b4b1e94e176114ed2b0a87a4678e0b4b704e1fcb08
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 07 Aug 2024 18:07:48 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 01 Jul 2024 06:07:58 GMT
ETag
W/"641-1906ce8407d"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
esw.html
service.force.com/embeddedservice/5.0/ Frame 67CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.222.146.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public,max-age=86400
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=UTF-8
date
Wed, 07 Aug 2024 18:07:44 GMT
expires
Thu, 08 Aug 2024 18:07:44 GMT
last-modified
Thu, 14 Sep 2023 00:07:46 GMT
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy
origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
none
EmbeddedServiceConfig.jsonp
d.la2-c1-cdg.salesforceliveagent.com/chat/rest/EmbeddedService/ 		174 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2-c1-cdg.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D0N000000j6eD&EmbeddedServiceConfig.configName=Discuter_avec_Einstein_Bot&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=fr
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.244.120 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg0-cdg3.la2-c1-cdg.salesforceliveagent.com
Software
/
Resource Hash
00f993fa8da962e101c466681a2a88164bc3e6531bd854d6dddabae661bf3c38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.222.146.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Fri, 24 Sep 2021 16:25:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Thu, 08 Aug 2024 18:07:44 GMT
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
https://service.force.com/
Origin
https://win.ma
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
application/octet-stream
Settings.jsonp
d.la2-c1-cdg.salesforceliveagent.com/chat/rest/Visitor/ 		177 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2-c1-cdg.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5730N0000000Blz]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720N0000000Bd8&org_id=00D0N000000j6eD&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.244.120 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg0-cdg3.la2-c1-cdg.salesforceliveagent.com
Software
/
Resource Hash
90ee0ccf6d335dcf9e4e65b163d938d71574d6804a9d99325abfc4967b57273f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.222.146.21 Paris, France, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-ncg0-cdg3.eu26-cdg.force.com
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 18 Aug 2020 17:12:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Thu, 08 Aug 2024 18:07:44 GMT
EmbeddedServiceConfig.jsonp
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com/chat/rest/EmbeddedService/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-core1.sfdc-cehfhs.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D0N000000j6eD&EmbeddedServiceConfig.configName=Discuter_avec_Einstein_Bot&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=fr
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.51.236.196 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-236-196.eu-north-1.compute.amazonaws.com
Software
envoy /
Resource Hash
63da4324978a61770eae7b760e0e6cf39f0fed0d54e523c0d7822dd05c84d531
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 18:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
envoy
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
expires
-1
Settings.jsonp
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com/chat/rest/Visitor/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-core1.sfdc-cehfhs.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5730N0000000Blz]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720N0000000Bd8&org_id=00D0N000000j6eD&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.51.236.196 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-236-196.eu-north-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 18:07:45 GMT
server
envoy
content-length
81
x-envoy-overloaded
true
content-type
text/plain
04e67b2.js
win.ma/_nuxt/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
polyfill.io
URL
https://polyfill.io/v2/polyfill.min.js?features=default,IntersectionObserver,Array.prototype.find,EventSource,Array.prototype.includes
Domain
win.ma
URL
https://win.ma/_nuxt/04e67b2.js

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| include string| path string| lang object| __NUXT__ object| embedded_svc function| initESW object| webpackJsonp object| oSpPOptions function| oPromptPush object| oSpP object| core object| __core-js_shared__ object| firebase function| UAParser object| google_tag_manager object| google_tag_data object| dataLayer string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| regeneratorRuntime function| setImmediate function| clearImmediate function| _ object| onNuxtReadyCbs function| onNuxtReady function| Hammer

5 Cookies

Domain/Path Name / Value
win.ma/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: DFMHCELNFKDJLIBAMCIADNJGGFHNABOIBKMNLNBGKDFGJOHBNEGDEDLEJBEDOPFOIEBDPLFFBHNGIGCHFBIANEAEKLKNIEIAJNOEKAKEDAKMOBDMEJJJNFNHGCKEBAOI
.win.ma/ Name: TS010594ad
Value: 018e1322ef2b6e3fa9b995f80a4ecd49c9e7cdecc4941f12d67084d7b276d0e0edd33cfe1778eb5c11505357cc25d4ea6f913272d1a639baf515dd921b348f1be29ec4b733
.tiktok.com/ Name: _ttp
Value: 2kLDeygkY76LvgXGWFiw8nD02D5
.win.ma/ Name: _tt_enable_cookie
Value: 1
.win.ma/ Name: _ttp
Value: F9v0CTNOZtDqw9OFReImP-3oubW

2 Console Messages

Source Level URL
Text
network error URL: https://polyfill.io/v2/polyfill.min.js?features=default,IntersectionObserver,Array.prototype.find,EventSource,Array.prototype.includes
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://d.la1-core1.sfdc-cehfhs.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5730N0000000Blz]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720N0000000Bd8&org_id=00D0N000000j6eD&version=48
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
connect.facebook.net
d.la1-core1.sfdc-cehfhs.salesforceliveagent.com
d.la2-c1-cdg.salesforceliveagent.com
fonts.googleapis.com
polyfill.io
service.force.com
web.webpushs.com
win.ma
www.googletagmanager.com
polyfill.io
win.ma
105.73.3.20
13.51.236.196
160.8.244.120
2a00:1450:4001:81d::2008
2a00:1450:4001:82a::200a
2a02:6ea0:c700::18
2a03:2880:f084:105:face:b00c:0:3
85.222.146.21
95.100.146.9
00f993fa8da962e101c466681a2a88164bc3e6531bd854d6dddabae661bf3c38
099450c5031ea664ef3594fa25b0a68cd550e6c9c58b061dc33c707b450bad20
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
1918a6aeae5b87a6681366a518203050ddc6b9f6be547d79b18d6a507d073989
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
2ee6a6dd3182ece9d33539055fb53ea1e005444d4cdf6996f93b1555dc78d62b
318458b2f6bd1b8ecb04ca266081150b55e7917a223d3fb679db9eccc19c70d8
3220afe424971c84d14fb3fa3baa36793efb5af404c9d07d804e06401c01af98
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3ed818aad31677b4b4e62b8e5be76e029c861dced68991867b2348767eb1ea1e
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5329620df82cb9e1f3334b659d1fa11789e05ae3105dfc2c691fff5797d6c95f
5425f24fe5b76fa7d0ae344d0f184a843a7a3fb314bf6063787fe6ad35ce1ffb
63da4324978a61770eae7b760e0e6cf39f0fed0d54e523c0d7822dd05c84d531
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
77a6d49850096ec68d2813a91f8b1908017d26aaed430e3a2e17943a870ee567
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
90ee0ccf6d335dcf9e4e65b163d938d71574d6804a9d99325abfc4967b57273f
a5fabc8494f83fe9a7932cdb4fbb7be8bb00d0c6a519431f4e399aad85b90d22
ad981f0d083d45ecc8480bb4b59d5815a82c5a396cb83c1ef6936c3da0e00110
ae0fba6f6111df81b535ca9503101b46a6ac08eb75412e92d389632ac6129e9b
b63516967bf4bee283ba01b4b1e94e176114ed2b0a87a4678e0b4b704e1fcb08
c573762502b8ed09b552f86159d3afcf2c9c82697da070373468e7960d51a3f0
cc7a83482caae00cdc31ace1a59c01e340b149c0fa67ad1d62d38ffffbfcac15
d48ab8d60cee7ebae74ce89eecd7b4eef9e066cab216c9cfafd2f5dfeff76867
df9b93084165ee07dcba97feaaecd7a37c1ca899bc8b1875bf3473053c716a3e
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e