urlscan.io logo urlscan.io
SecurityTrails logo

win.ma Open in urlscan Pro
105.73.3.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.win.ma/
Effective URL: https://win.ma/
Submission: On June 29 via manual from MA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 8 countries across 15 domains to perform 63 HTTP transactions. The main IP is 105.73.3.20, located in Morocco and belongs to MAROCCONNECT, MA. The main domain is win.ma.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 16th 2019. Valid for: 2 years.
This is the only time win.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    105.73.3.20 (Morocco)

ASN36884 (MAROCCONNECT, MA)
www.win.ma
win.ma
2    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    161.71.0.165 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl2-ncg0-lhr3.um3-lo2.force.com
service.force.com
2    2a04:4e42::621 (Ascension Island)

ASN54113 (FASTLY, US)
polyfill.io
5    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
www.googleadservices.com
4    2.21.37.45 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-45.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    195.181.175.46 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-44.cdn77.com
cdn.sendpulse.com
12    105.73.2.24 (Morocco)

ASN36884 (MAROCCONNECT, MA)
api.win.ma
1    85.222.146.248 (United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl6-ncg0-cdg3.la2-c1-cdg.salesforceliveagent.com
d.la2-c1-cdg.salesforceliveagent.com
2    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
16 win.ma win.ma
12 api.win.ma win.ma
7 service.force.com win.ma
service.force.com
5 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
win.ma
4 pixel.mathtag.com 1 redirects win.ma
3 www.google.de win.ma
3 www.google.com 1 redirects win.ma
3 cdn.sendpulse.com www.googletagmanager.com
cdn.sendpulse.com
2 www.facebook.com connect.facebook.net
win.ma
2 googleads.g.doubleclick.net www.googleadservices.com
2 connect.facebook.net win.ma
connect.facebook.net
2 polyfill.io win.ma
2 www.googletagmanager.com win.ma
www.googletagmanager.com
2 www.win.ma 2 redirects
1 stats.g.doubleclick.net 1 redirects
1 d.la2-c1-cdg.salesforceliveagent.com service.force.com
1 www.googleadservices.com www.googletagmanager.com
0 100013341.collect.igodigital.com Failed www.googletagmanager.com
63 18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
www.twitter.com
www.inwi.ma
inwi.ma
Subject Issuer Validity Valid
*.win.ma
Sectigo RSA Domain Validation Secure Server CA		 2019-03-16 -
2021-03-15		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
*.um3.force.com
DigiCert SHA2 Secure Server CA		 2020-05-11 -
2021-04-28		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-06-08 -
2021-04-17		 10 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.sendpulse.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-30 -
2020-10-29		 2 years crt.sh
la2-c1-cdg.salesforceliveagent.com
DigiCert SHA2 Secure Server CA		 2019-06-26 -
2021-06-25		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-06-10 -
2020-09-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://win.ma/
Frame ID: 542C95DE67556C849EA39CE97F260E9F
Requests: 63 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Frame ID: 2181E121F6A681FD0A26CCB71C77B51A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.win.ma/ HTTP 301
    https://www.win.ma/ HTTP 301
    https://win.ma/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-v(?:ue)-/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

63
Requests

98 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

16
IPs

8
Countries

1364 kB
Transfer

3435 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.win.ma/ HTTP 301
    https://www.win.ma/ HTTP 301
    https://win.ma/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP 302
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=77e75ef9-c0f3-4000-82d9-a4ddc45f2823
Request Chain 46
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=534194362&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQ~&jid=1827465060&gjid=427420116&cid=48859702.1593426164&tid=UA-132696877-4&_gid=1104929219.1593426164&_r=1&gtm=2wg6h1P93VBML&z=1797538240 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_gid=1104929219.1593426164&gjid=427420116&_v=j83&z=1797538240 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_v=j83&z=1797538240 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_v=j83&z=1797538240&slf_rd=1&random=2395632319

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
win.ma/
Redirect Chain
  • http://www.win.ma/
  • https://www.win.ma/
  • https://win.ma/
197 KB
199 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
f02147fcc907860d72af91054808f8053d90ef551743af08d15aa546f6878ef2

Request headers

Host
win.ma
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ETag
"30de3-+4JzYJMvIGY8kzca7xFSequPKmg"
Link
</_nuxt/b3eb8d397a14f392bcc3.js>; rel=preload; as=script,</_nuxt/72e465a0158822c7eee2.js>; rel=preload; as=script,</_nuxt/f5b736a1201096028ef6.js>; rel=preload; as=script,</_nuxt/78fb2ef4df56e1006c69.js>; rel=preload; as=script,</_nuxt/65c281734e1bdf9393c6.js>; rel=preload; as=script,</_nuxt/21d8aa5e98a899e445c2.js>; rel=preload; as=script
Content-Type
text/html; charset=utf-8
Vary
Accept-Encoding
Date
Mon, 29 Jun 2020 10:22:42 GMT
Connection
keep-alive
Set-Cookie
f5avraaaaaaaaaaaaaaaa_session_=FJBHCNFDIPJOALJBFPKJNCCNKBHCNNCJIJHCMLJKLFAGNDJELHHBGGHNNGIKFODAOPLDEEBMCACNMFNDOMPAFCJPHMNEAJFMOLPKGIECOEILIBPLMBKDICBGIJAOHEMD; HttpOnly; secure f5_cspm=1234; TS010594ad=018e1322efade855bf51ebaedef86d007875045e881e02babf4d0952feb6e67474b1f86af9ee14f664497b02fe84ef0faf782c3d19f0a3754f4d3388f4327930244854ae7cba1d4aaa3a356c24c280ed996afa9c17; Path=/; Domain=.win.ma TS74286a33029=08a4d9ec82ab2800d8a54fcdd43cafd7b2ef9addf1c43c5ed6ee9465698509e805a4d5d1532db7412b895a06415d83a8; Max-Age=30;Path=/ TSe5f86668027=08a4d9ec82ab20001af991924eaec676f2fae7c0c8f356116ddde7c3684d3d87ac28f146df054afe08de676baa1130002170c642e16825347070091ac4cfcd350c454ebf889e839408bc2cdb41ec2e7857b76897a2a731a37c764d36b2d85eda;Path=/
P3P
CP="{}" CP="{}"
Transfer-Encoding
chunked

Redirect headers

Location
https://win.ma/
Server
BigIP
Connection
Keep-Alive
Content-Length
0
b3eb8d397a14f392bcc3.js
win.ma/_nuxt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/b3eb8d397a14f392bcc3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
6bcca123d0f37ac24dd80d6941d280b439b590aaab1178912b09bba0181fcc61

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"15b0-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
72e465a0158822c7eee2.js
win.ma/_nuxt/ 		166 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
f9c7ea5005c3dd83b02a6172cdcd1534450884456e34a7c8df80c0d9ff1ee9b2

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"29989-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
f5b736a1201096028ef6.js
win.ma/_nuxt/ 		473 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/f5b736a1201096028ef6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
d5fd0d4df85af8a7183a5f452026872375ff7be006a2f35ca422aa8cb1cc21ab

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"764d5-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
78fb2ef4df56e1006c69.js
win.ma/_nuxt/ 		639 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/78fb2ef4df56e1006c69.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
e3f909f1661fa93f371b9084389b473dfbacd0ca1e3121d133f6fda5d03b0eef

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"9fd10-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
65c281734e1bdf9393c6.js
win.ma/_nuxt/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/65c281734e1bdf9393c6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
f2100a9a3f7fa63aa8ba7d1e9e13ed636d0a0346f5c33e51159fffb7033456d5

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"4c3-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
21d8aa5e98a899e445c2.js
win.ma/_nuxt/ 		169 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/21d8aa5e98a899e445c2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
902b8cb58e03124902422cbc9bb7a20f0a6ff0241979f17b2711ab00b4f8b1dd

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"2a5f7-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		159 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec0a1c69d6ace5b3d684caf0e796140ed906d5ae65d5457346fc2f2b0b62d99a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:42 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38344
x-xss-protection
0
last-modified
Mon, 29 Jun 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jun 2020 10:22:42 GMT
smartbanner.min.css
win.ma/smartbanner/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.css
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
ad981f0d083d45ecc8480bb4b59d5815a82c5a396cb83c1ef6936c3da0e00110

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Last-Modified
Fri, 19 Jun 2020 15:15:21 GMT
ETag
W/"bc4-172cd260728"
Vary
Accept-Encoding
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css; charset=UTF-8
smartbanner.min.js
win.ma/smartbanner/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
a5fabc8494f83fe9a7932cdb4fbb7be8bb00d0c6a519431f4e399aad85b90d22

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Last-Modified
Fri, 19 Jun 2020 15:15:21 GMT
ETag
W/"23a6-172cd260728"
Vary
Accept-Encoding
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
801d846.woff2
win.ma/_nuxt/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/801d846.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
3f0d7c0333abb9c4d347f275374265e13d66980e583abacb903775f1157fae8c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://win.ma/
Origin
https://win.ma

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"52c4-172ff06432d"
Transfer-Encoding
chunked
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff2
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
02f5aac.woff2
win.ma/_nuxt/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/02f5aac.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
59e7831de0690c5b31adbba6b527998dcff5c3b6075c3e37d8a9ffce972812be

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://win.ma/
Origin
https://win.ma

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"5548-172ff06432d"
Transfer-Encoding
chunked
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff2
fa9ed01.woff2
win.ma/_nuxt/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/fa9ed01.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
9d60361f6baee537cb00e5dff659fdef39dbbfaf81d1419208590fec3ea7348f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://win.ma/
Origin
https://win.ma

Response headers

Date
Mon, 29 Jun 2020 10:22:42 GMT
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"4f9c-172ff06432d"
Transfer-Encoding
chunked
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff2
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Jun 2020 21:01:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 26 Mar 2020 18:52:20 GMT
Age
48063
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8409
X-XSS-Protection
1; mode=block
Expires
Mon, 29 Jun 2020 21:01:40 GMT
polyfill.min.js
polyfill.io/v2/ 		222 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=default,IntersectionObserver,Array.prototype.find,EventSource,Array.prototype.includes
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3539508
detected-user-agent
Chrome/83.0.4103
status
200
request_came_from_shield
FRA
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Mon, 18 May 2020 23:44:26 GMT
date
Mon, 29 Jun 2020 10:22:42 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Jun 2020 21:01:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
48094
Content-Length
979
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 11 Dec 2019 22:22:08 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Mon, 29 Jun 2020 21:01:09 GMT
polyfill.min.js
polyfill.io/v2/ 		222 B
222 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=default,IntersectionObserver,Array.prototype.find,EventSource,Array.prototype.includes
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3539508
detected-user-agent
Chrome/83.0.4103
status
200
request_came_from_shield
FRA
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Mon, 18 May 2020 23:44:26 GMT
date
Mon, 29 Jun 2020 10:22:43 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
esw.min.css
service.force.com/embeddedservice/5.0/ 		8 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Jun 2020 20:30:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Aug 2019 23:00:22 GMT
Age
49940
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
3946
X-XSS-Protection
1; mode=block
Expires
Mon, 29 Jun 2020 20:30:23 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Jun 2020 21:01:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
48064
Content-Length
4511
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 16 Jan 2020 22:58:44 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Mon, 29 Jun 2020 21:01:39 GMT
3f88c09fae56d3123438.js
win.ma/_nuxt/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/3f88c09fae56d3123438.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/b3eb8d397a14f392bcc3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
46407f90d4c6b9a1fca62a11d6af3972020478559eaccee5736f54c9c204e1e0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"54e5-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame 2181 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
service.force.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://win.ma/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://win.ma/

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Security-Policy
upgrade-insecure-requests
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
public,max-age=86400
Set-Cookie
BrowserId=d-En1LnyEeq3kBO72xvWkA; domain=.force.com; path=/; expires=Tue, 29-Jun-2021 10:22:43 GMT; Max-Age=31536000 BrowserId_sec=d-En1LnyEeq3kBO72xvWkA; domain=.force.com; path=/; expires=Tue, 29-Jun-2021 10:22:43 GMT; Max-Age=31536000; secure; SameSite=None
Expires
Tue, 30 Jun 2020 10:22:43 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Content-Type
text/html;charset=UTF-8
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked
6aa5ab544fa28200e7a3.js
win.ma/_nuxt/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/6aa5ab544fa28200e7a3.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/b3eb8d397a14f392bcc3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
ed859c0e3bf6486d6182e565f888bad6325dc56bb85f1123f07293ceb0291ae8

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"3f90-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
9b4aa6dc76b5a999e902.js
win.ma/_nuxt/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/9b4aa6dc76b5a999e902.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/b3eb8d397a14f392bcc3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
d04b7abb0c1c2d398881cae770227b85714bd07fdfc1acf3c653a584ab3da9ae

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Content-Encoding
br
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"7285-172ff064329"
Vary
Accept-Encoding
P3P
CP="{}"
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
d1f6eeee08f53dab5f281b34a66dbffa0e7a588fdc68d665986b9ad419e4539e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Jun 2020 21:01:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Dec 2019 22:22:08 GMT
Age
48094
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4543
X-XSS-Protection
1; mode=block
Expires
Mon, 29 Jun 2020 21:01:09 GMT
js
www.googletagmanager.com/gtag/ 		119 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
50f105191ad768e507d18e7b92427cb18125f449cf301c515292c3632655e999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46040
x-xss-protection
0
expires
Mon, 29 Jun 2020 10:22:43 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6185
date
Mon, 29 Jun 2020 08:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 29 Jun 2020 10:39:38 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
677393ba495795a3d8ad7c585d8f593c1f3f8df3d6100995ac3aea8b2f785058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11103
x-xss-protection
0
server
cafe
etag
12575517994471615249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 29 Jun 2020 10:22:43 GMT
js
pixel.mathtag.com/event/
Redirect Chain
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
  • https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=77e75ef9-c0f3-4000-82d9-a4ddc45f2823
597 B
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=77e75ef9-c0f3-4000-82d9-a4ddc45f2823
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-45.deploy.static.akamaitechnologies.com
Software
MT3 2334 83311f9 master cdg-pixel-x22 /
Resource Hash
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Server
MT3 2334 83311f9 master cdg-pixel-x22
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Mon, 29 Jun 2020 10:22:42 GMT

Redirect headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Server
MT3 2540 c1f9db4 master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=77e75ef9-c0f3-4000-82d9-a4ddc45f2823
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
0
Expires
Mon, 29 Jun 2020 10:25:09 GMT
collect.js
100013341.collect.igodigital.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		133 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34036
x-xss-protection
0
pragma
public
x-fb-debug
zRdyYOWem8TCMhjmZyugdw0RQvvK1BWOZvdisX7o/1mKm+7FQaXH3/7UeDS8sy1VMqzlX1f5rlmabOQiZwVoWQ==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Mon, 29 Jun 2020 10:22:43 GMT, Mon, 29 Jun 2020 10:22:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ca618ca695daff172389373ddf8129e6_1.js
cdn.sendpulse.com/js/push/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
87c94d4c76443c08404eec74922cf5826765490ab53de4588ca1ad7bbf9d2406
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
216221
x-xss-protection
1; mode=block
x-sp-ma
ma5
last-modified
Tue, 16 Jun 2020 10:36:33 GMT
server
CDN77-Turbo
etag
W/"c4ae-5a8311e00a5bd"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type
application/javascript
x-sp-pr
lpr5
cache-control
max-age=604800
x-edge-ip
195.181.175.44
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires
Tue, 23 Jun 2020 10:50:28 GMT
web
api.win.ma/api/v1/content/config/ 		786 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/config/web
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
ffe9588a123dab966f68987aa709c453cf2193833e600ea5b4fec32bad755634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjYuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
menus
api.win.ma/api/v1/content/ 		3 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/menus
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
90f42d8000c1293e3f0507c89d3f49e436a75e65ef3d08af62a30f5cca5f951c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjYuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
care
api.win.ma/api/v1/content/pages/cart/ 		285 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/care
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
77db2268879c4bd8b7152ae3875f2d02cf74f1b64e147cbe011ed6e9aa2815da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjYuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
seo
api.win.ma/api/v1/content/pages/cart/ 		435 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/seo
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
b60a378fb65885b8ec4818bb27421659cae33fead8f7926fa4d2c5fb195af6a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjYuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
tree
api.win.ma/api/v2/content/proxy/taxonomy/CATEGORIES_FAQ/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v2/content/proxy/taxonomy/CATEGORIES_FAQ/tree
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
4be29f1c02b91cbf7ded63ecba74e81055f6dc8d3b6d17f8e28dde3f1ee04441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjYuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
matrix_strips
api.win.ma/api/v1/config/data/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/config/data/matrix_strips
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
a2eab1d780a889fca45f5d94b3e1be2b393c653945cf0a532901102ed66c75bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjYuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
image
api.win.ma/api/v1/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/play-pause.png&itok=uVWC1zkC
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
012b1b5db9be308980d0cb4669f7905c3da87bb3848fabb04cb1709008305afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
41763
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-choix-numero.png&itok=ZNCHjSy9
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
22aef86fdf5b1f06d36e40741285a13f9f2f3ebf234f839a2f8a20c209e828f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
5795
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0161_header_hp_desktop/public/2020-06/header-mobile-_2_-min.jpg&itok=XZf3aIgO
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
4492452d810a5255a951aee213491122e5504b52d07c237d0a0314bb316b8143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
86682
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*, *
Accept
image/jpeg
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-personnalisation-forfait.png&itok=Hr-Q-snG
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
aa69ca1c759ca8aa8ed780103a4be321abdd5853293ab606b73940f0d707ece8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
6579
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-chat.png&itok=Nz8Fc3-3
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
30492c3c8dc6b694a7e322bcfda99fbf937dc76c57d9a73b5e2cba41337dbc81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Connection
keep-alive
Content-Length
5786
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
image/png
Access-Control-Allow-Origin
*, *
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Settings.jsonp
d.la2-c1-cdg.salesforceliveagent.com/chat/rest/Visitor/ 		342 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2-c1-cdg.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5730N0000000Blz]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720N0000000Bd8&org_id=00D0N000000j6eD&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
85.222.146.248 , United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl6-ncg0-cdg3.la2-c1-cdg.salesforceliveagent.com
Software
/
Resource Hash
7ecb0f416ca44eb9a25da18f46de38f3d9155847ded2673f3ab0a167191a5cb1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.0.165 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl2-ncg0-lhr3.um3-lo2.force.com
Software
/
Resource Hash
ac20136402e1daf9eb019c6b2d21f58dd940c9ba59d42ae2e2ab235021327cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 28 Jun 2020 20:30:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
49939
Content-Length
2484
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 22 Jan 2020 02:11:04 GMT
Expect-CT
max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges
bytes
X-Robots-Tag
none
Expires
Mon, 29 Jun 2020 20:30:24 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/760638815/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760638815/?random=1593426163601&cv=9&fst=1593426163601&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
430699081ff78e08266df94ac6054130abe16b7d5521decf296960f274c8124d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1021
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		74 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5RFZXPK&t=gtm3&cid=48859702.1593426164
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39b8b71816a716e7ced4db2b5d2b5cef8bb2cd3ecab9801d6fe00acc2814fe87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29355
x-xss-protection
0
expires
Mon, 29 Jun 2020 10:22:43 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=534194362&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_gid=1104929219.1593426164&gjid=427420116&_v=j83&z=1797538240
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_v=j83&z=1797538240
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_v=j83&z=1797538240&slf_rd=1&random=2395632319
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_v=j83&z=1797538240&slf_rd=1&random=2395632319
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-132696877-4&cid=48859702.1593426164&jid=1827465060&_v=j83&z=1797538240&slf_rd=1&random=2395632319
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
357379934942021
connect.facebook.net/signals/config/ 		524 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/357379934942021?v=2.9.21&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43364ccb45948cde6955750318c526dfc6f6d4804d437eb547f3748f586515b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134901
x-xss-protection
0
pragma
public
x-fb-debug
MDBMJGahqpCVxxFUucaAfivfZxeH8fq5NEvcGBvRWlbLHDEULOAeIKuKp3HCWIdyzHh2cDD9cobg2XEA4ABf6A==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Mon, 29 Jun 2020 10:22:43 GMT, Mon, 29 Jun 2020 10:22:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
72 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JJCSB1TNN7&gtm=2oe6h1&_p=534194362&sr=1600x1200&ul=en-us&cid=48859702.1593426164&_s=1&dl=https%3A%2F%2Fwin.ma%2F&dr=&dt=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&cu=MAD&sid=1593426163&sct=1&seg=0&en=page_view&_fv=2&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
server
Golfe2
status
204
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/760638815/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/760638815/?random=1593426163601&cv=9&fst=1593424800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=4126934158&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/760638815/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/760638815/?random=1593426163601&cv=9&fst=1593424800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=4126934158&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/misc/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-45.deploy.static.akamaitechnologies.com
Software
MT3 2334 83311f9 master cdg-pixel-x23 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:43 GMT
Server
MT3 2334 83311f9 master cdg-pixel-x23
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Jun 2020 10:22:42 GMT
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=534194362&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQ~&jid=1849562384&gjid=295188480&cid=48859702.1593426164&tid=UA-132696877-5&_gid=1104929219.1593426164&_r=1&gtm=2wg6h1P93VBML&z=104347650
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/760639278/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760639278/?random=1593426163679&cv=9&fst=1593426163679&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
736b55fbf9ea7a10ad7fb40966d1a16d6dcd5b44ea1bcc79d79fceeb89c1c494
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1023
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
69 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryyceJaHURV6x2d7Kd

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Mon, 29 Jun 2020 10:22:43 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://win.ma
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.google.com/pagead/1p-user-list/760639278/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/760639278/?random=1593426163679&cv=9&fst=1593424800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=4148260044&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/760639278/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/760639278/?random=1593426163679&cv=9&fst=1593424800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&async=1&fmt=3&is_vtc=1&random=4148260044&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jun 2020 10:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
faq_items
api.win.ma/api/v2/content/proxy/api/get-content/ 		80 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v2/content/proxy/api/get-content/faq_items
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/72e465a0158822c7eee2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
8561f968b1a14fc46bab6b3656f56f3e3f00ea61560a2f971078f39a09585537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjYuMCIsImRldmljZVR5cGUiOiJEZXNrdG9wIn0=
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="{}"
Connection
keep-alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
X-Frame-Options
DENY
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Expires
0
ed97031.woff
win.ma/_nuxt/fonts/ 		130 KB
131 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/ed97031.woff
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
40d08430de7391a713da77e41cda28323fb8459188019d8756054369ec553cc7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://win.ma/
Origin
https://win.ma

Response headers

Date
Mon, 29 Jun 2020 10:22:44 GMT
Last-Modified
Mon, 29 Jun 2020 07:41:40 GMT
ETag
W/"20868-172ff06432d"
Transfer-Encoding
chunked
P3P
CP="{}", CP="{}"
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/font-woff
/
www.facebook.com/tr/ 		44 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=357379934942021&ev=Microdata&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1593426164205&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc%22%2C%22meta%3Adescription%22%3A%22D%C3%A9couvez%20win%2C%20le%20premier%20op%C3%A9rateur%20mobile%20digital%20au%20Maroc%20et%20b%C3%A9n%C3%A9ficiez%20d%C3%A8s%20aujourd%E2%80%99hui%20d%27offres%20mobiles%20personnalisables%20et%20flexibles%20sur%20le%20meilleur%20r%C3%A9seau%20Internet%20mobile%20au%20Maroc%20!%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22fr_FR%22%2C%22og%3Alocale%3Aalternate%22%3A%22ar_MA%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.21&r=stable&ec=1&o=30&fbp=fb.1.1593426163701.869755059&it=1593426163632&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:44 GMT, Mon, 29 Jun 2020 10:22:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 29 Jun 2020 10:22:44 GMT
img
pixel.mathtag.com/misc/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-37-45.deploy.static.akamaitechnologies.com
Software
MT3 2567 b8d0938 master cdg-pixel-x1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 29 Jun 2020 10:22:53 GMT
Server
MT3 2567 b8d0938 master cdg-pixel-x1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 29 Jun 2020 10:24:59 GMT
sendpulse-prompt.min.css
cdn.sendpulse.com/dist/css/push/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/dist/css/push/sendpulse-prompt.min.css?v=291595973600000
Requested by
Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
e3eb563ee309d692f5d2676d2d4d10a13e81c9dc693990ec4620b900035d4d83
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
x-edge-location
frankfurtDE
x-cache
HIT
status
200
x-age
534712
x-xss-protection
1; mode=block
x-sp-ma
ma8
last-modified
Mon, 22 Jun 2020 13:46:31 GMT
server
CDN77-Turbo
etag
W/"c4eb-5a8ac786dab22"
vary
Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type
text/css
x-sp-pr
lpr6
cache-control
max-age=31536000
x-edge-ip
195.181.175.44
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires
Wed, 23 Jun 2021 05:51:02 GMT
1fd6436b80e82.png
cdn.sendpulse.com/files/push/6831107/websites/ca618ca695daff172389373ddf8129e6/icons/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sendpulse.com/files/push/6831107/websites/ca618ca695daff172389373ddf8129e6/icons/1fd6436b80e82.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f89d9bd3cac6b4f50f09fd0517966c4bed6d40bafa00d59ce5d304d8d9923ae5

Request headers

Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 29 Jun 2020 10:22:54 GMT
last-modified
Mon, 23 Sep 2019 10:47:00 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
"5d88a2a4-19ba"
x-cache
HIT
content-type
image/png
status
200
x-sp-pr
lpr4
cache-control
max-age=604800
x-edge-ip
195.181.175.44
x-age
207459
accept-ranges
bytes
content-length
6586
expires
Sat, 04 Jul 2020 00:45:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
100013341.collect.igodigital.com
URL
http://100013341.collect.igodigital.com/collect.js

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| include string| path string| lang object| google_tag_manager object| dataLayer object| __NUXT__ object| $jscomp object| embedded_svc function| getCookie function| initESW undefined| s object| target object| observer object| config object| webpackJsonp object| core object| __core-js_shared__ object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| $nuxt function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| metric object| oSpPOptions function| oSendpulsePush object| oSpP function| UAParser object| google_optimize

15 Cookies

Domain/Path Name / Value
.force.com/ Name: BrowserId_sec
Value: d-En1LnyEeq3kBO72xvWkA
win.ma/ Name: TSe5f86668027
Value: 08a4d9ec82ab200073ffcc31450b385030e1373f07611f498c992cead1598d15e66cbb0f1f86e2df08fde7fb9e113000e24a1e44ff312d903f519ebb18140718764ff6e9a02dfbd9bc2a946552a0dc64dd2dfc015f37694f2859ed4b7239f686
win.ma/ Name: TS74286a33029
Value: 08a4d9ec82ab28001829c319995d6d4b57e1665d5ee07b790597d8dfac4fab88c2ec01adc3aa86b7426e68eb7b319f65
.win.ma/ Name: TS010594ad
Value: 018e1322efade855bf51ebaedef86d007875045e881e02babf4d0952feb6e67474b1f86af9ee14f664497b02fe84ef0faf782c3d19f0a3754f4d3388f4327930244854ae7cba1d4aaa3a356c24c280ed996afa9c17
.win.ma/ Name: _fbp
Value: fb.1.1593426163701.869755059
.win.ma/ Name: _gat_UA-132696877-5
Value: 1
.win.ma/ Name: _ga_JJCSB1TNN7
Value: GS1.1.1593426163.1.0.1593426163.0
.win.ma/ Name: _gat_UA-132696877-4
Value: 1
.win.ma/ Name: _gid
Value: GA1.2.1104929219.1593426164
.force.com/ Name: BrowserId
Value: d-En1LnyEeq3kBO72xvWkA
win.ma/ Name: currentHome
Value: %2F
.win.ma/ Name: _ga
Value: GA1.2.48859702.1593426164
win.ma/ Name: visitCount
Value: 1
.win.ma/ Name: _gcl_au
Value: 1.1.1918008587.1593426163
win.ma/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: FJBHCNFDIPJOALJBFPKJNCCNKBHCNNCJIJHCMLJKLFAGNDJELHHBGGHNNGIKFODAOPLDEEBMCACNMFNDOMPAFCJPHMNEAJFMOLPKGIECOEILIBPLMBKDICBGIJAOHEMD

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100013341.collect.igodigital.com
api.win.ma
cdn.sendpulse.com
connect.facebook.net
d.la2-c1-cdg.salesforceliveagent.com
googleads.g.doubleclick.net
pixel.mathtag.com
polyfill.io
service.force.com
stats.g.doubleclick.net
win.ma
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.win.ma
100013341.collect.igodigital.com
105.73.2.24
105.73.3.20
161.71.0.165
195.181.175.46
2.21.37.45
216.58.207.66
2a00:1450:4001:814::2002
2a00:1450:4001:818::2003
2a00:1450:4001:818::2004
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c07::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::621
85.222.146.248
012b1b5db9be308980d0cb4669f7905c3da87bb3848fabb04cb1709008305afe
0d6dfddf8789a6869ae355e82e0dbc876b174697ac4828f4272d34b74aab6c16
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
22aef86fdf5b1f06d36e40741285a13f9f2f3ebf234f839a2f8a20c209e828f2
30492c3c8dc6b694a7e322bcfda99fbf937dc76c57d9a73b5e2cba41337dbc81
39b8b71816a716e7ced4db2b5d2b5cef8bb2cd3ecab9801d6fe00acc2814fe87
3f0d7c0333abb9c4d347f275374265e13d66980e583abacb903775f1157fae8c
40d08430de7391a713da77e41cda28323fb8459188019d8756054369ec553cc7
430699081ff78e08266df94ac6054130abe16b7d5521decf296960f274c8124d
43364ccb45948cde6955750318c526dfc6f6d4804d437eb547f3748f586515b3
4492452d810a5255a951aee213491122e5504b52d07c237d0a0314bb316b8143
46407f90d4c6b9a1fca62a11d6af3972020478559eaccee5736f54c9c204e1e0
4be29f1c02b91cbf7ded63ecba74e81055f6dc8d3b6d17f8e28dde3f1ee04441
50f105191ad768e507d18e7b92427cb18125f449cf301c515292c3632655e999
59e7831de0690c5b31adbba6b527998dcff5c3b6075c3e37d8a9ffce972812be
677393ba495795a3d8ad7c585d8f593c1f3f8df3d6100995ac3aea8b2f785058
6bcca123d0f37ac24dd80d6941d280b439b590aaab1178912b09bba0181fcc61
736b55fbf9ea7a10ad7fb40966d1a16d6dcd5b44ea1bcc79d79fceeb89c1c494
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
77db2268879c4bd8b7152ae3875f2d02cf74f1b64e147cbe011ed6e9aa2815da
7ecb0f416ca44eb9a25da18f46de38f3d9155847ded2673f3ab0a167191a5cb1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8561f968b1a14fc46bab6b3656f56f3e3f00ea61560a2f971078f39a09585537
87c94d4c76443c08404eec74922cf5826765490ab53de4588ca1ad7bbf9d2406
902b8cb58e03124902422cbc9bb7a20f0a6ff0241979f17b2711ab00b4f8b1dd
90f42d8000c1293e3f0507c89d3f49e436a75e65ef3d08af62a30f5cca5f951c
9d60361f6baee537cb00e5dff659fdef39dbbfaf81d1419208590fec3ea7348f
a2eab1d780a889fca45f5d94b3e1be2b393c653945cf0a532901102ed66c75bb
a5fabc8494f83fe9a7932cdb4fbb7be8bb00d0c6a519431f4e399aad85b90d22
a86cfbecde921c4935f39b5fca834195cb9a2b12c2997ab08147c031b1bb668d
aa69ca1c759ca8aa8ed780103a4be321abdd5853293ab606b73940f0d707ece8
ac20136402e1daf9eb019c6b2d21f58dd940c9ba59d42ae2e2ab235021327cc2
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
ad981f0d083d45ecc8480bb4b59d5815a82c5a396cb83c1ef6936c3da0e00110
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60a378fb65885b8ec4818bb27421659cae33fead8f7926fa4d2c5fb195af6a5
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d04b7abb0c1c2d398881cae770227b85714bd07fdfc1acf3c653a584ab3da9ae
d1f6eeee08f53dab5f281b34a66dbffa0e7a588fdc68d665986b9ad419e4539e
d5fd0d4df85af8a7183a5f452026872375ff7be006a2f35ca422aa8cb1cc21ab
d9a961cb11b0be146784e3f5d274a8e80b5aab5a101d2122c6e5e3848896caf6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb563ee309d692f5d2676d2d4d10a13e81c9dc693990ec4620b900035d4d83
e3f909f1661fa93f371b9084389b473dfbacd0ca1e3121d133f6fda5d03b0eef
ec0a1c69d6ace5b3d684caf0e796140ed906d5ae65d5457346fc2f2b0b62d99a
ed859c0e3bf6486d6182e565f888bad6325dc56bb85f1123f07293ceb0291ae8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02147fcc907860d72af91054808f8053d90ef551743af08d15aa546f6878ef2
f2100a9a3f7fa63aa8ba7d1e9e13ed636d0a0346f5c33e51159fffb7033456d5
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
f89d9bd3cac6b4f50f09fd0517966c4bed6d40bafa00d59ce5d304d8d9923ae5
f9c7ea5005c3dd83b02a6172cdcd1534450884456e34a7c8df80c0d9ff1ee9b2
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffe9588a123dab966f68987aa709c453cf2193833e600ea5b4fec32bad755634