promo.clicnscores.ma Open in urlscan Pro
18.173.154.28 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://promo.clicnscores.ma/
Effective URL:
https://promo.clicnscores.ma/
Submission: On October 14 via manual (October 14th 2023, 5:43:57 pm UTC) from IN — Scanned from DE

Summary HTTP 51 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 51 HTTP transactions. The main IP is 18.173.154.28, located in United States and belongs to AMAZON-02, US. The main domain is promo.clicnscores.ma.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 8th 2023. Valid for: a year.

This is the only time promo.clicnscores.ma was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.173.154.30 18.173.154.30	16509 (AMAZON-02) (AMAZON-02)
17	18.173.154.28 18.173.154.28	16509 (AMAZON-02) (AMAZON-02)
28	2600:9000:26d... 2600:9000:26db:da00:18:b9d2:b4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:27c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	7

1 18.173.154.30 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-30.muc50.r.cloudfront.net

promo.clicnscores.ma	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.173.154.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-28.muc50.r.cloudfront.net

promo.clicnscores.ma	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2600:9000:26db:da00:18:b9d2:b4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1cmn0i4aqdqs3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:27c (United States)

ASN13335 (CLOUDFLARENET, US)

notify.clfldcbprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net d1cmn0i4aqdqs3.cloudfront.net	100 KB
18	clicnscores.ma 1 redirects promo.clicnscores.ma	322 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	177 KB
1	clfldcbprotect.com notify.clfldcbprotect.com	125 B
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	248 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714	257 B
51	7

	Domain	Requested by
28	d1cmn0i4aqdqs3.cloudfront.net	promo.clicnscores.ma
18	promo.clicnscores.ma	1 redirects promo.clicnscores.ma
2	www.googletagmanager.com	promo.clicnscores.ma www.googletagmanager.com
1	notify.clfldcbprotect.com	promo.clicnscores.ma
1	www.google.de	promo.clicnscores.ma
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
51	7

This site contains links to these domains. Also see Links.

Domain
live.clicncores.ma
www.mes-abonnements.ma
live.clicnscores.ma
m.clicnscores.ma

Subject Issuer	Validity	Valid
promo.clicnscores.ma Amazon RSA 2048 M01	`2023-09-08` - `2024-10-05`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://promo.clicnscores.ma/
Frame ID: B57A13685B667ADE76A2D24DD51268F9
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Matchs amicaux internationaux

Page URL History Show full URLs

http://promo.clicnscores.ma/ HTTP 301
https://promo.clicnscores.ma/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

51
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

598 kB
Transfer

1169 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://live.clicncores.ma/?dve_trk_id=nautilus-ma-pcnsma-2921345037961-804142&ga_cid=2147242135.1697305431&snp_csid=sp-pcnsma-b78635be9adb75353e19d50a48d498b6&lp=index&feed=none
Title: Log in

Search URL Search Domain Scan URL

URL: http://www.mes-abonnements.ma/
Title: mes-abonnements.ma

Search URL Search Domain Scan URL

URL: http://live.clicnscores.ma/
Title: Accueil

Search URL Search Domain Scan URL

URL: http://m.clicnscores.ma/cgu
Title: Mentions légales

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://promo.clicnscores.ma/ HTTP 301
https://promo.clicnscores.ma/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
promo.clicnscores.ma/
Redirect Chain

http://promo.clicnscores.ma/
https://promo.clicnscores.ma/

226 KB
63 KB

222ms
202ms

Document
text/html

18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.clicnscores.ma/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-28.muc50.r.cloudfront.net

Software

Apache / Nautilus

Resource Hash

9a955958db4064a1cea3e7a1688f63334ca1cc92eedcbe55228c9d57471f8574

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; report-uri https://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: POST, GET
access-control-allow-origin: https://promo.clicnscores.ma
alt-svc: h3=":443"; ma=86400
cache-control: private, no-transform, no-cache, no-store, must-revalidate, max-age=0
content-encoding: br
content-length: 63300
content-security-policy: frame-ancestors 'self'; report-uri https://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
content-type: text/html;charset=UTF-8
date: Sat, 14 Oct 2023 17:43:51 GMT
expect-ct: max-age=0, report-uri="https://promo.clicnscores.ma/il_reporturi.php?from=expect_ct"
expires: Tue, 01 Jan 1980 1:00:00 GMT
p3p: CP="CAO PSA OUR"
permissions-policy: document-domain=()
pragma: no-cache
referrer-policy: origin-when-cross-origin
report-to: {"group":"csp_endpoint","max_age":0,"endpoints":[{"url":"https:\/\/promo.clicnscores.ma\/il_reporturi.php?from=csp"}]}
server: Apache
strict-transport-security: max-age=0
vary: Accept-Encoding
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-amz-cf-id: nJKwkbs6GGSHHtRnnFd5gR8zzdNj9fbjM8AkSf7Uor9YpCfHQcDKvA==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-powered-by: Nautilus
x-robots-tag: noindex, follow
x-signature: Stay hungry, stay foolish
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: http://promo.clicnscores.ma
Alt-Svc: h3=":443"; ma=86400
Cache-Control: private, no-transform, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: frame-ancestors 'self'; report-uri http://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Oct 2023 17:43:51 GMT
Expires: Tue, 01 Jan 1980 1:00:00 GMT
Location: https://promo.clicnscores.ma/
P3P: CP="CAO PSA OUR"
Permissions-Policy: document-domain=()
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Report-To: {"group":"csp_endpoint","max_age":0,"endpoints":[{"url":"http:\/\/promo.clicnscores.ma\/il_reporturi.php?from=csp"}]}
Server: Apache
Via: 1.1 7ad01e16cb039e6f25a50f4e294fd0ae.cloudfront.net (CloudFront)
X-Amz-Cf-Id: iq3n9W96ob3V3M4mpVgSu_FcgafUZE7IGbhzwe2WtijhJ94lThVdlg==
X-Amz-Cf-Pop: MUC50-P3
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
X-Powered-By: Nautilus
X-Robots-Tag: noindex, nofollow
X-Signature: Stay hungry, stay foolish
X-UA-Compatible: IE=edge
X-XSS-Protection: 0

GET
H2 200 styles_live.css
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/ 8 KB
2 KB 164ms
162ms Stylesheet
text/css 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d23092aacab2bf2395c017bd217c823871a2f148b4df63e07cb76f34be9e1f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: ObZJPpA6SEuPXql6FVUeDFprWLn28wqh
content-encoding: gzip
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
date: Sat, 14 Oct 2023 17:43:52 GMT
last-modified: Mon, 04 Jun 2018 15:34:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: W/"958038109d4f3cafdb61fa317ed6a632"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xAqkVgpohyTOudrARBVLI7Lsuvv_YjEw3nJVrWo7dskJlGfFtQHHTw==

GET
H2 200 logo-23-white.png
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/commun/ 6 KB
6 KB 27ms
25ms Image
image/png 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/commun/logo-23-white.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4453b07d65b412da4cce37239c14e779e2882511cf91c43ee4858ad20065babb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: fEoTHC5XjC0q7n9RUalJBxvHZXnsts.h
date: Sat, 14 Oct 2023 17:33:12 GMT
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 640
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6044
last-modified: Wed, 16 Aug 2023 11:14:06 GMT
server: AmazonS3
etag: "ef83e002f245bc0c0132fddc98e4681f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
x-amz-cf-id: vKJ6jlayLBCrewCshBL7zHBW-1VbxQPetl2lbIGqLFD1QEiDuvkzsw==

GET
H2 200 stopwatch.png
promo.clicnscores.ma/nautilus/templates/common/files/CNS/lp_fkplay/ 13 KB
13 KB 30ms
28ms Image
image/png 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/common/files/CNS/lp_fkplay/stopwatch.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8208f7eb192cf965faf2505466109085f59bd05b61c3a934089befe152e4e7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: Xe09zrJbI3zbNmm7.oavRt1oWTD8fMI0
date: Sat, 14 Oct 2023 17:43:51 GMT
via: 1.1 55965767fb32678a90a721ccc878aa86.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 2925
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 12869
last-modified: Mon, 26 Sep 2022 08:19:31 GMT
server: AmazonS3
etag: "9ddbf1f9b17e41258c9b36ceb8da0014"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
x-amz-cf-id: cY95ArSrX5NPwVxV24-74CCkeKcshuA_2CgVWtrvu5ElJMWi7g65Xw==

GET
H2 200 4349.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/medium/ 168 B
515 B 75ms
28ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/medium/4349.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aeaf2ddf962a619400e69d062bfc14ef86320553fdf4066b066dfc3d648f6d55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:55:59 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 24473
etag: "8107f5c2a2924e9586eec2ff12ab8c8b"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 168
x-amz-cf-id: nkzTwHRBhMUBF6jgDwwMTz2FsAIflYyWsLv7i_dtH93fv_zTN9gWFw==

GET
H2 200 2779.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/medium/ 234 B
582 B 65ms
18ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/medium/2779.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72d731eb684986362c65553d661bb469919f3e28056d566d40c34a3d6213f0a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:51:08 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 17564
etag: "cd41fb6b58cf43c295a530f65430779a"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 234
x-amz-cf-id: JziyzLXrrl6Ivk_kn8StRJkDbKyMsV41twgP9sUIhsRN1wikd8jrsw==

GET
H3 404 null
promo.clicnscores.ma/ 59 B
59 B 114ms
113ms Image
text/html 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://promo.clicnscores.ma/null

Requested by

Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.173.154.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-28.muc50.r.cloudfront.net

Software

Apache / Nautilus

Resource Hash

2eef8ae41358210d909aedf63c32c027e106e8330cad3cf209e5775ee783bbaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://promo.clicnscores.ma; report-uri https://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://promo.clicnscores.ma
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 17:43:51 GMT
x-signature: Stay hungry, stay foolish
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors 'self' https://promo.clicnscores.ma; report-uri https://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
x-amz-cf-pop: MUC50-P3
x-powered-by: Nautilus
x-dns-prefetch-control: off
x-cache: Error from cloudfront
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400
content-length: 59
x-xss-protection: 0
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
expect-ct: max-age=0, report-uri="https://promo.clicnscores.ma/il_reporturi.php?from=expect_ct"
x-frame-options: allow-from https://promo.clicnscores.ma
access-control-allow-methods: POST, GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://promo.clicnscores.ma
cache-control: private, no-transform, no-cache, no-store, must-revalidate, max-age=0
permissions-policy: document-domain=()
x-robots-tag: noindex, nofollow
x-amz-cf-id: gCDOxEH0h-PS_LBR5Jkfa0Gb76crHHQQu0Bi4Ac79k1SwJilQw7Xyw==
expires: Tue, 01 Jan 1980 1:00:00 GMT

GET
H2 200 4724_s.jpg
d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/ 8 KB
9 KB 22ms
14ms Image
image/jpeg 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/4724_s.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e3020057f0547f0f87d2b2b790abb6bd097661eb55c9f79bee7e76807c8c67d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 12:50:17 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 10:10:52 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 17615
etag: "a2f7380541ecbed8967c5c0ecd278248"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8572
x-amz-cf-id: _5edi_FXYGorYXLed4mnlieXHmO5hYHAwYFS44G96QvNbNrdAFyXOg==

GET
H2 200 4752_s.jpg
d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/ 9 KB
9 KB 39ms
29ms Image
image/jpeg 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/4752_s.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c718cfe4dac6d64357245751c1d4a47201c43509fb5677d6f0b3aa0bc7dc664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:33:47 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 10:10:50 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 11405
etag: "08c186402b9205853d5d53c84f0d9341"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8908
x-amz-cf-id: HzMuiVUOU3v9yxzl7OoypQvbYXRxnzgLE_gxSiZQGMBuKKQEZnoWuw==

GET
H2 200 2206.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 141 B
486 B 34ms
23ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/2206.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b088c7fb548f7aaa1199e0999cbac4b1149399cc39a3c92792d1593137495c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 04:50:03 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 08:05:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 46429
etag: "a87ba5139fb7f2ee7f8631bbff4c29b4"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 141
x-amz-cf-id: Iefz6nepcI7K4ES6inOPA8RYspHrvDxckeALW97FnMMEyLth7ItiYw==

GET
H2 200 4387.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 303 B
648 B 33ms
23ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/4387.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3906621017e0d4689f05d672685a928225081ff1c70e6ad9edcacfe861cefbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 09:37:44 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 08:05:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 29168
etag: "0abe2fc319c5d4ef646903ca1a5c2370"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 303
x-amz-cf-id: do0dE1XI6KIQ42JG18Pq3Kdm9N5ez2yprdGbve4G_gRBXfPOZHwv2Q==

GET
H2 200 4781_s.jpg
d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/ 8 KB
9 KB 41ms
31ms Image
image/jpeg 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/4781_s.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cd4e2be81cf8d47da9d926af2bb39c6268316bfb4a8737d267776da879f92fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 10:45:21 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Fri, 04 Nov 2022 10:10:51 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 25111
etag: "7feadce23874d2bf6084a4876f18d2ef"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8593
x-amz-cf-id: Yj47HKn00UZrAJ-C8Zr-yZCwzAmMi8dbOdvnQCXSCqodMATLuRpTLw==

GET
H2 200 7332.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 159 B
504 B 40ms
31ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/7332.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0b6ca45d908123e520898d276d583843d31fae24dd57a81c8e708679c278d9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 13:55:29 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 13703
etag: "33c772cad3c0629cbdc72c9cb54c2a9d"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159
x-amz-cf-id: lFLwiiJueDi2Ah58sPWe_EKn9246Yg5mSK_y4xIzmOifjOgC7-xs2g==

GET
H2 200 7912.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 275 B
621 B 43ms
33ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/7912.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25fd4d625b8e0e08802d3504d5273b12c2fb8fc140e475c39ee8e7aaa2c3048a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 22:03:45 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 70806
etag: "515598204c5cb9a7a0718371a7b64ad6"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 275
x-amz-cf-id: C9pFKMV1nQlT1ATyEi6q9JXTdCYaVen89xsjsy4O7NR3e6FO0_ThfQ==

GET
H2 200 2208.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 147 B
494 B 44ms
34ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/2208.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0888cb7f9a0b6594a8e6b1201d5d734464a94f010f80e1b800eeb280deafbfbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 18:55:53 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 08:05:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 82079
etag: "6ba9eaad533e93274ab9ae74186a6b5d"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 147
x-amz-cf-id: brp9nFbETUeo1wNhTrKKxvM58kmD4zZxlASw7uHJNZAtK9TclSXg4Q==

GET
H2 200 2229.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 322 B
666 B 45ms
35ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/2229.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bec30919fe1c3c2bb80e04db44faacaf4160d3fd7b76a6cd7b960536a7d5d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 20:51:07 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 09:10:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 75165
etag: "dee72602df024d08c4bbd7eececf20a3"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 322
x-amz-cf-id: 0ZycoUHL2P6bXhKkC0NIqA4v_KIMtmAD0R-0E7BotU7seEh04Uvtmg==

GET
H2 200 9620.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 271 B
617 B 27ms
18ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/9620.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38eeda3f53a5f1274a90424ac944e41167e37338f87e8b8e9bb031f73acb8124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:00:09 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 09:10:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 13423
etag: "d80f2e6230dde4688403e4293e613775"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271
x-amz-cf-id: jmI3me81cpZv5i8Yfz29NozXL30UoU2P-uq9SGYpjqwrm0pD8VyZrg==

GET
H2 200 4348.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 255 B
600 B 38ms
29ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/4348.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 758e6a3a32c99b8ad04d147b8cd44dcde1826e9331a715c87be40b8120060268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 21:17:36 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 09:10:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 73576
etag: "33f6f331a2088c2a0714a85db88fa6a0"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 255
x-amz-cf-id: 4mHu9wfixrigPOqaJP7_zSV2_4HgVE4aZmBoxwI1-H-MoRXdtyC0Pw==

GET
H2 200 6655.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 158 B
506 B 41ms
33ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/6655.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52447e31582f2ccea2d378070a764fcf8f8427a15409e159c4782acc55ac60aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 21:17:36 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 73576
etag: "75c886756d2542f31ea3abcc54154d6b"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 158
x-amz-cf-id: qFQOGeyeiwJBKpaEhBZ0mIYDtLFNyDC4Fzl1pZ5WBbZb3g3js-9YzQ==

GET
H2 200 9619.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 187 B
532 B 38ms
30ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/9619.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4842db36de37cedb94a157383697f5dd1665e9e176f3abd824bac92cfc5d3819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 15:47:12 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 7000
etag: "708a7ab3e0a1f87bec6af76f72456657"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 187
x-amz-cf-id: eRg4-n-o9_acTdCOM_yUxai1os44l9PNBP1egD89JEBRooPfdEPj-Q==

GET
H2 200 4823.png
d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/ 971 B
1 KB 57ms
48ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/team/football/small/4823.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82dbecf961b99dc50c016c557f5cf7b6a622bef4bfa5bb01d324b56b51539d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 21:17:36 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jul 2023 09:11:33 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 73576
etag: "4f35d51807e20afaa27fd76939a9a0a9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 971
x-amz-cf-id: 07urmHLJV5nJpRaKmEQgey6iLMIpw2yf3RHkwThBdoostU9IpQ1aVg==

GET
H2 200 4374.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 194 B
540 B 32ms
24ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/4374.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70628e5878b3c8033e8b32f76ec9e239a96e4de4ca4e75c8110ea2723063b69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 21:17:36 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 09:10:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 73576
etag: "ec4b2a74efcb7e72c6108c75de08cf79"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 194
x-amz-cf-id: 7XlYzRvP_raLBWjrjq-vsIba-DhRyDVI7dW--mO7cSQQJj18Ydws3Q==

GET
H2 200 4364.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 124 B
472 B 43ms
34ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/4364.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78c2264235452fe7806654515c1882d2f32975b2fb3d90bd3949ab5e17238c3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 21:17:36 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 73576
etag: "88af5e3ed6d765cf41b6d79717ff30e7"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 124
x-amz-cf-id: bMoy6wOzVMZmhDtWprX-lQUTAORJDtNtsrQZTM4NQPriHHSgFLgJmQ==

GET
H2 200 2789.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 313 B
660 B 51ms
42ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/2789.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b4ffe8862dbadf66a14d239807186b5e1ad181e256770a8c282bd0211b790e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 08:33:46 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Tue, 26 Nov 2019 16:56:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 33006
etag: "a2506ff5058c58155796b1a3be1838ba"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 313
x-amz-cf-id: ilIo6Sj9R5qzdsxTtGOz1eKc-tdXA9KDveeR3xEFwt5JHW8mD2rxLw==

GET
H2 200 4347.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 226 B
573 B 40ms
32ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/4347.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfa7eceb05b12bea45ccb6b33d0b3d27708808d9c981b882a479d7c33ef603fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 08:33:46 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 09:10:50 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 33006
etag: "a94b87dd536d49b011f62b438b935c18"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 226
x-amz-cf-id: fMh7vNkx_OxUmtBEUYF6QAVC5CnH0QBEyHrOF3FfRbKemSY4Dgl0Fw==

GET
H2 200 9640.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 187 B
533 B 39ms
31ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/9640.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2ff3ea638468c743d419d2c01b5b082394ff657782deb8552ab180b3b6f5b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 08:33:46 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 02 Oct 2019 11:26:32 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 33006
etag: "191d77663fd1e8e848283b9d496b6775"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 187
x-amz-cf-id: O0XsBWj18CXftkTLJM9eZ39_0Z0agVBu-w3nLe6WV38qA_OGgfnxXw==

GET
H2 200 9616.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 283 B
629 B 38ms
30ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/9616.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b00678780ebe1706b24b8b358757afbaa94eb26a1ea49d11cd584edcf0c6e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:03:45 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 27 Nov 2019 05:06:54 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 13207
etag: "b7765c11b258fdb00f0ec810a7b378f1"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 283
x-amz-cf-id: DCkKxZFDOe9YWPtPpvAM5oppPEsNHHtuxY8AHavLKgKMZ3hUZpuy1g==

GET
H2 200 6876.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 197 B
543 B 41ms
33ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/6876.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb56e5201e75bdbbc76f8e177b2f727ef5dbe1acf61beb9d75082a0ac90b6354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 14:03:45 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 27 Nov 2019 05:06:53 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 13207
etag: "547b8a4a4039f35da0227248c44abe6e"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197
x-amz-cf-id: ONjmN_7Zg0yBM7kfVhOpVatvFO-z0JJYmT8EiHo76kNZrnCALJPkAw==

GET
H2 200 4359.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 337 B
683 B 39ms
32ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/4359.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b9cbf3962b38e79dd2a4b2df1c4eab3bb56edb529cfa11e67be23dfe66e2c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 08:33:46 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 09:10:49 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 33006
etag: "ce0e0bb400d0d372afe82122b4c04f41"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 337
x-amz-cf-id: 3JyOZuYNCUxIiZ5E2YnxrpPuF4VlNyEyfQakSgmAVfe9DSL-JO2FHw==

GET
H2 200 4345.png
d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/ 229 B
575 B 42ms
35ms Image
image/png 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/iss/flags/football/small/4345.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c7804789f83a2db012e60d82fc348fd9a9eb7ec3832e71419cbdba7798a5c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 08:33:46 GMT
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
last-modified: Wed, 04 Sep 2019 09:10:50 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 33006
etag: "1e83fe718ffdd2a905ce681f975385a3"
x-cache: Hit from cloudfront
content-type: png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229
x-amz-cf-id: FyvdewDOgBV4PRJeL0R_TrkPhHOwcmrRw1K6laZrth1sKHHHKerYVA==

GET
H3 200 c2a_loading.gif
promo.clicnscores.ma/nautilus/templates/common/files/commun/ 3 KB
3 KB 48ms
44ms Image
image/gif 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/common/files/commun/c2a_loading.gif
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: zD7W9y4baGthU9CSgZZpAHBJxVBuq8sG
date: Sat, 14 Oct 2023 17:33:12 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
age: 640
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2892
last-modified: Mon, 28 Jan 2019 14:30:43 GMT
server: AmazonS3
etag: "f5f09658da453dca7d686ad9e5786ada"
vary: Accept-Encoding
content-type: image/gif
cache-control: public
accept-ranges: bytes
x-amz-cf-id: Vt8z9zerY5cnDgAiY765GVIyvyvPgvslwEuhO0r33UvEdgkwrtAYWQ==
expires: 604800

GET
H3 200 gh7rnghq.js Show response
promo.clicnscores.ma/snp_s/3.15.0/ 75 KB
24 KB 54ms
48ms Script
application/javascript 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.clicnscores.ma/snp_s/3.15.0/gh7rnghq.js
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8e43900ad689a93a0e049c66b7fce5882b244730f4b199d2f3ee99b87aecf31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 11:10:52 GMT
content-encoding: br
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 07:50:02 GMT
server: AmazonS3
age: 23580
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: W/"30f85e9a8c7f22b4f059cbb2c3d11d3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -UIoUevl4ro3CVasb4rs12IAgftVGU96yh9vfyiZLn1nRXg8Znwllg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 273 KB
87 KB 103ms
48ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7S4GZX

Requested by

Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7cf76e36427956562e5fd848261d892199face278d750b0e3e308cbf2f098cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 17:43:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88863
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Oct 2023 17:43:51 GMT

GET
H3 200 LP_background.jpg
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/ 98 KB
98 KB 139ms
136ms Image
image/jpeg 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/LP_background.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd1b849c8652c08bff8b6268a1b6599ab7581ce955450d1030e4542c87c4f308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: WoMSd0K7laiyhTd3usOIs_l_38e0fPIO
date: Sat, 14 Oct 2023 17:43:52 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jun 2018 15:34:38 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "101a68d11f12d7be684b3a1e847a1c80"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 100167
x-amz-cf-id: 4BdFGh7R7DwGJY1-ahoXEnvsvUONsbTRXZ8D3TSEBDU0_DzoNhs2vg==

GET
H3 200 bg_header_menu.png
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/ 131 B
460 B 152ms
149ms Image
image/png 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/bg_header_menu.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a150f74fcbb898457ab2265216d0e501c066ed8b56b2658cb32f2d3f2545198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: eEqoA7JFeGsJLUDOBKx9ryaG2ZrlRWsQ
date: Sat, 14 Oct 2023 17:43:52 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jun 2018 15:34:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "6a0152e62596decd1f747ccc329e41d7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 131
x-amz-cf-id: NFqVOo4UIwMuUHnT022HV9fqARwOCHU7Wb3lIp9lYjQhufKYfAgdxA==

GET
H3 200 bg_foot.jpg
promo.clicnscores.ma/nautilus/templates/common/files/CNS/lp_fkplay/ 57 KB
58 KB 45ms
43ms Image
image/jpeg 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/common/files/CNS/lp_fkplay/bg_foot.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 116475d0d35d52e0311d98ea15f1970844d0c7e7eb13b273d0398b9d9918e0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: U9_cUA.pfTI3cwyUPy0tt6UGAjwVHnDs
date: Sat, 14 Oct 2023 16:58:20 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
age: 2732
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 58818
last-modified: Mon, 26 Sep 2022 08:19:14 GMT
server: AmazonS3
etag: "78f57e00db3a032d6ea9cfe7b485314e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
x-amz-cf-id: rx0kP4Dhz6tGBm59CaFmBzB55P7f34nwL2xQlzwnHwwx-SMk_MktJw==

GET
H3 200 opacity-80.png
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/ 121 B
447 B 150ms
148ms Image
image/png 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/opacity-80.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d842c49dfa9bac3b5c0bd844cf19fde370e7cb1735a7b74da111a87288a2827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 5Z3x222fPxcqc6lYCeKw.04rJ7e81Scf
date: Sat, 14 Oct 2023 17:43:52 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jun 2018 15:34:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "2a5a9a8e5653dad32a22824139375099"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 121
x-amz-cf-id: rlM6cnqpvQ6VZ-uVP4H38efIObb---9tLJfUgJZpqmZW3E9r1fJrSg==

GET
H3 200 bg_player_liste_menu.png
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/ 177 B
507 B 155ms
153ms Image
image/png 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/images/bg_player_liste_menu.png
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e656d988ff439d1f6d6202697b9ebed0686f04ab2b7e9a68046355ef0dfeb48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: Nw7y.D6T52OVWVKToX8SEiRi0ys0Tqrp
date: Sat, 14 Oct 2023 17:43:52 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jun 2018 15:34:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
etag: "8930a3400d31b13de9b1af1721f14d65"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 177
x-amz-cf-id: 85wpaJFFP-jDtZOv_19p6POfHKrvYdZx1FqIwtbOB8BiGuM_f4T8Tw==

GET
H3 200 OpenSans-Light-webfont.woff
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/fonts/ 22 KB
22 KB 43ms
42ms Font
application/font-woff 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/fonts/OpenSans-Light-webfont.woff
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2

Request headers

Referer: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Origin: https://promo.clicnscores.ma
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: b0dleSSePDa7I0LWiCeF9a8YcyisZU9E
date: Sat, 14 Oct 2023 17:39:59 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
age: 233
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22248
last-modified: Mon, 04 Jun 2018 15:34:33 GMT
server: AmazonS3
etag: "45b47f3e9c7d74b80f5c6e0a3c513b23"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: sEsmUBoklqZ3uiuXdN1sY6Zxa7fd2sB-kiZF0gJo4FReI1epLm4R9A==

GET
H3 200 OpenSans-Bold-webfont.woff
promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/fonts/ 22 KB
22 KB 36ms
35ms Font
application/font-woff 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/fonts/OpenSans-Bold-webfont.woff
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

Request headers

Referer: https://promo.clicnscores.ma/nautilus/templates/MA/pcnsma/files/lp_fkplay/styles_live.css
Origin: https://promo.clicnscores.ma
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: wKssBa4H7Af7UmscmeyHM7MLmvk6S9FA
date: Sat, 14 Oct 2023 17:39:59 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
age: 233
x-amz-cf-pop: MUC50-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 22432
last-modified: Mon, 04 Jun 2018 15:34:31 GMT
server: AmazonS3
etag: "2e90d5152ce92858b62ba053c7b9d2cb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: f2SLkh-nXiy3x3WwQ5p0oEzWQza0WSfKGrMLLlU6hz74xvUCy4EECg==

GET
H3 200 c3efb67feefef04464056b26cd5074b04bcd3059.jpg
d1cmn0i4aqdqs3.cloudfront.net/afp/fr/ 23 KB
24 KB 11ms
10ms Image
image/jpg 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/afp/fr/c3efb67feefef04464056b26cd5074b04bcd3059.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33173e0bb15711892d4d5338c7ec556b1c710c2815fb6b6e25e67d006d9ac480

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:33:45 GMT
via: 1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified: Fri, 13 Oct 2023 05:09:33 GMT
server: AmazonS3
age: 43807
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: "323dcb655a07f327557aa4bc4f11cf93"
x-cache: Hit from cloudfront
content-type: image/jpg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 23843
x-amz-cf-id: Sdb2R-FD8uQgenUS2rW3_SbPcUmJgN5BOUys79zOc0-Mui_YbnOfew==

GET
H3 200 979e366d8b67995ee01d71fdc15c38518297846c.jpg
d1cmn0i4aqdqs3.cloudfront.net/afp/fr/ 13 KB
14 KB 12ms
11ms Image
image/jpg 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/afp/fr/979e366d8b67995ee01d71fdc15c38518297846c.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4919dc5c37abe5b898eaff0898666c7c4e59d330340f08753e170d14ddf681cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 22:01:34 GMT
via: 1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 21:59:49 GMT
server: AmazonS3
age: 70938
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: "ec8b4015d47d5f59880fe2a9f39bd9b3"
x-cache: Hit from cloudfront
content-type: image/jpg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 13709
x-amz-cf-id: fflnMVWJbiwipRmzKGt3bkB9O5RI7ugW_CH3C68eRfhcQpwOLqrwMQ==

GET
H3 200 609b9b8b2d7213fd584585d57a00eb86f1e20399.jpg
d1cmn0i4aqdqs3.cloudfront.net/afp/fr/ 23 KB
23 KB 22ms
21ms Image
image/jpg 2600:9000:26db:da00:18:b9d2:b4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1cmn0i4aqdqs3.cloudfront.net/afp/fr/609b9b8b2d7213fd584585d57a00eb86f1e20399.jpg
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:26db:da00:18:b9d2:b4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a81cd82f7b954cecdad5c6ef8eaa405082b05826fae56dc4db66e206423ee2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 17:43:51 GMT
via: 1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
last-modified: Thu, 12 Oct 2023 14:57:46 GMT
server: AmazonS3
age: 9923
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: "5491c888fe05ddead0cef2435cbc389b"
x-cache: Hit from cloudfront
content-type: image/jpg
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 23042
x-amz-cf-id: s08uG0v0wcR1HW89iZ9y16chV7xfv_7RZAVuBjqmStQ9l5wVI6K2BQ==

GET
H3 200 miniloader.gif
promo.clicnscores.ma/nautilus/templates/common/files/datalive/ 5 KB
5 KB 144ms
144ms Image
image/gif 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.clicnscores.ma/nautilus/templates/common/files/datalive/miniloader.gif
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cdbec8b07a48cabf2b22503398abd2660a35a0119d57b45faf6a8b53ea6ab08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 1ufnPGPkuAfxG6E7l03ytMTQZT4pqAht
date: Sat, 14 Oct 2023 17:43:52 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4728
last-modified: Mon, 28 Jan 2019 14:30:45 GMT
server: AmazonS3
etag: "d16ad33b3b258e541a2047bd004e5a12"
vary: Accept-Encoding
content-type: image/gif
cache-control: public
accept-ranges: bytes
x-amz-cf-id: WQpcI7yn6ih9w9I_GGGaiW-1OwiEvYC-AKVxwrlrWEw9QL-e6oFdig==
expires: 604800

POST
H3 200 / Show response
promo.clicnscores.ma/ 19 B
1 KB 98ms
97ms XHR
application/json 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.clicnscores.ma/?il_init_TN=1

Requested by

Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.173.154.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-28.muc50.r.cloudfront.net

Software

Apache / Nautilus

Resource Hash

6fb71ac370ec4107779d85861894ebed7a90b91250eb86130a80e74bbaf79ad7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://promo.clicnscores.ma; report-uri https://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://promo.clicnscores.ma
X-Xss-Protection	0

Request headers

Referer: https://promo.clicnscores.ma/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 17:43:52 GMT
x-signature: Stay hungry, stay foolish
x-content-type-options: nosniff
strict-transport-security: max-age=0
content-encoding: br
content-security-policy: frame-ancestors 'self' https://promo.clicnscores.ma; report-uri https://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
x-powered-by: Nautilus
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400
content-length: 23
x-xss-protection: 0
x-ua-compatible: IE=edge
pragma: no-cache
referrer-policy: origin-when-cross-origin
server: Apache
expect-ct: max-age=0, report-uri="https://promo.clicnscores.ma/il_reporturi.php?from=expect_ct"
x-frame-options: allow-from https://promo.clicnscores.ma
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://promo.clicnscores.ma
cache-control: private, no-transform, no-cache, no-store, must-revalidate, max-age=0
permissions-policy: document-domain=()
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
x-amz-cf-id: lgm0KkoGCtHiSy3eOWNMoe6JE7poJ025BT-FstsmhNLbHNIlg5K9kQ==
expires: Tue, 01 Jan 1980 1:00:00 GMT

POST
H3 200 uw1 Show response
promo.clicnscores.ma/snp_c/ 2 B
428 B 242ms
242ms XHR
text/plain 18.173.154.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.clicnscores.ma/snp_c/uw1
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/snp_s/3.15.0/gh7rnghq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-28.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://promo.clicnscores.ma/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 14 Oct 2023 17:43:52 GMT
via: 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://promo.clicnscores.ma
content-type: text/plain; charset=UTF-8
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-length: 2
x-amz-cf-id: eigAitplMJemGFuxdBkeSMCzZXsft0afZICj3MuMmaUOzqyxBSIvKA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WBZRLC53M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7S4GZX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f94ef199b9707e5efb64c013b185e7752ced50880c512d5b9c033cde94a04564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 17:43:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Oct 2023 17:43:52 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 49ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3WBZRLC53M&gtm=45je3ab0&_p=135224767&_gaz=1&cid=197756095.1697305432&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&ci=null&sid=1697305432&sct=1&seg=0&dl=https%3A%2F%2Fpromo.clicnscores.ma%2F&dt=Matchs%20amicaux%20internationaux&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_url_light=promo.clicnscores.ma%2F&ep.sid=nautilus-ma-pcnsma-2921345037961-804142&ep.ad_id=null&ep.adgroup_id=null&ep.header_x_requested_with=null&ep.header_save_data=null&ep.connection=wifi&ep.operator=core-backbone&ep.connection_type_maxmind=Corporate&ep.operator_maxmind=Core-Backbone&ep.cid=2147242135.1697305431&ep.ip_version=ipv4&ep.dv_brand=prod_dv_ma_clicnscores
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WBZRLC53M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 17:43:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.clicnscores.ma
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3WBZRLC53M&cid=197756095.1697305432&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WBZRLC53M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 17:43:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promo.clicnscores.ma
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 68ms
46ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3WBZRLC53M&cid=197756095.1697305432&gtm=45je3ab0&aip=1&z=1484346807

Requested by

Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.clicnscores.ma/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Oct 2023 17:43:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 A1022815271082423466042204064222240666626860248484 Show response
notify.clfldcbprotect.com/ 0
125 B 105ms
51ms XHR
application/json 2606:4700::6812:27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.clfldcbprotect.com/A1022815271082423466042204064222240666626860248484
Requested by: Host: promo.clicnscores.ma
URL: https://promo.clicnscores.ma/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:27c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promo.clicnscores.ma/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 14 Oct 2023 17:43:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 8161a08919823720-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clicnscores.ma/	1970-01-20 15:28:29	Name: nautisession_v3 Value: nauti_session_e7c240d3b6c9d1593819f47fa3b26864_71440216973054312865
promo.clicnscores.ma/	1970-01-20 15:28:29	Name: nautisession_v3 Value: nauti_session_e7c240d3b6c9d1593819f47fa3b26864_71440216973054312865
.clicnscores.ma/	1970-01-21 00:14:01	Name: sp Value: 2fb3da9d-775e-01e3-9d99-f5acdba6704a
.clicnscores.ma/	1970-01-20 15:28:27	Name: snp_csid Value: sp-pcnsma-b78635be9adb75353e19d50a48d498b6
.clicnscores.ma/	1970-01-21 01:04:25	Name: ga_cid Value: 2147242135.1697305431
.clicnscores.ma/	1970-01-20 15:28:27	Name: _snp_ses.f237 Value: *
.clicnscores.ma/	1970-01-21 01:04:25	Name: _snp_id.f237 Value: 21cf9b8c-46e4-41b0-946a-a90f7d0652bf.1697305432.1.1697305432..5d944970-e7df-4455-abc3-f0a6268c85ad..49095f46-fef8-4265-9225-e000653145f7.1697305431957.1
.clicnscores.ma/	1970-01-20 17:38:01	Name: _gcl_au Value: 1.1.205266286.1697305432
.promo.clicnscores.ma/	1969-12-31 23:59:59	Name: sess_dve_trk_id_ls Value: nautilus-ma-pcnsma-2921345037961-804142
.clicnscores.ma/	1970-01-21 01:04:25	Name: _ga_3WBZRLC53M Value: GS1.1.1697305432.1.0.1697305432.60.0.0
.clicnscores.ma/	1970-01-21 01:04:25	Name: _ga Value: GA1.1.197756095.1697305432

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
network	error	URL: https://promo.clicnscores.ma/null Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; report-uri https://promo.clicnscores.ma/il_reporturi.php?from=csp; report-to csp_endpoint
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d1cmn0i4aqdqs3.cloudfront.net
notify.clfldcbprotect.com
promo.clicnscores.ma
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
18.173.154.28
18.173.154.30
2001:4860:4802:34::36
2600:9000:26db:da00:18:b9d2:b4c0:93a1
2606:4700::6812:27c
2a00:1450:4001:81c::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9a
0888cb7f9a0b6594a8e6b1201d5d734464a94f010f80e1b800eeb280deafbfbf
116475d0d35d52e0311d98ea15f1970844d0c7e7eb13b273d0398b9d9918e0b6
1b4ffe8862dbadf66a14d239807186b5e1ad181e256770a8c282bd0211b790e1
1e3020057f0547f0f87d2b2b790abb6bd097661eb55c9f79bee7e76807c8c67d
25fd4d625b8e0e08802d3504d5273b12c2fb8fc140e475c39ee8e7aaa2c3048a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2eef8ae41358210d909aedf63c32c027e106e8330cad3cf209e5775ee783bbaa
33173e0bb15711892d4d5338c7ec556b1c710c2815fb6b6e25e67d006d9ac480
38eeda3f53a5f1274a90424ac944e41167e37338f87e8b8e9bb031f73acb8124
3b9cbf3962b38e79dd2a4b2df1c4eab3bb56edb529cfa11e67be23dfe66e2c00
4453b07d65b412da4cce37239c14e779e2882511cf91c43ee4858ad20065babb
4842db36de37cedb94a157383697f5dd1665e9e176f3abd824bac92cfc5d3819
4919dc5c37abe5b898eaff0898666c7c4e59d330340f08753e170d14ddf681cb
4c718cfe4dac6d64357245751c1d4a47201c43509fb5677d6f0b3aa0bc7dc664
52447e31582f2ccea2d378070a764fcf8f8427a15409e159c4782acc55ac60aa
5bec30919fe1c3c2bb80e04db44faacaf4160d3fd7b76a6cd7b960536a7d5d33
5c7804789f83a2db012e60d82fc348fd9a9eb7ec3832e71419cbdba7798a5c49
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
6b00678780ebe1706b24b8b358757afbaa94eb26a1ea49d11cd584edcf0c6e1e
6cd4e2be81cf8d47da9d926af2bb39c6268316bfb4a8737d267776da879f92fd
6e656d988ff439d1f6d6202697b9ebed0686f04ab2b7e9a68046355ef0dfeb48
6fb71ac370ec4107779d85861894ebed7a90b91250eb86130a80e74bbaf79ad7
70628e5878b3c8033e8b32f76ec9e239a96e4de4ca4e75c8110ea2723063b69c
72d731eb684986362c65553d661bb469919f3e28056d566d40c34a3d6213f0a0
758e6a3a32c99b8ad04d147b8cd44dcde1826e9331a715c87be40b8120060268
78c2264235452fe7806654515c1882d2f32975b2fb3d90bd3949ab5e17238c3d
8208f7eb192cf965faf2505466109085f59bd05b61c3a934089befe152e4e7dc
82dbecf961b99dc50c016c557f5cf7b6a622bef4bfa5bb01d324b56b51539d1b
8a150f74fcbb898457ab2265216d0e501c066ed8b56b2658cb32f2d3f2545198
8a81cd82f7b954cecdad5c6ef8eaa405082b05826fae56dc4db66e206423ee2c
9a955958db4064a1cea3e7a1688f63334ca1cc92eedcbe55228c9d57471f8574
9b088c7fb548f7aaa1199e0999cbac4b1149399cc39a3c92792d1593137495c8
9cdbec8b07a48cabf2b22503398abd2660a35a0119d57b45faf6a8b53ea6ab08
9d842c49dfa9bac3b5c0bd844cf19fde370e7cb1735a7b74da111a87288a2827
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
a1cb81c9f07f1f399db66ec188c02a1c74bc382df9a8550ab8091aac93dff8a2
aeaf2ddf962a619400e69d062bfc14ef86320553fdf4066b066dfc3d648f6d55
b7cf76e36427956562e5fd848261d892199face278d750b0e3e308cbf2f098cb
bb56e5201e75bdbbc76f8e177b2f727ef5dbe1acf61beb9d75082a0ac90b6354
c2ff3ea638468c743d419d2c01b5b082394ff657782deb8552ab180b3b6f5b8b
cd1b849c8652c08bff8b6268a1b6599ab7581ce955450d1030e4542c87c4f308
cfa7eceb05b12bea45ccb6b33d0b3d27708808d9c981b882a479d7c33ef603fe
d0b6ca45d908123e520898d276d583843d31fae24dd57a81c8e708679c278d9b
d23092aacab2bf2395c017bd217c823871a2f148b4df63e07cb76f34be9e1f4c
e3906621017e0d4689f05d672685a928225081ff1c70e6ad9edcacfe861cefbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8e43900ad689a93a0e049c66b7fce5882b244730f4b199d2f3ee99b87aecf31
f94ef199b9707e5efb64c013b185e7752ced50880c512d5b9c033cde94a04564

promo.clicnscores.ma Open in urlscan Pro 18.173.154.28 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

75 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

598 kBTransfer

1169 kBSize

11 Cookies

4 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.clicnscores.ma Open in urlscan Pro
18.173.154.28 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

598 kB
Transfer

1169 kB
Size

11
Cookies

51 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!