urlscan.io logo urlscan.io
SecurityTrails logo

win.ma Open in urlscan Pro
105.73.3.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://win.ma/
Effective URL: https://win.ma/
Submission: On December 24 via manual from MA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 7 countries across 17 domains to perform 109 HTTP transactions. The main IP is 105.73.3.20, located in Morocco and belongs to MAROCCONNECT, MA. The main domain is win.ma.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 8th 2022. Valid for: a year.
This is the only time win.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 105.73.3.20 36884 (MAROCCONNECT)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
1 101.53.161.135 14340 (SALESFORCE)
12 161.71.1.38 14340 (SALESFORCE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.103.58 16509 (AMAZON-02)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
4 104.107.160.223 16625 (AKAMAI-AS)
19 105.73.2.24 36884 (MAROCCONNECT)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 13.224.103.115 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.103.38 16509 (AMAZON-02)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 160.8.241.121 14340 (SALESFORCE)
2 160.8.253.123 14340 (SALESFORCE)
109 24
33    105.73.3.20 (Morocco)

ASN36884 (MAROCCONNECT, MA)
win.ma
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web.webpushs.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    101.53.161.135 (Japan)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ukb.la1-c2-ukb.salesforceliveagent.com
c.la1-c2-ukb.salesforceliveagent.com
12    161.71.1.38 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-lhr3.um4-lo2.force.com
service.force.com
6    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.224.103.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-58.zrh50.r.cloudfront.net
static.hotjar.com
2    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
4    104.107.160.223 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-160-223.deploy.static.akamaitechnologies.com
pixel.mathtag.com
19    105.73.2.24 (Morocco)

ASN36884 (MAROCCONNECT, MA)
api.win.ma
4    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.sendpulse.com
1    13.224.103.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-115.zrh50.r.cloudfront.net
script.hotjar.com
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.224.103.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-38.zrh50.r.cloudfront.net
vars.hotjar.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    160.8.241.121 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl10-ncg0-cdg3.la2-c1cs-cdg.salesforceliveagent.com
d.la2-c1cs-cdg.salesforceliveagent.com
2    160.8.253.123 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl14-ncg0-fra3.la2-c1cs-fra.salesforceliveagent.com
d.la2-c1cs-fra.salesforceliveagent.com
Apex Domain
Subdomains		 Transfer
52 win.ma
win.ma
api.win.ma
1 MB
12 force.com
service.force.com — Cisco Umbrella Rank: 3402
42 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
65 KB
5 salesforceliveagent.com
c.la1-c2-ukb.salesforceliveagent.com — Cisco Umbrella Rank: 666011
d.la2-c1cs-cdg.salesforceliveagent.com
d.la2-c1cs-fra.salesforceliveagent.com — Cisco Umbrella Rank: 534267
47 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
277 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6041
782 B
4 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4762
1016 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
200 KB
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 904
4 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
3 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 643
script.hotjar.com — Cisco Umbrella Rank: 811
vars.hotjar.com — Cisco Umbrella Rank: 936
73 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 24102
17 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
163 KB
1 sendpulse.com
cdn.sendpulse.com — Cisco Umbrella Rank: 31399
37 KB
1 webpushs.com
web.webpushs.com — Cisco Umbrella Rank: 48102
37 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
869 B
0 igodigital.com Failed
100013341.collect.igodigital.com Failed
109 17
Domain Requested by
33 win.ma 1 redirects win.ma
cdn.sendpulse.com
19 api.win.ma win.ma
12 service.force.com win.ma
service.force.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
win.ma
4 www.facebook.com win.ma
4 www.google.de win.ma
4 connect.facebook.net win.ma
connect.facebook.net
4 pixel.mathtag.com www.googletagmanager.com
pixel.mathtag.com
win.ma
3 www.google.com win.ma
2 d.la2-c1cs-fra.salesforceliveagent.com service.force.com
2 d.la2-c1cs-cdg.salesforceliveagent.com service.force.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 web-sdk.smartlook.com www.googletagmanager.com
web-sdk.smartlook.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.googletagmanager.com win.ma
www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 region1.analytics.google.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 cdn.sendpulse.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 c.la1-c2-ukb.salesforceliveagent.com win.ma
1 web.webpushs.com win.ma
1 fonts.googleapis.com win.ma
0 100013341.collect.igodigital.com Failed www.googletagmanager.com
109 24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
www.twitter.com
inwi.ma
winbyinwi.page.link
Subject Issuer Validity Valid
*.win.ma
Sectigo RSA Domain Validation Secure Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
web.webpushs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-05 -
2023-01-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
la1-c2-ukb.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-01		 a year crt.sh
*.um4.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-14 -
2023-02-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
1688964705.rsc.cdn77.org
R3		 2022-10-19 -
2023-01-17		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-03 -
2023-01-01		 3 months crt.sh
1603358863.rsc.cdn77.org
R3		 2022-12-10 -
2023-03-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
la2-c1cs-cdg.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-01		 a year crt.sh
la2-c1cs-fra.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-01		 a year crt.sh

This page contains 5 frames:

Primary Page: https://win.ma/
Frame ID: 5669AD208A00BECF0FCE89C26CAE8267
Requests: 94 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=573963a7-44b8-4500-bf1c-478e0b091765&no_iframe=1&mt_adid=222478&source=mathtag
Frame ID: 34EAF82D01200E0B6D354866DFA55080
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: FE6629CD0069F1E54BAF7E37BB79BE16
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 953C7364C32F309E58E8C334DF167816
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Frame ID: 802DB968200D6B32B04F421F005C6B1B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

win by inwi | Forfait 100% digital

Page URL History Show full URLs

  1. http://win.ma/ HTTP 301
    https://win.ma/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • service\.force\.com
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

109
Requests

99 %
HTTPS

57 %
IPv6

17
Domains

24
Subdomains

24
IPs

7
Countries

2202 kB
Transfer

6187 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://win.ma/ HTTP 301
    https://win.ma/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
win.ma/
Redirect Chain
  • http://win.ma/
  • https://win.ma/
138 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
17225a54b4f8eade0845cba35c547f902699f72335694827837cc921914223db
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
none
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Sat, 24 Dec 2022 18:28:05 GMT
ETag
"22890-Xo7FJeP10TMsrwqzHQENfRUveWI"
Link
</_nuxt/c7ab2d5.js>; rel=preload; as=script, </_nuxt/97583d8.js>; rel=preload; as=script, </_nuxt/ab03aca.js>; rel=preload; as=script, </_nuxt/b3aec33.js>; rel=preload; as=script
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://win.ma/
Server
BigIP
c7ab2d5.js
win.ma/_nuxt/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
2f841434427182dcac1917c9d5260a4e44b417fc0b77bde50dadc3932cd56b57
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:05 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"1360-1852f2bc8e0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
97583d8.js
win.ma/_nuxt/ 		210 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
68135f0d4c576343139f67c3f248cab95744979ba4b55dd8a93dfb95cd19ebd6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:05 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"347cd-1852f2bc8c8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
ab03aca.js
win.ma/_nuxt/ 		1 MB
321 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/ab03aca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
a4d26784eb413cc5fba750d6de941168e67449fb35ca11320b5874b64f5c61a8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:05 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"15f301-1852f2bc8e0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
b3aec33.js
win.ma/_nuxt/ 		865 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/b3aec33.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
d90aa0ecebaf9f7c081ecd985b9626d22a6223c972a341e1201106513bdcc003
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:05 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"d838e-1852f2bc8c8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
icon
fonts.googleapis.com/ 		569 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Dec 2022 18:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 18:28:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Dec 2022 18:28:05 GMT
ca618ca695daff172389373ddf8129e6_1.js
web.webpushs.com/js/push/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.webpushs.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
928e9df00697f23cf6b5362e6daf494b0faf6092ad0285f53a28c89ac081d56e
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 24 Dec 2022 18:28:05 GMT
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
374126
x-xss-protection
1; mode=block
x-77-nzt
AZySIRmRhdn/brUFAA
x-accel-expires
@1672137159
x-sp-ma
sp-ma-0
last-modified
Mon, 20 Dec 2021 17:39:45 GMT
server
CDN77-Turbo
etag
W/"1cf9d-5d3975fdd7280"
x-77-nzt-ray
cf87872766f1c4d2b544a763a1f96c1a
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
access-control-allow-origin
*
x-sp-pr
lpr7
cache-control
max-age=604800
expires
Tue, 27 Dec 2022 10:32:39 GMT
gtm.js
www.googletagmanager.com/ 		288 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b86c86999f8ad5292e3a8db59eea12c47d28962600fafdb08201753cbc463ced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 18:28:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89192
x-xss-protection
0
last-modified
Sat, 24 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Dec 2022 18:28:05 GMT
smartbanner.min.css
win.ma/smartbanner/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.css
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
4a7d0510aec4f589119412e8c04adcbbc2b40d6df0477e8bcf367e4d72583823
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:05 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Wed, 23 Nov 2022 09:48:01 GMT
ETag
W/"e60-184a3e31c68"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
deployment.js
c.la1-c2-ukb.salesforceliveagent.com/content/g/js/44.0/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.la1-c2-ukb.salesforceliveagent.com/content/g/js/44.0/deployment.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
101.53.161.135 , Japan, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl4-ukb.la1-c2-ukb.salesforceliveagent.com
Software
Jetty /
Resource Hash
f64ef4a15bcabc99c1b1d29eee628dade3617a51abdc311c8ca1a6516673d013

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:06 GMT
Cache-Control
max-age=60, must-revalidate
Last-Modified
Mon, 07 Nov 2022 09:59:36 GMT
Server
Jetty
Accept-Ranges
bytes
Content-Length
42107
Content-Type
application/javascript
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:42:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:36:44 GMT
Content-Encoding
gzip
Age
27960
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8312
X-XSS-Protection
1; mode=block
Expires
Sun, 25 Dec 2022 10:42:05 GMT
smartbanner.min.js
win.ma/smartbanner/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/smartbanner/smartbanner.min.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
4b1666d27de9b0243a7a11fbae7d106d5e603eacab9b4b49aea89f5f0790afa2
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:05 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Wed, 23 Nov 2022 09:48:01 GMT
ETag
W/"4da3-184a3e31c68"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:42:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding
gzip
Age
27961
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1918
X-XSS-Protection
1; mode=block
Expires
Sun, 25 Dec 2022 10:42:06 GMT
8daebd5.js
win.ma/_nuxt/ 		47 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/8daebd5.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
8f8e1533208a538ff9439a2e949f5ce447d9f90835ad7141362b8431e5806bb3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:07 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"bb29-1852f2bc8c0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
4f81b2e.js
win.ma/_nuxt/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/4f81b2e.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
b3b8f83e9afac062c757425243c4716ced5fb7682c94ddc39ae5180848aa76c7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:07 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"109fc-1852f2bc8c0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
37e7bce.js
win.ma/_nuxt/ 		230 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/37e7bce.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
eaa0f15c16957a4a67e434fa865e0141a98da75227140d4c0f65dc24d9637a71
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:07 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"3969b-1852f2bc8c0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
09010ae.js
win.ma/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/09010ae.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
72bea9a6dcf2bf5a2705efb91f165011c6214ea7630c5de4e4f487e7af347c51
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:07 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"640-1852f2bc8d0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
esw.min.css
service.force.com/embeddedservice/5.0/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:42:07 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding
gzip
Age
27960
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4027
X-XSS-Protection
1; mode=block
Expires
Sun, 25 Dec 2022 10:42:07 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 23:05:26 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 18 Feb 2022 00:21:14 GMT
Content-Encoding
gzip
Age
69761
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5803
X-XSS-Protection
1; mode=block
Expires
Sat, 24 Dec 2022 23:05:26 GMT
376b8af.js
win.ma/_nuxt/ 		111 B
683 B 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/376b8af.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
ef00359e75e232adff07353c697e04160beae73e41dddaf7510de8950d7bbf78
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:07 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"6f-1852f2bc8e0"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
111
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 18:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
48
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 24 Dec 2022 20:27:20 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/760638815/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760638815/?random=1671906488046&cv=11&fst=1671906488046&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&auid=1450348810.1671906488&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e036fe9325ccc9383191dc8031d35c34344552fb535888cb27ed16d907d282bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
888
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimize.js
www.google-analytics.com/gtm/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-5RFZXPK
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33d5ea774b9c03b38c4fbbae7826ee78a98fcbb2321d822edc88d98f235e3d21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 18:28:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45320
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Dec 2022 18:28:08 GMT
hotjar-2973519.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2973519.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-58.zrh50.r.cloudfront.net
Software
/
Resource Hash
31c4409639e41146fa109da14bd5891beee2c130366a4bd358f0aea0c06a479d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 18:28:06 GMT
via
1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
2
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/5c286a9c04ff5a158fc8dd1091c41b29
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
X8H_Oyv2-IFI8LmvsoRmQSxFS7xShNFRiJoE3tOTylC_ZxReVQkk_A==
recorder.js
web-sdk.smartlook.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2ac8150003a3c49d2735c3e68ebde6e820308ff0ee6bf57e38604259a4931eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 24 Dec 2022 18:28:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
144
x-77-nzt
Abk73BBesSH/kAAAAA
x-accel-expires
@1671906944
last-modified
Wed, 21 Dec 2022 12:31:30 GMT
server
CDN77-Turbo
etag
W/"63a2fca2-c4a"
x-77-nzt-ray
90833930c99981aeb844a763eccdcf09
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
js
pixel.mathtag.com/event/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.107.160.223 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-160-223.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master cdg-pixel-x27 config:1.0.0 /
Resource Hash
546c530419fe56ec6b7f2973c9f583e16c3e7f7f8b8c9cd4a0c5adfdc6c46efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x27 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
text/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1493
Expires
Sat, 24 Dec 2022 18:28:07 GMT
web
api.win.ma/api/v1/content/config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/config/web
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
s-data
Access-Control-Request-Method
GET
Origin
https://win.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Date
Sat, 24 Dec 2022 18:28:07 GMT
Transfer-Encoding
chunked
menus
api.win.ma/api/v1/content/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/menus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
s-data
Access-Control-Request-Method
GET
Origin
https://win.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Date
Sat, 24 Dec 2022 18:28:07 GMT
Transfer-Encoding
chunked
care
api.win.ma/api/v1/content/pages/cart/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/care
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
s-data
Access-Control-Request-Method
GET
Origin
https://win.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Date
Sat, 24 Dec 2022 18:28:07 GMT
Transfer-Encoding
chunked
collect.js
100013341.collect.igodigital.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Dec 2022 18:28:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
w+M4Ou+E1N2plO/EX6x8TCG+Tpu6Ig2NncN1uYR9GrD+Oq+wTlHNeVFfuCqq5quF4UDvP64c6ypNT2jfNS8dwg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
ca618ca695daff172389373ddf8129e6_1.js
cdn.sendpulse.com/js/push/ 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendpulse.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
928e9df00697f23cf6b5362e6daf494b0faf6092ad0285f53a28c89ac081d56e
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 24 Dec 2022 18:28:08 GMT
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
381258
x-xss-protection
1; mode=block
x-77-nzt
AcO1qhHgA7v/StEFAA
x-accel-expires
@1672130030
x-sp-ma
sp-ma-1
last-modified
Mon, 20 Dec 2021 17:39:45 GMT
server
CDN77-Turbo
etag
W/"1cf9d-5d3975fdd7280"
x-77-nzt-ray
4c1562240af54875b844a7636290120a
vary
Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
access-control-allow-origin
*
x-sp-pr
lpr9
cache-control
max-age=604800
expires
Tue, 27 Dec 2022 08:33:50 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
be0b2423ee8f70b2a15d3b4ff7bba356d3e1e043e8691cc36828f2ce60f841cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 18:28:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77025
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Dec 2022 18:28:08 GMT
fb-sdk.js
win.ma/scripts/ 		480 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/scripts/fb-sdk.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/b3aec33.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
07c43968f186b302f96af6c64e52e95770a7441f92318f312f9d06464be0d29e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Wed, 23 Nov 2022 09:48:01 GMT
ETag
W/"1e0-184a3e31c68"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
480
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
image
api.win.ma/api/v1/ 		281 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0200_full_width_image_16_10_desktop/public/2022-09/VF_0.png
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
7630bf6c96329a1d26b96cfe54bac06d2ced9022422db77768c5e6cd3576f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Content-Length
287390
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
web
api.win.ma/api/v1/content/config/ 		924 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/config/web
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
8da0380984ad1d961e8cb3a22510c1f5aa204704c89556a5c34a9d963642096d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjE0LjAiLCJkZXZpY2VUeXBlIjoiRGVza3RvcCJ9
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
application/json;charset=ISO-8859-1
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
0
menus
api.win.ma/api/v1/content/ 		3 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/menus
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
4c9c5532fe097c816a3b583eb7b0fbfe8a01f1dfd03c968206a58f4adc78bcbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjE0LjAiLCJkZXZpY2VUeXBlIjoiRGVza3RvcCJ9
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Vary
Accept-Encoding
Expires
0
care
api.win.ma/api/v1/content/pages/cart/ 		285 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/care
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
77db2268879c4bd8b7152ae3875f2d02cf74f1b64e147cbe011ed6e9aa2815da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjE0LjAiLCJkZXZpY2VUeXBlIjoiRGVza3RvcCJ9
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
0
seo
api.win.ma/api/v1/content/pages/cart/ 		435 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/seo
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
b60a378fb65885b8ec4818bb27421659cae33fead8f7926fa4d2c5fb195af6a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjE0LjAiLCJkZXZpY2VUeXBlIjoiRGVza3RvcCJ9
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Expires
0
tree
api.win.ma/api/v2/content/proxy/taxonomy/CATEGORIES_FAQ/ 		6 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v2/content/proxy/taxonomy/CATEGORIES_FAQ/tree
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
be9bab6e4e6416d2d6d23da38771fbec5a682d7affc3dbac3d7a4ea9322098db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjE0LjAiLCJkZXZpY2VUeXBlIjoiRGVza3RvcCJ9
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Vary
Accept-Encoding
Expires
0
matrix_strips
api.win.ma/api/v1/config/data/ 		3 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/config/data/matrix_strips
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
73915941b956f9d0861ecf80677f77008b28ef85b716aff3a47b8bf264546b74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjE0LjAiLCJkZXZpY2VUeXBlIjoiRGVza3RvcCJ9
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:08 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Vary
Accept-Encoding
Expires
0
seo
api.win.ma/api/v1/content/pages/cart/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/content/pages/cart/seo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
s-data
Access-Control-Request-Method
GET
Origin
https://win.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Date
Sat, 24 Dec 2022 18:28:07 GMT
Transfer-Encoding
chunked
tree
api.win.ma/api/v2/content/proxy/taxonomy/CATEGORIES_FAQ/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v2/content/proxy/taxonomy/CATEGORIES_FAQ/tree
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
s-data
Access-Control-Request-Method
GET
Origin
https://win.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Date
Sat, 24 Dec 2022 18:28:07 GMT
Transfer-Encoding
chunked
matrix_strips
api.win.ma/api/v1/config/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v1/config/data/matrix_strips
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
s-data
Access-Control-Request-Method
GET
Origin
https://win.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Date
Sat, 24 Dec 2022 18:28:07 GMT
Transfer-Encoding
chunked
omnes_medium-webfont.a6ce87c.woff2
win.ma/_nuxt/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/omnes_medium-webfont.a6ce87c.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
3f0d7c0333abb9c4d347f275374265e13d66980e583abacb903775f1157fae8c
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"52c4-1852f2bc8bc"
Content-Type
font/woff2
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21188
omnes_semibold-webfont.e7764fc.woff2
win.ma/_nuxt/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/omnes_semibold-webfont.e7764fc.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
59e7831de0690c5b31adbba6b527998dcff5c3b6075c3e37d8a9ffce972812be
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"5548-1852f2bc8bc"
Content-Type
font/woff2
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21832
image
api.win.ma/api/v1/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/play-pause.png&itok=uVWC1zkC
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
012b1b5db9be308980d0cb4669f7905c3da87bb3848fabb04cb1709008305afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Content-Length
41763
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-personnalisation-forfait.png&itok=Hr-Q-snG
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
aa69ca1c759ca8aa8ed780103a4be321abdd5853293ab606b73940f0d707ece8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:08 GMT
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Content-Length
6579
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-chat.png&itok=Nz8Fc3-3
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
30492c3c8dc6b694a7e322bcfda99fbf937dc76c57d9a73b5e2cba41337dbc81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:08 GMT
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Content-Length
5786
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
image
api.win.ma/api/v1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.win.ma/api/v1/image?route=styles/section_0050_pictos_1_1_desktop/public/paragraphs/icn-choix-numero.png&itok=ZNCHjSy9
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
22aef86fdf5b1f06d36e40741285a13f9f2f3ebf234f839a2f8a20c209e828f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:08 GMT
X-Content-Type-Options
nosniff
Accept-Encoding
br;q=1.0, gzip;q=0.8, *;q=0.1
Accept-Language
fr
Content-disposition
inline
Content-Length
5795
X-XSS-Protection
1; mode=block
Accept-Charset
utf-8, iso-8859-1;q=0.5
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept
image/png
access-control-expose-headers
Content-Length
Cache-Control
public, max-age=604800
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
omnes_light-webfont.c58c48e.woff2
win.ma/_nuxt/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/omnes_light-webfont.c58c48e.woff2
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
9d60361f6baee537cb00e5dff659fdef39dbbfaf81d1419208590fec3ea7348f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"4f9c-1852f2bc8bc"
Content-Type
font/woff2
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20380
omnes_regular_webfont.dcad415.ttf
win.ma/_nuxt/fonts/ 		52 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/omnes_regular_webfont.dcad415.ttf
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
3fa42049b24b25fe3e60b5b9c3ce3b4896385b2182e795dd7840ee6ff6e79408
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"d048-1852f2bc8bc"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
font/ttf
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=326124669&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&ul=en-us&de=UTF-8&dt=win%20by%20inwi%20%7C%20Forfait%20100%25%20digital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAAI~&jid=25091094&gjid=1423249805&cid=828029468.1671906488&tid=UA-132696877-4&_gid=474595679.1671906488&_r=1&gtm=2wgbu0P93VBML&z=1736927630
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.352fddba5b21bbfc3a08.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2973519.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-115.zrh50.r.cloudfront.net
Software
/
Resource Hash
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 08:07:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
210063
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68894
last-modified
Thu, 22 Dec 2022 08:06:23 GMT
etag
"3256c76707175033b83ffe82f89b32ec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
emDqzYOWzBHRcMMnvKgYXPviaWis7dID5_X4b4kuUVdJoCZQ3_jCLQ==
/
www.google.com/pagead/1p-user-list/760638815/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/760638815/?random=1671906488046&cv=11&fst=1671904800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&fmt=3&is_vtc=1&random=1777394498&rmt_tld=0&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/760638815/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/760638815/?random=1671906488046&cv=11&fst=1671904800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20%7C%20Premier%20Op%C3%A9rateur%20Mobile%20100%25%20Digital%20au%20Maroc&fmt=3&is_vtc=1&random=1777394498&rmt_tld=1&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
pixel.mathtag.com/sync/ Frame 34EA 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=573963a7-44b8-4500-bf1c-478e0b091765&no_iframe=1&mt_adid=222478&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1409059&mt_adid=222478&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.107.160.223 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-160-223.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master cdg-pixel-x29 config:1.0.0 /
Resource Hash
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer
https://win.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
713
Content-Type
text/html
Date
Sat, 24 Dec 2022 18:28:08 GMT
Expires
Sat, 24 Dec 2022 18:28:07 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 277 3f0ad7a master cdg-pixel-x29 config:1.0.0
init.7171b9a4c8e511f032f0.js
web-sdk.smartlook.com/es6/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.7171b9a4c8e511f032f0.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f000048e202ba3ed2a2d49bc09f11e77faa217ac28d71dd8b435f2ef6009cf5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://win.ma/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sat, 24 Dec 2022 18:28:08 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
278467
x-77-nzt
Abk73BD4HJv/wz8EAA
x-accel-expires
@1703164021
last-modified
Wed, 21 Dec 2022 12:31:30 GMT
server
CDN77-Turbo
etag
W/"63a2fca2-d8e6"
x-77-nzt-ray
908339309c97b4b3b844a763bf3b2615
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
img
pixel.mathtag.com/comp/ 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.107.160.223 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-160-223.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master cdg-pixel-x34 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x34 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sat, 24 Dec 2022 18:28:07 GMT
357379934942021
connect.facebook.net/signals/config/ 		295 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/357379934942021?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b30f7c9786363bb380bf2d74f75428ba083de0cdee4c188c44cb2bfc9a64f21c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Dec 2022 18:28:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
wKF9+1llFHHnyjk4eOQTXuMG3+5nASwWwg2EOcxxGQmaExV3GinqN9V+i7XvC+x8R3Y4KrPfWZwtHbenQyxWxg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
341 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JJCSB1TNN7&gtm=2oebu0&_p=326124669&_gaz=1&cid=828029468.1671906488&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&cu=MAD&sid=1671906488&sct=1&seg=0&dl=https%3A%2F%2Fwin.ma%2F&dt=win%20by%20inwi%20%7C%20Forfait%20100%25%20digital&en=page_view&_fv=2&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
332 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JJCSB1TNN7&cid=828029468.1671906488&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JJCSB1TNN7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JJCSB1TNN7&cid=828029468.1671906488&gtm=2oebu0&aip=1&z=147050919
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: win.ma
URL: https://win.ma/scripts/fb-sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1a9b34b7229526d711a695470f242e68a706e349be053932034d664bfd27c51a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 18:28:08 GMT
content-md5
OVNM+BtcAd7ghmJRwxMVkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
yi+GOPtIfazYIoXulTF1meroVfG1VmNs0cgGqd17Ra2RzbEiFhj7sQFtLgLks4FpdVRtbvYl4iqHDRChKPDx3g==
x-fb-content-md5
fdbd23a4d6abd5680437c66ce9075fdd
cross-origin-opener-policy
same-origin-allow-popups
etag
"5276fd83f3a06d64f65ffac3b259decb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Sat, 24 Dec 2022 18:45:11 GMT
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame FE66 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2973519.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-38.zrh50.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://win.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1863966
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 04:42:02 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-id
21QKHDB9o5MRBTDYiP2a1Hm-tCF5XyZoEXqMjlHhBNWRAXzUFTmMeQ==
x-amz-cf-pop
ZRH50-C1
x-cache
Hit from cloudfront
x-robots-tag
none
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=326124669&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAACACI~&jid=124744436&gjid=1596625645&cid=828029468.1671906488&tid=UA-132696877-5&_gid=474595679.1671906488&_r=1&gtm=2wgbu0P93VBML&z=389437914
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=326124669&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAACACI~&jid=&gjid=&cid=828029468.1671906488&tid=UA-132696877-5&_gid=474595679.1671906488&gtm=2wgbu0P93VBML&z=1585198560
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 04:42:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49534
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=326124669&t=pageview&_s=1&dl=https%3A%2F%2Fwin.ma%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABQAAAACACI~&jid=&gjid=&cid=828029468.1671906488&tid=UA-132696877-5&_gid=474595679.1671906488&gtm=2wgbu0P93VBML&z=719267162
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 04:42:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49534
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/760639278/ 		2 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/760639278/?random=1671906488373&cv=11&fst=1671906488373&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20by%20inwi%20%7C%20Forfait%20100%25%20digital&auid=1450348810.1671906488&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f696e95e7f060ddddbf6f1e20e97e0b69dea0dcec0506833ee8473ecf179b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
871
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/comp/ Frame 34EA 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=573963a7-44b8-4500-bf1c-478e0b091765&no_iframe=1&mt_adid=222478&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.107.160.223 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-160-223.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master cdg-pixel-x29 config:1.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=573963a7-44b8-4500-bf1c-478e0b091765&no_iframe=1&mt_adid=222478&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Server
MT3 277 3f0ad7a master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sat, 24 Dec 2022 18:28:07 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1c4eab749ce3365b469c9f9fa6e811d6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ecc742772817f67c6ea8fac1fee1a01587feb2149a3c4dc9ed9d9eaf3288c8b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://win.ma/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 18:28:08 GMT
content-md5
k3oIweHlWOR5u9izzdYTCg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88477
x-fb-rlafr
0
x-fb-debug
rnfGYmHZOhlCvpxyhtN/f5OvkjTNXgmuSxs4iPPK4fgEk5bjaVEHKRGithG4TmilT0e5m+nEgpIazd4t7Rtrkw==
x-fb-content-md5
b59b48696191775948f1a3dcb8893583
cross-origin-opener-policy
same-origin-allow-popups
etag
"5644a2754245187d9043bda43d13f3d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Dec 2023 15:27:29 GMT
e1c334b.js
win.ma/_nuxt/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/e1c334b.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
a2f705ef52318af97b487555beeba4923883fe4de04a9f3ea4a2c365b86abb7b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"8dfb-1852f2bc8c4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
0a521fb.js
win.ma/_nuxt/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/0a521fb.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
eed30096dee95a5cfa75b8b35facbdde03cac94160a9307c9a3cb9bd63bccb06
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"f7f-1852f2bc8c8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
79a9010.js
win.ma/_nuxt/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/79a9010.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
75b19d13eef10148254c88bbd04e13877470ac1d15f2f6c6ed70b866d6dfb79e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"7695-1852f2bc8c0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
92553b9.js
win.ma/_nuxt/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/92553b9.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
c92e680e5e2fe0d1e672b38eebfe614821069e084ede73fb150584db1020286d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"69f3-1852f2bc8c4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
20ff383.js
win.ma/_nuxt/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/20ff383.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
6ac72aa8acd2ecf98b8ae88ffbee4375cf780df6793fe4802d556b39c70b79ea
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"61f0-1852f2bc8c4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
ecc8398.js
win.ma/_nuxt/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/ecc8398.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
8fc13260bb84c27d30c308529dc2c3b1a878bde2919ca2d80a8e9cc87f70b82b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"5602-1852f2bc8d4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-132696877-4&cid=828029468.1671906488&jid=25091094&gjid=1423249805&_gid=474595679.1671906488&_u=YEBAAEAAQAAAACAAI~&z=752990962
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 24 Dec 2022 18:28:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-132696877-4&cid=828029468.1671906488&jid=25091094&_u=YEBAAEAAQAAAACAAI~&z=251135725
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-132696877-4&cid=828029468.1671906488&jid=25091094&_u=YEBAAEAAQAAAACAAI~&z=251135725
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 953C 		0
197 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://win.ma
Referer
https://win.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://win.ma
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 18:28:08 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=625129961180044&ev=fb_page_view&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1671906488558&sw=1600&sh=1200&at=
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Dec 2022 18:28:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=625129961180044&ev=fb_page_view&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1671906488559&sw=1600&sh=1200&at=
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Dec 2022 18:28:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/760639278/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/760639278/?random=1671906488373&cv=11&fst=1671904800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20by%20inwi%20%7C%20Forfait%20100%25%20digital&fmt=3&is_vtc=1&random=4281919422&rmt_tld=0&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/760639278/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/760639278/?random=1671906488373&cv=11&fst=1671904800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwin.ma%2F&tiba=win%20by%20inwi%20%7C%20Forfait%20100%25%20digital&fmt=3&is_vtc=1&random=4281919422&rmt_tld=1&ipr=y
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 18:28:08 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
faq_items
api.win.ma/api/v2/content/proxy/api/get-content/ 		188 KB
189 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v2/content/proxy/api/get-content/faq_items
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/97583d8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
d22aa90c91a599deaca2baa7c3510c89d3d6aa918ecbdab1afdec8c56e1ac1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

S-Data
eyJjYW5hbCI6IldFQiIsImFwcFZlcnNpb24iOiIxLjE0LjAiLCJkZXZpY2VUeXBlIjoiRGVza3RvcCJ9
Accept
application/json, text/plain, */*
Referer
https://win.ma/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Date
Sat, 24 Dec 2022 18:28:07 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Pragma
no-cache
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Frame-Options
DENY
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Vary
Accept-Encoding
Expires
0
faq_items
api.win.ma/api/v2/content/proxy/api/get-content/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.win.ma/api/v2/content/proxy/api/get-content/faq_items
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.2.24 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
s-data
Access-Control-Request-Method
GET
Origin
https://win.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Headers, authorization, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, S-Data, Content-Disposition
Access-Control-Allow-Methods
DELETE, GET, HEAD, OPTIONS, POST, PUT, PATCH
Access-Control-Allow-Origin
*
Access-Control-Max-Age
7200
Date
Sat, 24 Dec 2022 18:28:07 GMT
Transfer-Encoding
chunked
MitraLTBold.40b2e2d.woff
win.ma/_nuxt/fonts/ 		130 KB
131 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/fonts/MitraLTBold.40b2e2d.woff
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
40d08430de7391a713da77e41cda28323fb8459188019d8756054369ec553cc7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

Referer
https://win.ma/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"20868-1852f2bc8bc"
Content-Type
font/woff
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
133224
5f07bb5.js
win.ma/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/5f07bb5.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
e51769f848809a956b16b6ca4a10a85d21fcc44977f34f430869f23639cb5430
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"6f6-1852f2bc8d4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
6665fe9.js
win.ma/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/6665fe9.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
590f272fa9f1f817dfbbe02845a3148e2bd81e3fb0bd33700e18fdcc0ea87756
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"614-1852f2bc8d0"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
97a413d.js
win.ma/_nuxt/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/97a413d.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
0f5bbbd4db8d8419d94309525f6b210c65259ca0e6c6fedf0224aaabc5bd38c3
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"2cde-1852f2bc8d4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
4cf4f77.js
win.ma/_nuxt/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/4cf4f77.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
3d1a347741dbc46ee0af4dfff282db782f3879b7ea7962aa4b9ced2e5197e902
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"47f3-1852f2bc8c8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
017284d.js
win.ma/_nuxt/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/017284d.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
817a95c8fe46f05c1eddd16e2900cfe481140e1702acf3a41f6a915ed15b9046
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"1125c-1852f2bc8c4"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
4fb51c9.js
win.ma/_nuxt/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.ma/_nuxt/4fb51c9.js
Requested by
Host: win.ma
URL: https://win.ma/_nuxt/c7ab2d5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
e9fd5ab57c7758950d26094ea8d51ef68e3170a57cce4c3056f0d611d359d042
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:08 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Tue, 20 Dec 2022 10:54:36 GMT
ETag
W/"9982-1852f2bc8cc"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=357379934942021&ev=Microdata&dl=https%3A%2F%2Fwin.ma%2F&rl=&if=false&ts=1671906488986&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22win%20by%20inwi%20%7C%20Forfait%20100%25%20digital%22%2C%22meta%3Adescription%22%3A%22D%C3%A9couvez%20win%2C%20le%20premier%20op%C3%A9rateur%20mobile%20digital%20au%20Maroc%20et%20b%C3%A9n%C3%A9ficiez%20d%C3%A8s%20aujourd%E2%80%99hui%20d%27offres%20mobiles%20personnalisables%20et%20flexibles%20sur%20le%20meilleur%20r%C3%A9seau%20Internet%20mobile%20au%20Maroc%20!%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22fr_FR%22%2C%22og%3Alocale%3Aalternate%22%3A%22ar_MA%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671906488468.1233086714&it=1671906488276&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: win.ma
URL: https://win.ma/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Dec 2022 18:28:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sp-push-worker-fb.js
win.ma/ 		73 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.ma/sp-push-worker-fb.js
Requested by
Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
e2a91872ec3acf90b043e0a5c7d7870681ab685704b334a163194aaa55faacbc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:09 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 21 Nov 2022 19:03:00 GMT
ETag
W/"49-1849b927ea0"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73
esw.html
service.force.com/embeddedservice/5.0/ Frame 802D 		194 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://win.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=86400
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 18:28:09 GMT
Expires
Sun, 25 Dec 2022 18:28:09 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
sp-push-worker-fb.js
win.ma/ 		73 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.ma/sp-push-worker-fb.js
Requested by
Host: cdn.sendpulse.com
URL: https://cdn.sendpulse.com/js/push/ca618ca695daff172389373ddf8129e6_1.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
105.73.3.20 , Morocco, ASN36884 (MAROCCONNECT, MA),
Reverse DNS
Software
/
Resource Hash
e2a91872ec3acf90b043e0a5c7d7870681ab685704b334a163194aaa55faacbc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 18:28:09 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains; preload
Last-Modified
Mon, 21 Nov 2022 19:03:00 GMT
ETag
W/"49-1849b927ea0"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73
eswFrame.min.js
service.force.com/embeddedservice/5.0/ Frame 802D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
9ba7853e578c8036077b1780006fc85ee9ba730046884b4f20ebc25e887c6a6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:09:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:36:44 GMT
Content-Encoding
gzip
Age
29939
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1889
X-XSS-Protection
1; mode=block
Expires
Sun, 25 Dec 2022 10:09:10 GMT
session.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 802D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 23:08:24 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 02 Mar 2021 18:51:46 GMT
Content-Encoding
gzip
Age
69585
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
768
X-XSS-Protection
1; mode=block
Expires
Sat, 24 Dec 2022 23:08:24 GMT
broadcast.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 802D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 23:07:34 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding
gzip
Age
69635
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
779
X-XSS-Protection
1; mode=block
Expires
Sat, 24 Dec 2022 23:07:34 GMT
chasitor.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 802D 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
6497c23700ad2835951df9c4fbe73b575fc55d7b95d2415e7b76ca03032c80a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:42:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 09 Dec 2022 15:50:32 GMT
Content-Encoding
gzip
Age
27956
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5096
X-XSS-Protection
1; mode=block
Expires
Sun, 25 Dec 2022 10:42:13 GMT
EmbeddedServiceConfig.jsonp
d.la2-c1cs-cdg.salesforceliveagent.com/chat/rest/EmbeddedService/ 		165 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2-c1cs-cdg.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D3O0000004pl8&EmbeddedServiceConfig.configName=Discuter_avec_Einstein_Bot&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=fr
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.241.121 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-cdg3.la2-c1cs-cdg.salesforceliveagent.com
Software
/
Resource Hash
cff6dec66b664a2f6008da408343322568dfc3af38c6696f34eb77830f235db4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:09:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding
gzip
Age
29938
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4540
X-XSS-Protection
1; mode=block
Expires
Sun, 25 Dec 2022 10:09:11 GMT
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
https://service.force.com/
Origin
https://win.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/octet-stream
filetransfer.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame 802D 		473 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 10:09:12 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
29937
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
231
X-XSS-Protection
1; mode=block
Expires
Sun, 25 Dec 2022 10:09:12 GMT
Settings.jsonp
d.la2-c1cs-cdg.salesforceliveagent.com/chat/rest/Visitor/ 		168 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2-c1cs-cdg.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5730N0000000Blz]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720N0000000Bd8&org_id=00D3O0000004pl8&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.241.121 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-cdg3.la2-c1cs-cdg.salesforceliveagent.com
Software
/
Resource Hash
0621017210aaa088526bf6b500a1a5d82144dff566aadaeaaf4fdd9fa87f6d1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 23:05:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
69760
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2469
X-XSS-Protection
1; mode=block
Expires
Sat, 24 Dec 2022 23:05:29 GMT
EmbeddedServiceConfig.jsonp
d.la2-c1cs-fra.salesforceliveagent.com/chat/rest/EmbeddedService/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2-c1cs-fra.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D3O0000004pl8&EmbeddedServiceConfig.configName=Discuter_avec_Einstein_Bot&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=fr
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.253.123 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl14-ncg0-fra3.la2-c1cs-fra.salesforceliveagent.com
Software
/
Resource Hash
0c81253e33adc18de7c893ba8ef3620046d7d2a9c0e99b73da05bdf0076a862f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
Settings.jsonp
d.la2-c1cs-fra.salesforceliveagent.com/chat/rest/Visitor/ 		344 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la2-c1cs-fra.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5730N0000000Blz]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5720N0000000Bd8&org_id=00D3O0000004pl8&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.253.123 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl14-ncg0-fra3.la2-c1cs-fra.salesforceliveagent.com
Software
/
Resource Hash
ea7e57a4783f928d12e103ec957a7ce3ca30002214bef39a5ff89220547c5416
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://win.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
100013341.collect.igodigital.com
URL
http://100013341.collect.igodigital.com/collect.js

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange function| include string| path string| lang object| __NUXT__ object| oSpPOptions function| oPromptPush object| oSpP object| core object| __core-js_shared__ object| firebase function| UAParser object| google_tag_manager object| google_tag_data object| dataLayer boolean| liveAgentDeployment object| liveagent object| embedded_svc function| initESW undefined| s object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate function| _ object| onNuxtReadyCbs function| onNuxtReady function| Hammer string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| hj object| _hjSettings function| smartlook function| fbq function| _fbq object| $nuxt object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| MtBts function| metric function| onYouTubeIframeAPIReady function| fbAsyncInit object| google_optimize object| FB object| webpackChunk_smartlook_recorder object| __buffer object| gsapVersions

22 Cookies

Domain/Path Name / Value
api.win.ma/api/v1 Name: f5avraaaaaaaaaaaaaaaa_session_
Value: GJPMPKLLEALDGOIKGLBFPAMGKDGAPPDALMALBNBEFIDMAJMABMDDJFPNNHKHKJILANIDIHGMNEIOECPPGMHAMMCGGEMIHOFMEIHFGIJLAMHBFDPMHCOAINNFFHNPBGFO
win.ma/ Name: f5avraaaaaaaaaaaaaaaa_session_
Value: JNJCJFHCIBKCDHPEGBNFDDBOCKHDIAJPMBMKPHGEBPCFEMBKFNJENFJADAJHANIJGOCDEEAMKEJLDLLMAHLAEPMGGEDHKHKPPJJPAADBPGGDCIKDAKOOAIPDIIKJGCPL
.win.ma/ Name: TS010594ad
Value: 018e1322ef966d61dd41e500790b975e266bc10868e4bca8db8ce41d16fd7acc53829286762132400e7e7e79bcc003363063f5f749758aed7da09997deee7d030f0a30573b
.win.ma/ Name: _gcl_au
Value: 1.1.1450348810.1671906488
win.ma/ Name: visitCount
Value: 1
.mathtag.com/ Name: uuid
Value: 573963a7-44b8-4500-bf1c-478e0b091765
.win.ma/ Name: _gid
Value: GA1.2.474595679.1671906488
.win.ma/ Name: _gat_UA-132696877-4
Value: 1
.win.ma/ Name: _ga_JJCSB1TNN7
Value: GS1.1.1671906488.1.0.1671906488.60.0.0
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.win.ma/ Name: _ga
Value: GA1.2.828029468.1671906488
.win.ma/ Name: _gat_UA-132696877-5
Value: 1
.win.ma/ Name: _fbp
Value: fb.1.1671906488468.1233086714
.doubleclick.net/ Name: IDE
Value: AHWqTUmVc_lTwGeFLlHA_g2TYii9qyJIPpKGhXry0yx_hn9aAzYO4a5uh7SjhzAf
.win.ma/ Name: _hjSessionUser_2973519
Value: eyJpZCI6IjUxMTk5OWIxLWY0NzAtNTU5My1iZWM5LTU2YWM4ZjJhYjIzYyIsImNyZWF0ZWQiOjE2NzE5MDY0ODg1MTEsImV4aXN0aW5nIjpmYWxzZX0=
.win.ma/ Name: _hjFirstSeen
Value: 1
win.ma/ Name: _hjIncludedInSessionSample
Value: 0
.win.ma/ Name: _hjSession_2973519
Value: eyJpZCI6IjRlYTE2YjcyLWMxZWUtNDBiOS05YzgwLWI2YjJlN2Q0ZWNjOSIsImNyZWF0ZWQiOjE2NzE5MDY0ODg1NjEsImluU2FtcGxlIjpmYWxzZX0=
.win.ma/ Name: _hjAbsoluteSessionInProgress
Value: 0
.api.win.ma/ Name: TS013f8de7
Value: 018e1322ef4d6e1c2910e54893f49903816c3e920f5513621c360b9129be48fc93fbf914e62d909ce55b1ba750d2ca317d865f81b39894129251c1c95e4ba37c74dd4458b6
.force.com/ Name: BrowserId_sec
Value: t1HdLIO4Ee2PkK0XARO7pA
win.ma/ Name: currentHome
Value: %2F

1 Console Messages

Source Level URL
Text
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93VBML&l=dataLayer(Line 510)
Message:
Mixed Content: The page at 'https://win.ma/' was loaded over HTTPS, but requested an insecure script 'http://100013341.collect.igodigital.com/collect.js'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100013341.collect.igodigital.com
api.win.ma
c.la1-c2-ukb.salesforceliveagent.com
cdn.sendpulse.com
connect.facebook.net
d.la2-c1cs-cdg.salesforceliveagent.com
d.la2-c1cs-fra.salesforceliveagent.com
fonts.googleapis.com
googleads.g.doubleclick.net
pixel.mathtag.com
region1.analytics.google.com
script.hotjar.com
service.force.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
web-sdk.smartlook.com
web.webpushs.com
win.ma
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
100013341.collect.igodigital.com
101.53.161.135
104.107.160.223
105.73.2.24
105.73.3.20
13.224.103.115
13.224.103.38
13.224.103.58
160.8.241.121
160.8.253.123
161.71.1.38
2001:4860:4802:34::36
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
2a00:1450:400d:80d::200e
2a02:6ea0:c700::10
2a02:6ea0:c700::18
2a02:6ea0:c700::19
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
012b1b5db9be308980d0cb4669f7905c3da87bb3848fabb04cb1709008305afe
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0621017210aaa088526bf6b500a1a5d82144dff566aadaeaaf4fdd9fa87f6d1d
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
07c43968f186b302f96af6c64e52e95770a7441f92318f312f9d06464be0d29e
0c81253e33adc18de7c893ba8ef3620046d7d2a9c0e99b73da05bdf0076a862f
0f5bbbd4db8d8419d94309525f6b210c65259ca0e6c6fedf0224aaabc5bd38c3
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
17225a54b4f8eade0845cba35c547f902699f72335694827837cc921914223db
1a9b34b7229526d711a695470f242e68a706e349be053932034d664bfd27c51a
1f696e95e7f060ddddbf6f1e20e97e0b69dea0dcec0506833ee8473ecf179b2f
22aef86fdf5b1f06d36e40741285a13f9f2f3ebf234f839a2f8a20c209e828f2
2ac8150003a3c49d2735c3e68ebde6e820308ff0ee6bf57e38604259a4931eac
2f841434427182dcac1917c9d5260a4e44b417fc0b77bde50dadc3932cd56b57
30492c3c8dc6b694a7e322bcfda99fbf937dc76c57d9a73b5e2cba41337dbc81
31c4409639e41146fa109da14bd5891beee2c130366a4bd358f0aea0c06a479d
33d5ea774b9c03b38c4fbbae7826ee78a98fcbb2321d822edc88d98f235e3d21
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
3d1a347741dbc46ee0af4dfff282db782f3879b7ea7962aa4b9ced2e5197e902
3f0d7c0333abb9c4d347f275374265e13d66980e583abacb903775f1157fae8c
3fa42049b24b25fe3e60b5b9c3ce3b4896385b2182e795dd7840ee6ff6e79408
40d08430de7391a713da77e41cda28323fb8459188019d8756054369ec553cc7
4a7d0510aec4f589119412e8c04adcbbc2b40d6df0477e8bcf367e4d72583823
4b1666d27de9b0243a7a11fbae7d106d5e603eacab9b4b49aea89f5f0790afa2
4c9c5532fe097c816a3b583eb7b0fbfe8a01f1dfd03c968206a58f4adc78bcbc
546c530419fe56ec6b7f2973c9f583e16c3e7f7f8b8c9cd4a0c5adfdc6c46efc
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
590f272fa9f1f817dfbbe02845a3148e2bd81e3fb0bd33700e18fdcc0ea87756
598684d34af3e0b2f2be1338d0bd066877b6df4e4588c3daae0813f59bd1f419
59e7831de0690c5b31adbba6b527998dcff5c3b6075c3e37d8a9ffce972812be
6497c23700ad2835951df9c4fbe73b575fc55d7b95d2415e7b76ca03032c80a5
68135f0d4c576343139f67c3f248cab95744979ba4b55dd8a93dfb95cd19ebd6
6ac72aa8acd2ecf98b8ae88ffbee4375cf780df6793fe4802d556b39c70b79ea
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
72bea9a6dcf2bf5a2705efb91f165011c6214ea7630c5de4e4f487e7af347c51
73915941b956f9d0861ecf80677f77008b28ef85b716aff3a47b8bf264546b74
75b19d13eef10148254c88bbd04e13877470ac1d15f2f6c6ed70b866d6dfb79e
7630bf6c96329a1d26b96cfe54bac06d2ced9022422db77768c5e6cd3576f7f1
77db2268879c4bd8b7152ae3875f2d02cf74f1b64e147cbe011ed6e9aa2815da
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
817a95c8fe46f05c1eddd16e2900cfe481140e1702acf3a41f6a915ed15b9046
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8da0380984ad1d961e8cb3a22510c1f5aa204704c89556a5c34a9d963642096d
8f8e1533208a538ff9439a2e949f5ce447d9f90835ad7141362b8431e5806bb3
8fc13260bb84c27d30c308529dc2c3b1a878bde2919ca2d80a8e9cc87f70b82b
928e9df00697f23cf6b5362e6daf494b0faf6092ad0285f53a28c89ac081d56e
9ba7853e578c8036077b1780006fc85ee9ba730046884b4f20ebc25e887c6a6e
9d60361f6baee537cb00e5dff659fdef39dbbfaf81d1419208590fec3ea7348f
a2f705ef52318af97b487555beeba4923883fe4de04a9f3ea4a2c365b86abb7b
a4d26784eb413cc5fba750d6de941168e67449fb35ca11320b5874b64f5c61a8
aa69ca1c759ca8aa8ed780103a4be321abdd5853293ab606b73940f0d707ece8
b30f7c9786363bb380bf2d74f75428ba083de0cdee4c188c44cb2bfc9a64f21c
b3b8f83e9afac062c757425243c4716ced5fb7682c94ddc39ae5180848aa76c7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b60a378fb65885b8ec4818bb27421659cae33fead8f7926fa4d2c5fb195af6a5
b86c86999f8ad5292e3a8db59eea12c47d28962600fafdb08201753cbc463ced
be0b2423ee8f70b2a15d3b4ff7bba356d3e1e043e8691cc36828f2ce60f841cc
be9bab6e4e6416d2d6d23da38771fbec5a682d7affc3dbac3d7a4ea9322098db
c92e680e5e2fe0d1e672b38eebfe614821069e084ede73fb150584db1020286d
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cff6dec66b664a2f6008da408343322568dfc3af38c6696f34eb77830f235db4
d22aa90c91a599deaca2baa7c3510c89d3d6aa918ecbdab1afdec8c56e1ac1b7
d90aa0ecebaf9f7c081ecd985b9626d22a6223c972a341e1201106513bdcc003
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e036fe9325ccc9383191dc8031d35c34344552fb535888cb27ed16d907d282bf
e2a91872ec3acf90b043e0a5c7d7870681ab685704b334a163194aaa55faacbc
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51769f848809a956b16b6ca4a10a85d21fcc44977f34f430869f23639cb5430
e9fd5ab57c7758950d26094ea8d51ef68e3170a57cce4c3056f0d611d359d042
ea7e57a4783f928d12e103ec957a7ce3ca30002214bef39a5ff89220547c5416
eaa0f15c16957a4a67e434fa865e0141a98da75227140d4c0f65dc24d9637a71
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ecc742772817f67c6ea8fac1fee1a01587feb2149a3c4dc9ed9d9eaf3288c8b2
eed30096dee95a5cfa75b8b35facbdde03cac94160a9307c9a3cb9bd63bccb06
ef00359e75e232adff07353c697e04160beae73e41dddaf7510de8950d7bbf78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f000048e202ba3ed2a2d49bc09f11e77faa217ac28d71dd8b435f2ef6009cf5e
f64ef4a15bcabc99c1b1d29eee628dade3617a51abdc311c8ca1a6516673d013
fa305b054bf6a60bd1a87abbca8f52553bbb54e6e8929564c704b85313d23790