urlscan.io logo urlscan.io
SecurityTrails logo

win.ma Open in urlscan Pro
105.73.3.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.win.ma/
Effective URL: https://win.ma/
Submission: On May 04 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 7 countries across 17 domains to perform 68 HTTP transactions. The main IP is 105.73.3.20, located in Morocco and belongs to MAROCCONNECT, MA. The main domain is win.ma.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 16th 2019. Valid for: 2 years.
This is the only time win.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    105.73.3.20 (Morocco)

ASN36884 (MAROCCONNECT, MA)
www.win.ma
win.ma
1    2a04:4e42:400::621 (Ascension Island)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    195.181.175.52 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-52.datapacket.com
cdn.sendpulse.com
5    161.71.1.37 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-lhr3.um3-lo2.force.com
service.force.com
8    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
12    105.73.2.24 (Morocco)

ASN36884 (MAROCCONNECT, MA)
api.win.ma
2    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
1    2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)
cx.atdmt.com
Domain Requested by
16 win.ma win.ma
12 api.win.ma win.ma
8 www.google-analytics.com 2 redirects www.googletagmanager.com
www.google-analytics.com
win.ma
5 service.force.com win.ma
service.force.com
4 www.facebook.com 1 redirects win.ma
connect.facebook.net
4 www.google.de win.ma
4 www.google.com 2 redirects win.ma
4 pixel.mathtag.com 1 redirects win.ma
3 connect.facebook.net win.ma
connect.facebook.net
3 cdn.sendpulse.com win.ma
cdn.sendpulse.com
2 www.youtube.com win.ma
s.ytimg.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 stats.g.doubleclick.net 2 redirects
2 www.googletagmanager.com win.ma
www.googletagmanager.com
2 www.win.ma 2 redirects
1 cx.atdmt.com
1 s.ytimg.com www.youtube.com
1 www.googleadservices.com www.googletagmanager.com
1 polyfill.io win.ma
0 100013341.collect.igodigital.com Failed www.googletagmanager.com
68 20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
www.twitter.com
www.inwi.ma
inwi.ma
Subject Issuer Validity Valid
*.win.ma
Sectigo RSA Domain Validation Secure Server CA		 2019-03-16 -
2021-03-15		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-16 -
2021-04-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.sendpulse.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-30 -
2020-10-29		 2 years crt.sh
*.um3.force.com
DigiCert SHA2 Secure Server CA		 2018-06-24 -
2020-06-24		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2020-04-19 -
2020-07-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://win.ma/
Frame ID: 62D01B57E748235CA811C31F1EE3F797
Requests: 67 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Frame ID: 5DAC6721D8B7315D658A1155E843A92E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/f98IRxzU2Dw?autoplay=true&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwin.ma&widgetid=1
Frame ID: A949E0D7BE1003E41D657D02F7BE8F44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.win.ma/ HTTP 301
    https://www.win.ma/ HTTP 301
    https://win.ma/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-v(?:ue)-/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i

Page Statistics

68
Requests

99 %
HTTPS

67 %
IPv6

17
Domains

20
Subdomains

18
IPs

7
Countries

1968 kB
Transfer

4210 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.win.ma/ HTTP 301
    https://www.win.ma/ HTTP 301
    https://win.ma/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP 302
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=1b8b5eb0-aac1-4700-9ae6-3392b8ffa9f3
Request Chain 33
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=65846106&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQ~&jid=1851201467&gjid=1255194958&cid=318060767.1588636354&tid=UA-132696877-4&_gid=1036539079.1588636354&_r=1&gtm=2wg4m0P93VBML&z=1622497566 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_gid=1036539079.1588636354&gjid=1255194958&_v=j81&z=1622497566 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_v=j81&z=1622497566 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_v=j81&z=1622497566&slf_rd=1&random=2366942160
Request Chain 60
  • https://www.facebook.com/tr/?id=388008338698788&ev=Microdata&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1588636354849&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc%22%2C%22meta%3Adescription%22%3A%22D%C3%A9couvez%20win%2C%20le%20premier%20op%C3%A9rateur%20mobile%20digital%20au%20Maroc%20et%20b%C3%A9n%C3%A9ficiez%20d%C3%A8s%20aujourd%E2%80%99hui%20d%27offres%20mobiles%20personnalisables%20et%20flexibles%20sur%20le%20meilleur%20r%C3%A9seau%20Internet%20mobile%20au%20Maroc%20!%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22fr_FR%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1588636354226.1215532798&it=1588636354029&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=6143400334286492737&f=AYyIomV4Op-ahiI3QqwgMdWqvhXAOYwS25-wqq16hAQXLIFj3Xwpt2TubiBwsXykIwaIHTQs4LoNxPXAF4kGm-Sn&id=388008338698788&l=3&v=0
Request Chain 67
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=65846106&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Engagement&ea=Visite%20Plus%20de%2030%20Sec&el=Engagement%20-%20Visite%20Plus%20de%2030%20Sec&_u=aGDAAEADQ~&jid=301879375&gjid=1139717409&cid=1894604337.1588636384&tid=UA-132696877-4&_gid=1182155300.1588636384&_r=1&gtm=2wg4m0P93VBML&z=1164482581 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_gid=1182155300.1588636384&gjid=1139717409&_v=j81&z=1164482581 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_v=j81&z=1164482581 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_v=j81&z=1164482581&slf_rd=1&random=2779910774

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
win.ma/
Redirect Chain
  • http://www.win.ma/
  • https://www.win.ma/
  • https://win.ma/
90 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
b2378f09687af1e2e944c9cc67951b1b24c08abe82db922a053d541c61542f3e

Request headers

Host
win.ma
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ETag
"163e7-g0HhlY+54eai/4cbFpaElE2G4Lc"
Link
</_nuxt/83b74c946ef2ce4fdc42.js>; rel=preload; as=script,</_nuxt/870f386cc6f84a3f100e.js>; rel=preload; as=script,</_nuxt/fa581458194e30780d1b.js>; rel=preload; as=script,</_nuxt/17c15b4cfb5a87403b2f.js>; rel=preload; as=script
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
Date
Mon, 04 May 2020 23:52:32 GMT
Connection
keep-alive
Set-Cookie
f5avraaaaaaaaaaaaaaaa_session_=CAJHFEDFGCOPHEAMNBINAMEHCMKKCPNEILOJMNLKEPJGAPAGJMKNKIKOEFIMDKBEKMFDMKDDMKCNGJPADJCAPGGCEKGAMACMOOHKLCEPBNFCNFEMGEHBNCABIIOLDPFK; HttpOnly; secure f5_cspm=1234; TS010594ad=018e1322ef23cd3b0ec0e883fcdd5d7f620314568ec9a4c6e3ad6d8f54cf3e2413cbf4dc832885fb9a5ed1a8db66217e810f9fe7a105882252db5672a7063465983cb3fcbb58eed7f406278511e11ff0579577353d; Path=/; Domain=.win.ma TS74286a33029=08a4d9ec82ab2800bf3aea27fa8225f573c799f1f3b6c8dcf0a0223216fe655493577b0beb300021aea45a7b07225b20; Max-Age=30;Path=/ TSe5f86668027=08a4d9ec82ab20003c4737c1bc5c10f2d4b6ea181cf3d4f6253b72e99477a646a774ee675b0b9a9c086ddf8fe111300080cf314bd44802e33897c9dd7f9728284122ba6b35fd1a6107693a4cfdd43d2d08a19fa9af8aac47aabdf783c3a4eb7f;Path=/
P3P
CP="{}" CP="{}"
Transfer-Encoding
chunked

Redirect headers

Location
https://win.ma/
Server
BigIP
Connection
Keep-Alive
Content-Length
0
83b74c946ef2ce4fdc42.js
win.ma/_nuxt/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/83b74c946ef2ce4fdc42.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
b9499d24c83a3578a887210c9d0b937906f26ea3ebf96ab74746743819964a40

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"1544-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
870f386cc6f84a3f100e.js
win.ma/_nuxt/ 		166 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
5dbee4e599d718f6b925bcc37fa457914ab19fb3c31dcd9c67d8400e9fa7b0d7

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"2997d-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
fa581458194e30780d1b.js
win.ma/_nuxt/ 		463 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fa581458194e30780d1b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
6b5ef1358a6b62c3561e465364af9a62067c1454e616c08cadd5e102fb0f7c40

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"73cf0-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
17c15b4cfb5a87403b2f.js
win.ma/_nuxt/ 		506 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/17c15b4cfb5a87403b2f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
aee2bf6d09b7bcd0e39185e40c59e6ed9163a4bb0883e056edcf6c1383528da1

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"7e78f-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
polyfill.min.js
polyfill.io/v2/ 		222 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=default,IntersectionObserver,Array.prototype.find,EventSource,Array.prototype.includes
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3995232
detected-user-agent
Chrome/74.0.3729
status
200
request_came_from_shield
FRA
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Thu, 19 Mar 2020 17:46:13 GMT
date
Mon, 04 May 2020 23:52:33 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/74.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		145 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2db303cc3e72cc93b538facee0325775079f38522a33a41af50aa4c0a9a9c828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:33 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33250
x-xss-protection
0
last-modified
Mon, 04 May 2020 21:49:32 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 May 2020 23:52:33 GMT
smartbanner.min.css
win.ma/smartbanner/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.css
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
7a15ca890c13a703e73dd7ac86893943805d71ed2fe3db2cc13071f7e68c5c15

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:32 GMT
Last-Modified
Mon, 27 Apr 2020 16:39:15 GMT
ETag
W/"e68-171bc81cb38"
Vary
Accept-Encoding
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css; charset=UTF-8
smartbanner.min.js
win.ma/smartbanner/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
4aa1e4ceca6aa3906215b02569649f607cb33c635d3c1f72809ac6a8286821dc

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:32 GMT
Last-Modified
Mon, 27 Apr 2020 16:39:15 GMT
ETag
W/"59cd-171bc81cb38"
Vary
Accept-Encoding
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
ca618ca695daff172389373ddf8129e6_1.js
cdn.sendpulse.com/js/push/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
87c94d4c76443c08404eec74922cf5826765490ab53de4588ca1ad7bbf9d2406
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
456415
x-xss-protection
1; mode=block
x-sp-ma
ma5
last-modified
Wed, 29 Apr 2020 15:58:31 GMT
server
CDN77-Turbo
etag
W/"c4ae-5a470050e4d3d"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type
application/javascript
x-sp-pr
lpr4
cache-control
max-age=604800
x-edge-ip
195.181.175.50
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires
Wed, 06 May 2020 17:05:38 GMT
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 22:10:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 26 Mar 2020 18:52:20 GMT
Age
6094
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8409
X-XSS-Protection
1; mode=block
Expires
Tue, 05 May 2020 22:10:58 GMT
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 21:24:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
8892
Content-Length
979
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Tue, 05 May 2020 21:24:21 GMT
esw.min.css
service.force.com/embeddedservice/5.0/ 		8 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 21:24:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Aug 2019 23:00:22 GMT
Age
8882
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
3946
X-XSS-Protection
1; mode=block
Expires
Tue, 05 May 2020 21:24:31 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 22:10:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
6112
Content-Length
4511
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 16 Jan 2020 22:58:44 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Tue, 05 May 2020 22:10:41 GMT
062009f4b8bbc4e419bd.js
win.ma/_nuxt/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/062009f4b8bbc4e419bd.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/83b74c946ef2ce4fdc42.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
971db85eedcd9bb1d28cb725d6f98355f0d2c4152dc8d31ccb49c14391a17f0b

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"54e5-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
55f0590b36d6ae5cfda3.js
win.ma/_nuxt/ 		163 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/55f0590b36d6ae5cfda3.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/83b74c946ef2ce4fdc42.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
0a8103cc9cb19b1d97868facedd49dc824f61915d230b86d044aab568abd49e8

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"28b7d-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
ab6cf8b99d2b06b75739.js
win.ma/_nuxt/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/ab6cf8b99d2b06b75739.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/83b74c946ef2ce4fdc42.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
151e7d54fe1a19ea7a3ccb7612beaaf0635d32a35e2570d84d8a99632910d690

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"4e2-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
3cf8fe11624400e6ab0e.js
win.ma/_nuxt/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/3cf8fe11624400e6ab0e.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/83b74c946ef2ce4fdc42.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
2cc8ade39968d150f4216cffe6ccb88c7eeb85c56828413084ead59167ae32de

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"3f90-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
07478eb772fae3f71926.js
win.ma/_nuxt/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/07478eb772fae3f71926.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/83b74c946ef2ce4fdc42.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
d18c0e66140998a28a3134a1480c16e146e103902cf6c2e37a87de925722d8fd

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"7285-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
7c5f39d40ecf38853cef.js
win.ma/_nuxt/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/7c5f39d40ecf38853cef.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/83b74c946ef2ce4fdc42.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
ba1afdb4df96d6b66b83c901ea666d244496f2dfa8fdf47cddd9527081429ee3

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"5538-171c3b0e140"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		114 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f58eb78a182c29e1d3f1bdba8d05591451f3c865a4c456fc8707a164e8b06647
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41544
x-xss-protection
0
expires
Mon, 04 May 2020 23:52:33 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3373
date
Mon, 04 May 2020 22:56:20 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Tue, 05 May 2020 00:56:20 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10743
x-xss-protection
0
server
cafe
etag
10886962978695911934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 May 2020 23:52:33 GMT
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
HPhtFf7n2Fce1efrOCpJJLhYq/++t1f0aMzHTm9dGftZ7jwM12ZBFt48SEQCowD+Obzbv873QZiYPinW/ULWhQ==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 04 May 2020 23:52:33 GMT, Mon, 04 May 2020 23:52:33 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
pixel.mathtag.com/event/
Redirect Chain
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=1b8b5eb0-aac1-4700-9ae6-3392b8ffa9f3
597 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=1b8b5eb0-aac1-4700-9ae6-3392b8ffa9f3
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 2284 a4a3c58 master cdg-pixel-x6 /
Resource Hash
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Server
MT3 2284 a4a3c58 master cdg-pixel-x6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Mon, 04 May 2020 23:52:25 GMT

Redirect headers

Date
Mon, 04 May 2020 23:52:33 GMT
Server
MT3 2334 83311f9 master cdg-pixel-x22
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=1b8b5eb0-aac1-4700-9ae6-3392b8ffa9f3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
Expires
Mon, 04 May 2020 23:52:25 GMT
collect.js
100013341.collect.igodigital.com/ 		0
0
web
api.win.ma/api/v1/content/config/ 		563 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/config/web
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
d4206465e01b1a1d706937d0957aabf6491f7b73dc401e30a4247b383f50b7a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjMuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
menus
api.win.ma/api/v1/content/ 		2 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/menus
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
2deb3b3adde0f24f36e4f8701c417aa1e0871024557d7d1ac6af86bf7f7b8f13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjMuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
care
api.win.ma/api/v1/content/pages/cart/ 		285 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/care
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
77db2268879c4bd8b7152ae3875f2d02cf74f1b64e147cbe011ed6e9aa2815da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjMuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
seo
api.win.ma/api/v1/content/pages/cart/ 		435 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/seo
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
b60a378fb65885b8ec4818bb27421659cae33fead8f7926fa4d2c5fb195af6a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjMuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
FAQ
api.win.ma/api/v1/content/categories/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/categories/FAQ
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
c5c652cf1b27372603d13bc9ec6d016b0b457f2478086ed838fe294f134adaa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjMuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
matrix_strips
api.win.ma/api/v1/config/data/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/config/data/matrix_strips
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
a2eab1d780a889fca45f5d94b3e1be2b393c653945cf0a532901102ed66c75bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjMuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
801d846.woff2
win.ma/_nuxt/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/801d846.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
3f0d7c0333abb9c4d347f275374265e13d66980e583abacb903775f1157fae8c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://win.ma/
Origin
https://win.ma

Response headers

Date
Mon, 04 May 2020 23:52:33 GMT
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"52c4-171c3b0e140"
Transfer-Encoding
chunked
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff2
js
www.google-analytics.com/gtm/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5RFZXPK&t=gtm3&cid=318060767.1588636354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
103011928313891d9335a8724f1185db3229c7effd73811e43c9bd538c252beb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:34 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27758
x-xss-protection
0
expires
Mon, 04 May 2020 23:52:34 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=65846106&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20a...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_gid=1036539079.1588636354&gjid=1255194958&_v=j81&z=1622497566
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_v=j81&z=1622497566
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_v=j81&z=1622497566&slf_rd=1&random=2366942160
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_v=j81&z=1622497566&slf_rd=1&random=2366942160
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=318060767.1588636354&jid=1851201467&_v=j81&z=1622497566&slf_rd=1&random=2366942160
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
388008338698788
connect.facebook.net/signals/config/ 		477 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/388008338698788?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e34603f33e1677e5af31ce3d507eed9772d9be24c04ef58f0935911b0d4d8893
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
122565
x-xss-protection
0
pragma
public
x-fb-debug
X9tL3l6MCarOkwn+JAvk2TqS1n8mTEtlWg06dSV4K03kyRLGu6Zn6ZpmqEOMMfALxnR/nLB5euioPq1T/tY1hg==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 04 May 2020 23:52:34 GMT, Mon, 04 May 2020 23:52:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/760638815/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760638815/?random=1588636354034&cv=9&fst=1588636354034&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd5e13a9ba4c7c978e76755d5ed769ef30a66913e33ec46838b979cde9a2d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1021
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
83 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JJCSB1TNN7&gtm=2oe4m0&_p=65846106&sr=1600x1200&ul=en-us&cid=318060767.1588636354&_s=1&dl=https%3A%2F%2Fwin.ma%2F&dr=&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&cu=MAD&sid=1588636353&sct=1&seg=0&en=page_view&_fv=2&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/760638815/ 		42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/760638815/?random=1588636354034&cv=9&fst=1588633200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=3546106898&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/760638815/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/760638815/?random=1588636354034&cv=9&fst=1588633200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=3546106898&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/misc/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 2334 83311f9 master cdg-pixel-x19 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
Server
MT3 2334 83311f9 master cdg-pixel-x19
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 May 2020 23:52:25 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=65846106&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=1816915456&gjid=463336439&cid=318060767.1588636354&tid=UA-132696877-5&_gid=1036539079.1588636354&_r=1&gtm=2wg4m0P93VBML&z=570843427
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/760639278/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760639278/?random=1588636354179&cv=9&fst=1588636354179&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01d23f5edff8409056c1de8a72c492506ad504ec8ef3726eafc4d55dbae2ce5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1022
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
357379934942021
connect.facebook.net/signals/config/ 		478 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/357379934942021?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2c8a6e48068b520176ea8afb453cf899afc01683dde315203caf321ca63dec4f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
122628
x-xss-protection
0
pragma
public
x-fb-debug
0tcDQC86+YOjnv6PLZlkusWse4NRlWQkdDcAfgGHh/++ct78btAkRFXRGYq+MCr+i8duwAO/YZvJxldesPbicg==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Mon, 04 May 2020 23:52:34 GMT, Mon, 04 May 2020 23:52:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=388008338698788&ev=PageView&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1588636354227&sw=1600&sh=1200&v=2.9.18&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222443183412605739%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22511329373034306%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22548008739401042%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22406099726628827%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%221291420787704929%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22481617219057564%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[6]=%7B%22extractorID%22%3A%22183715989573900%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1588636354226.1215532798&it=1588636354029&coo=false&rqm=GET
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:34 GMT, Mon, 04 May 2020 23:52:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 04 May 2020 23:52:34 GMT
02f5aac.woff2
win.ma/_nuxt/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/02f5aac.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
59e7831de0690c5b31adbba6b527998dcff5c3b6075c3e37d8a9ffce972812be

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://win.ma/
Origin
https://win.ma

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"5548-171c3b0e140"
Transfer-Encoding
chunked
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff2
items
api.win.ma/api/v1/content/categories/FAQ_ITEM/ 		65 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/categories/FAQ_ITEM/items
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/870f386cc6f84a3f100e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
321b17d03d70f90bdfd16b3bd410a46ab4dfc296390d7057fd89ae52f4be0cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjMuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
/
www.google.com/pagead/1p-user-list/760639278/ 		42 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/760639278/?random=1588636354179&cv=9&fst=1588633200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=3704894924&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/760639278/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/760639278/?random=1588636354179&cv=9&fst=1588633200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4m0&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=3704894924&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarylSagHCslduVSzSEp

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 04 May 2020 23:52:34 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://win.ma
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 5DAC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.37 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
service.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://win.ma/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://win.ma/

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
public,max-age=86400
Set-Cookie
BrowserId=U2frx45iEeqsiV-UMkj6qw; domain=.force.com; path=/; expires=Tue, 04-May-2021 23:52:34 GMT; Max-Age=31536000
Expires
Tue, 05 May 2020 23:52:34 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Content-Type
text/html;charset=UTF-8
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
iframe_api
www.youtube.com/ 		859 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/fa581458194e30780d1b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
d24feef8a5dd86e7d2eb674dc936d2c3a5bbd1395c0c49e5fa4200d43373a6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:34 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=65846106&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=Vue%20de%2075%25%20de%20la%20page&el=Engagement%20-%20Vue%20de%2075%25%20de%20la%20page&_u=aGDAAEADQ~&jid=&gjid=&cid=318060767.1588636354&tid=UA-132696877-4&_gid=1036539079.1588636354&gtm=2wg4m0P93VBML&z=1319132052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Apr 2020 10:11:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2641288
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflrtdDSb/ 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflrtdDSb/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c5ebc81567bb11fea53ee4cf729e44ea2bfa2115442a1c72ea9b53fc654fbb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 20:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13257
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25733
x-xss-protection
0
last-modified
Tue, 28 Apr 2020 18:21:09 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 12 May 2020 20:11:37 GMT
fa9ed01.woff2
win.ma/_nuxt/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/fa9ed01.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
9d60361f6baee537cb00e5dff659fdef39dbbfaf81d1419208590fec3ea7348f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://win.ma/
Origin
https://win.ma

Response headers

Date
Mon, 04 May 2020 23:52:34 GMT
Last-Modified
Wed, 29 Apr 2020 02:08:01 GMT
ETag
W/"4f9c-171c3b0e140"
Transfer-Encoding
chunked
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff2
image
api.win.ma/api/v1/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/play-pause.png&itok=uVWC1zkC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
012b1b5db9be308980d0cb4669f7905c3da87bb3848fabb04cb1709008305afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
41763
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-chat.png&itok=Nz8Fc3-3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
30492c3c8dc6b694a7e322bcfda99fbf937dc76c57d9a73b5e2cba41337dbc81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
5786
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-choix-numero.png&itok=ZNCHjSy9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
22aef86fdf5b1f06d36e40741285a13f9f2f3ebf234f839a2f8a20c209e828f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
5795
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		777 KB
778 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0161_header_hp_desktop/public/2020-01/1062x1062.png&itok=EzdGnLni
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
bbfb2bda74fe8d0ba064802d0d72f63011eaeb6261deedd93e49b01f875105e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
795493
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-personnalisation-forfait.png&itok=Hr-Q-snG
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
aa69ca1c759ca8aa8ed780103a4be321abdd5853293ab606b73940f0d707ece8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
6579
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=388008338698788&ev=Microdata&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1588636354849&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22win%20%7C%20Premier%20Op%C3%A...
  • https://cx.atdmt.com/?c=6143400334286492737&f=AYyIomV4Op-ahiI3QqwgMdWqvhXAOYwS25-wqq16hAQXLIFj3Xwpt2TubiBwsXykIwaIHTQs4LoNxPXAF4kGm-Sn&id=388008338698788&l=3&v=0
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=6143400334286492737&f=AYyIomV4Op-ahiI3QqwgMdWqvhXAOYwS25-wqq16hAQXLIFj3Xwpt2TubiBwsXykIwaIHTQs4LoNxPXAF4kGm-Sn&id=388008338698788&l=3&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 04 May 2020 23:52:34 GMT, Mon, 04 May 2020 23:52:34 GMT, Mon, 04 May 2020 23:52:35 GMT
content-type
image/gif
alt-svc
h3-27=":443"; ma=3600
content-length
42
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:34 GMT, Mon, 04 May 2020 23:52:34 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=6143400334286492737&f=AYyIomV4Op-ahiI3QqwgMdWqvhXAOYwS25-wqq16hAQXLIFj3Xwpt2TubiBwsXykIwaIHTQs4LoNxPXAF4kGm-Sn&id=388008338698788&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=3600
content-length
0
expires
0
f98IRxzU2Dw
www.youtube.com/embed/ Frame A949 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/f98IRxzU2Dw?autoplay=true&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwin.ma&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflrtdDSb/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/f98IRxzU2Dw?autoplay=true&rel=0&enablejsapi=1&origin=https%3A%2F%2Fwin.ma&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://win.ma/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://win.ma/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
strict-transport-security
max-age=31536000
date
Mon, 04 May 2020 23:52:35 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=fDQr6y4KwyQ; path=/; domain=.youtube.com; secure; expires=Sat, 31-Oct-2020 23:52:34 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=fDQr6y4KwyQ; path=/; domain=.youtube.com; secure; expires=Sat, 31-Oct-2020 23:52:34 GMT; httponly; samesite=None YSC=66_IAyIDRrc; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 05-May-2020 00:22:34 GMT
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=357379934942021&ev=Microdata&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1588636354997&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc%22%2C%22meta%3Adescription%22%3A%22D%C3%A9couvez%20win%2C%20le%20premier%20op%C3%A9rateur%20mobile%20digital%20au%20Maroc%20et%20b%C3%A9n%C3%A9ficiez%20d%C3%A8s%20aujourd%E2%80%99hui%20d%27offres%20mobiles%20personnalisables%20et%20flexibles%20sur%20le%20meilleur%20r%C3%A9seau%20Internet%20mobile%20au%20Maroc%20!%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22fr_FR%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1588636354226.1215532798&it=1588636354029&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:35 GMT, Mon, 04 May 2020 23:52:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Mon, 04 May 2020 23:52:35 GMT
collect
www.google-analytics.com/g/ 		0
61 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JJCSB1TNN7&gtm=2oe4m0&_p=65846106&sr=1600x1200&ul=en-us&cid=318060767.1588636354&_s=2&dl=https%3A%2F%2Fwin.ma%2F&dr=&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&cu=MAD&sid=1588636353&sct=1&seg=0&en=scroll&_et=562&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:52:39 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/misc/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 2264 8c3ad5b master cdg-pixel-x9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 04 May 2020 23:52:44 GMT
Server
MT3 2264 8c3ad5b master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 04 May 2020 23:52:43 GMT
sendpulse-prompt.min.css
cdn.sendpulse.com/dist/css/push/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/dist/css/push/sendpulse-prompt.min.css?v=51591308000000
Requested by
Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
e3eb563ee309d692f5d2676d2d4d10a13e81c9dc693990ec4620b900035d4d83
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
825910
x-xss-protection
1; mode=block
x-sp-ma
ma8
last-modified
Thu, 23 Apr 2020 05:20:16 GMT
server
CDN77-Turbo
etag
W/"c4eb-5a3ee6769e78d"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type
text/css
x-sp-pr
lpr5
cache-control
max-age=31536000
x-edge-ip
195.181.175.50
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires
Sun, 25 Apr 2021 10:27:35 GMT
1fd6436b80e82.png
cdn.sendpulse.com/files/push/6831107/websites/ca618ca695daff172389373ddf8129e6/icons/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sendpulse.com/files/push/6831107/websites/ca618ca695daff172389373ddf8129e6/icons/1fd6436b80e82.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
f89d9bd3cac6b4f50f09fd0517966c4bed6d40bafa00d59ce5d304d8d9923ae5

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 04 May 2020 23:52:45 GMT
last-modified
Mon, 23 Sep 2019 10:47:00 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"5d88a2a4-19ba"
x-cache
HIT
content-type
image/png
status
200
x-sp-pr
lpr5
cache-control
max-age=604800
x-edge-ip
195.181.175.50
x-age
542395
accept-ranges
bytes
content-length
6586
expires
Tue, 28 Apr 2020 17:10:27 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=65846106&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_gid=1182155300.1588636384&gjid=1139717409&_v=j81&z=1164482581
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_v=j81&z=1164482581
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_v=j81&z=1164482581&slf_rd=1&random=2779910774
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_v=j81&z=1164482581&slf_rd=1&random=2779910774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 May 2020 23:53:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 May 2020 23:53:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=1894604337.1588636384&jid=301879375&_v=j81&z=1164482581&slf_rd=1&random=2779910774
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
100013341.collect.igodigital.com
URL
http://100013341.collect.igodigital.com/collect.js

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| __NUXT__ object| $jscomp object| embedded_svc function| getCookie function| initESW undefined| s object| webpackJsonp object| oSpPOptions function| oSendpulsePush object| oSpP function| UAParser object| google_tag_manager object| core object| __core-js_shared__ object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| $nuxt object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| onYouTubeIframeAPIReady function| metric object| google_optimize object| YTConfig object| YT function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_

13 Cookies

Domain/Path Name / Value
win.ma/ Name: TSe5f86668027
Value: 08a4d9ec82ab20000510a606dbe47506e6194b1513c2620bb39e3e6e0de0bced2322ff73228f0059084ff4bb951130005e5c2fc00c1b3215eb0374b9e0b6a405a1c9d10d173319aba10f4bf57aa9f4dcd3c547010ec67a8ec96f3126589f7ead
win.ma/ Name: TS74286a33029
Value: 08a4d9ec82ab2800fd260e58880db1cb21babcfe1702bfc3de399b45ea4c69913d4be3bcce71f3324ba9c58f3d8038cb
.win.ma/ Name: TS010594ad
Value: 018e1322ef23cd3b0ec0e883fcdd5d7f620314568ec9a4c6e3ad6d8f54cf3e2413cbf4dc832885fb9a5ed1a8db66217e810f9fe7a105882252db5672a7063465983cb3fcbb58eed7f406278511e11ff0579577353d
.win.ma/ Name: _fbp
Value: fb.1.1588636354226.1215532798
.win.ma/ Name: _gat_UA-132696877-5
Value: 1
.win.ma/ Name: _ga_JJCSB1TNN7
Value: GS1.1.1588636353.1.0.1588636353.0
.win.ma/ Name: _gat_UA-132696877-4
Value: 1
win.ma/ Name: f5avr0712780874aaaaaaaaaaaaaaaa_cspm_
Value: BPMCOADGICOOPMAMDGIPNGEHEMJAOOFEEDOFKNKKFPJGAPAGJMKNOAKOEFNNDKBEKMFCMKDDJNCDFCPODJCAPGGCAINFAKJJMCIIJKPPBNFCNFEDHJFOEPIBIIOLDPFK
.win.ma/ Name: _gid
Value: GA1.2.1036539079.1588636354
.win.ma/ Name: _ga
Value: GA1.2.318060767.1588636354
win.ma/ Name: visitCount
Value: 1
.win.ma/ Name: _gcl_au
Value: 1.1.462443711.1588636354
win.ma/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: CAJHFEDFGCOPHEAMNBINAMEHCMKKCPNEILOJMNLKEPJGAPAGJMKNKIKOEFIMDKBEKMFDMKDDMKCNGJPADJCAPGGCEKGAMACMOOHKLCEPBNFCNFEMGEHBNCABIIOLDPFK

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100013341.collect.igodigital.com
api.win.ma
cdn.sendpulse.com
connect.facebook.net
cx.atdmt.com
googleads.g.doubleclick.net
pixel.mathtag.com
polyfill.io
s.ytimg.com
service.force.com
stats.g.doubleclick.net
win.ma
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.win.ma
www.youtube.com
100013341.collect.igodigital.com
105.73.2.24
105.73.3.20
161.71.1.37
195.181.175.52
2.18.233.201
216.58.210.2
2a00:1450:4001:814::2003
2a00:1450:4001:815::2002
2a00:1450:4001:815::2004
2a00:1450:4001:81b::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c08::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::621
012b1b5db9be308980d0cb4669f7905c3da87bb3848fabb04cb1709008305afe
01d23f5edff8409056c1de8a72c492506ad504ec8ef3726eafc4d55dbae2ce5d
0a8103cc9cb19b1d97868facedd49dc824f61915d230b86d044aab568abd49e8
0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16
103011928313891d9335a8724f1185db3229c7effd73811e43c9bd538c252beb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
151e7d54fe1a19ea7a3ccb7612beaaf0635d32a35e2570d84d8a99632910d690
22aef86fdf5b1f06d36e40741285a13f9f2f3ebf234f839a2f8a20c209e828f2
28f07389552cf9e3557433f06cf63d9cf59e406f6aace98f63ba8220bb6095a5
2c8a6e48068b520176ea8afb453cf899afc01683dde315203caf321ca63dec4f
2cc8ade39968d150f4216cffe6ccb88c7eeb85c56828413084ead59167ae32de
2db303cc3e72cc93b538facee0325775079f38522a33a41af50aa4c0a9a9c828
2deb3b3adde0f24f36e4f8701c417aa1e0871024557d7d1ac6af86bf7f7b8f13
30492c3c8dc6b694a7e322bcfda99fbf937dc76c57d9a73b5e2cba41337dbc81
321b17d03d70f90bdfd16b3bd410a46ab4dfc296390d7057fd89ae52f4be0cac
3f0d7c0333abb9c4d347f275374265e13d66980e583abacb903775f1157fae8c
4aa1e4ceca6aa3906215b02569649f607cb33c635d3c1f72809ac6a8286821dc
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
59e7831de0690c5b31adbba6b527998dcff5c3b6075c3e37d8a9ffce972812be
5dbee4e599d718f6b925bcc37fa457914ab19fb3c31dcd9c67d8400e9fa7b0d7
6b5ef1358a6b62c3561e465364af9a62067c1454e616c08cadd5e102fb0f7c40
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77db2268879c4bd8b7152ae3875f2d02cf74f1b64e147cbe011ed6e9aa2815da
7a15ca890c13a703e73dd7ac86893943805d71ed2fe3db2cc13071f7e68c5c15
7fd5e13a9ba4c7c978e76755d5ed769ef30a66913e33ec46838b979cde9a2d3e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87c94d4c76443c08404eec74922cf5826765490ab53de4588ca1ad7bbf9d2406
8c5ebc81567bb11fea53ee4cf729e44ea2bfa2115442a1c72ea9b53fc654fbb9
971db85eedcd9bb1d28cb725d6f98355f0d2c4152dc8d31ccb49c14391a17f0b
9d60361f6baee537cb00e5dff659fdef39dbbfaf81d1419208590fec3ea7348f
a2eab1d780a889fca45f5d94b3e1be2b393c653945cf0a532901102ed66c75bb
a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d
aa69ca1c759ca8aa8ed780103a4be321abdd5853293ab606b73940f0d707ece8
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
aee2bf6d09b7bcd0e39185e40c59e6ed9163a4bb0883e056edcf6c1383528da1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2378f09687af1e2e944c9cc67951b1b24c08abe82db922a053d541c61542f3e
b60a378fb65885b8ec4818bb27421659cae33fead8f7926fa4d2c5fb195af6a5
b9499d24c83a3578a887210c9d0b937906f26ea3ebf96ab74746743819964a40
ba1afdb4df96d6b66b83c901ea666d244496f2dfa8fdf47cddd9527081429ee3
bbfb2bda74fe8d0ba064802d0d72f63011eaeb6261deedd93e49b01f875105e3
c5c652cf1b27372603d13bc9ec6d016b0b457f2478086ed838fe294f134adaa0
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d18c0e66140998a28a3134a1480c16e146e103902cf6c2e37a87de925722d8fd
d24feef8a5dd86e7d2eb674dc936d2c3a5bbd1395c0c49e5fa4200d43373a6b4
d4206465e01b1a1d706937d0957aabf6491f7b73dc401e30a4247b383f50b7a8
d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6
e34603f33e1677e5af31ce3d507eed9772d9be24c04ef58f0935911b0d4d8893
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb563ee309d692f5d2676d2d4d10a13e81c9dc693990ec4620b900035d4d83
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
f58eb78a182c29e1d3f1bdba8d05591451f3c865a4c456fc8707a164e8b06647
f89d9bd3cac6b4f50f09fd0517966c4bed6d40bafa00d59ce5d304d8d9923ae5