urlscan.io logo urlscan.io
SecurityTrails logo

okwin.shop Open in urlscan Pro
2606:4700:20::681a:f0d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.okwin.sioservice-dz.com/
Effective URL: https://okwin.shop/?affilate=DISCOUNT20
Submission: On November 17 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 36 HTTP transactions. The main IP is 2606:4700:20::681a:f0d, located in United States and belongs to CLOUDFLARENET, US. The main domain is okwin.shop.
TLS certificate: Issued by WE1 on November 6th 2024. Valid for: 3 months.
This is the only time okwin.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    142.171.234.170 (Los Angeles, United States)

ASN35916 (MULTA-ASN1, US)
PTR: s60.hostilica.net
www.okwin.sioservice-dz.com
17    2606:4700:20::681a:f0d (United States)

ASN13335 (CLOUDFLARENET, US)
okwin.shop
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 okwin.shop
okwin.shop
466 KB
6 gstatic.com
fonts.gstatic.com
191 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8961
19 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
551 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
94 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 sioservice-dz.com
www.okwin.sioservice-dz.com
1 KB
36 12
Domain Requested by
17 okwin.shop 1 redirects okwin.shop
static.cloudflareinsights.com
6 fonts.gstatic.com fonts.googleapis.com
3 i.imgur.com okwin.shop
2 www.facebook.com okwin.shop
2 connect.facebook.net okwin.shop
connect.facebook.net
1 www.google.de okwin.shop
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.cloudflareinsights.com okwin.shop
1 www.googletagmanager.com okwin.shop
1 fonts.googleapis.com okwin.shop
1 www.okwin.sioservice-dz.com 1 redirects
36 12

This site contains links to these domains. Also see Links.

Domain
manage.okwin.shop
Subject Issuer Validity Valid
okwin.shop
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-26 -
2024-11-24		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.de
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://okwin.shop/?affilate=DISCOUNT20
Frame ID: 1D78FDF9562D35596281053BDC22F419
Requests: 36 HTTP requests in this frame

Frame: https://okwin.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 890CBD1652F1CCC0B78439347BF18BA4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Okwin - حيث تبدأ رحلة التجارة الإلكترونية الناجحة

Page URL History Show full URLs

  1. https://www.okwin.sioservice-dz.com/ HTTP 301
    https://okwin.shop/?affilate=DISCOUNT20 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

36
Requests

94 %
HTTPS

83 %
IPv6

12
Domains

12
Subdomains

12
IPs

3
Countries

858 kB
Transfer

1651 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.okwin.sioservice-dz.com/ HTTP 301
    https://okwin.shop/?affilate=DISCOUNT20 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://okwin.shop/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://okwin.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
okwin.shop/
Redirect Chain
  • https://www.okwin.sioservice-dz.com/
  • https://okwin.shop/?affilate=DISCOUNT20
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b21b3bfe1684ba8296008a1d3a81853d2de9e7892960653ba44617ea3f1d2e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e3deb761dad1981-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 17 Nov 2024 07:13:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQ8RpAiw%2FN12dhcn8k1FvsNH2804TqENTk6hXbtXCtJvUk4pmCwJydMQDcouApeRWBzcpJd0bZhPBDYeODKwpbSoSFXKJlKwJZsFOYTtcFJ%2FTmLcUSXfA0FmgC8x0ETGmDkWJT3wzA8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfL4;desc="?proto=QUIC&rtt=6058&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4244&recv_bytes=4435&delivery_rate=903&cwnd=12000&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=106&x=1" cfExtPri cfHdrFlush;dur=0
x-ratelimit-limit
10
x-ratelimit-remaining
9
x-ratelimit-reset
6

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
795
content-type
text/html
date
Sun, 17 Nov 2024 07:13:43 GMT
location
https://okwin.shop/?affilate=DISCOUNT20
vary
User-Agent
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Arabic:wght@500;600;700&display=swap
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86d6862b7918a3a8256c9466221a61caece717ef3045fab23d547612cc5b0a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 07:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 07:13:43 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/ 		266 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L0C10BM8BX
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a02834696e663a7e6cf59d7c6838ea912c2658694de37c03fa8ed5ebc25c59e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 17 Nov 2024 07:13:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96051
x-xss-protection
0
server
Google Tag Manager
index-C9auBq9B.js
okwin.shop/landing-page/assets/ 		318 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://okwin.shop/landing-page/assets/index-C9auBq9B.js
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e612dd31c255f4ec93eea01949a96f16720a83a53f2e6e9012a6c563174c55d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"4f958-1932f5b87e0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v13XrjM01Y5KXtG7VRHsKKLIwBiAgLvTVa%2BeYNnHwGS%2Bxnza6QAmER0iRo9MD5GKrbCW8GD4PDi0ROYAVdrQ872181vbW%2Bh9YbCScr5p1zikK5VrBpOo%2FUZD2GxgvD0RgHIzCgGzm8Y%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6181&sent=43&recv=27&lost=0&retrans=0&sent_bytes=38076&recv_bytes=6214&delivery_rate=3115775&cwnd=24000&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=178&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 15 Nov 2024 10:25:48 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb76ce331981-FRA
access-control-allow-origin
*
server
cloudflare
index-BD0WDH83.css
okwin.shop/landing-page/assets/ 		187 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://okwin.shop/landing-page/assets/index-BD0WDH83.css
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0a249a29bcbb9296e45f96f7f8fcf9fbda3f6c82d43d3dbf7602fbf29e2021

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"2eb45-19270b8e350"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b1hCbkI1w9oUC8F1hC6Y7kkdQwIoqN%2BStVbK%2FPEvQ90hvhva7%2BEXsoehpTFeWd55t6B6r4FTllSkkItH23sREmGbOf0km7WtjrEaasig2swz17sERI%2Fvc7ZUzsOYC1NHrHaFIzIgAg8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6083&sent=17&recv=14&lost=0&retrans=0&sent_bytes=7071&recv_bytes=5655&delivery_rate=456531&cwnd=12000&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=165&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
text/css; charset=UTF-8
last-modified
Wed, 09 Oct 2024 10:00:18 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb76ce341981-FRA
access-control-allow-origin
*
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://okwin.shop/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e3deb7728bf9b46-FRA
access-control-allow-origin
*
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OLEZRq5K' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OLEZRq5K' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
TqCqlP9SikD8r07CeAVhJDK8uqqAKmR17hPo90qpooVzOg/orZBSGVpPEFLXUd8neXwZtBZ0CLf6XwoyxCcdyQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-L0C10BM8BX&gtm=45je4bc0v9193630198za200&_p=1731827623526&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101899377~101925629~102067554~102067808~102077855&cid=898224811.1731827624&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731827623&sct=1&seg=0&dl=https%3A%2F%2Fokwin.shop%2F%3Faffilate%3DDISCOUNT20&dt=Okwin%20-%20%D8%AD%D9%8A%D8%AB%20%D8%AA%D8%A8%D8%AF%D8%A3%20%D8%B1%D8%AD%D9%84%D8%A9%20%D8%A7%D9%84%D8%AA%D8%AC%D8%A7%D8%B1%D8%A9%20%D8%A7%D9%84%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D8%A7%D9%84%D9%86%D8%A7%D8%AC%D8%AD%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=807
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L0C10BM8BX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://okwin.shop
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
551 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L0C10BM8BX&cid=898224811.1731827624&gtm=45je4bc0v9193630198za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101899377~101925629~102067554~102067808~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L0C10BM8BX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://okwin.shop
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L0C10BM8BX&cid=898224811.1731827624&gtm=45je4bc0v9193630198za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101899377~101925629~102067554~102067808~102077855&tag_exp=101899377~101925629~102067554~102067808~102077855&z=213042133
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 17 Nov 2024 07:13:43 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
1535282094016335
connect.facebook.net/signals/config/ 		77 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1535282094016335?v=2.9.177&r=stable&domain=okwin.shop&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
142be502fa360fdb33c13cc0851ded0e99873e4481c1eaa7a4646e96b0b356ac
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EaJDrbFk' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EaJDrbFk' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=71014, tp=68, tpl=0, uplat=53, ullat=0
pragma
public
x-fb-debug
GBtTPLHnFQHVVu0QBeD63/Y4MHuIEXzazmuhzrNJeRtJv3L5KtS1Yqj6UgAFk4KXopdJ5FL4FkUl/kBJWQLMVQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
main.js
okwin.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 890C
Redirect Chain
  • https://okwin.shop/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://okwin.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://okwin.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8add589e2251924204f97a7fb10d0b338466449c4900adc9b931a0c9d7219d3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKOe4Os5oOvlX0NZFhZ35j4zrEZvTQY0GWgXyysWJBTg42LpctxwCbImuHRkY8gT7Q24dfV83Skwmw0KSlKvGTVC6wZR5tUSs4P3qvMbcYMh6lZwoBA%2BTA%2FmGyZenP1eLCi4MnbQ5ms%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e3deb77bee31981-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6766&sent=141&recv=66&lost=0&retrans=0&sent_bytes=150562&recv_bytes=10097&delivery_rate=57449&cwnd=91200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=278&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QvX00doR8gz7z0SzjE1IrfZUZ8p%2BKdxnKFRPC2CitaGQgNm6IJDcoG0b6QHLrH9OSHlGl%2BT%2FhtL7LuLnxye6uAZ6Jduq3I9h1%2B6HY9xt%2BX1RNp7nciY4eF1MPAx4TUlUCP9jYlWLCc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3deb77aec61981-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=6775&sent=138&recv=63&lost=0&retrans=0&sent_bytes=149800&recv_bytes=8313&delivery_rate=6330119&cwnd=91200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=264&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
refresh
okwin.shop/v1/company-public/ 		0
0
company-public
okwin.shop/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://okwin.shop/v1/company-public
Requested by
Host: okwin.shop
URL: https://okwin.shop/landing-page/assets/index-C9auBq9B.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbbf4e6e2f87ab776b4b55a2928a29433f433dfdb804508d4492efbbe68e87d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
x-ratelimit-reset
6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yy5yv3ITKbOmMlaMgSgAMB94agpgHo9eB7N5mkIofbIYFSwCgwKMGR5LcrZhBz4FF71UelUxSmS7ijHrM3B%2FzrDFkxhMDuTjT%2BVOVAjK1NPgIMIbMK8xBDHrOEJAtowJsskwUso7tOo%3D"}],"group":"cf-nel","max_age":604800}
x-ratelimit-remaining
9
cf-ray
8e3deb77bedf1981-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6678&sent=145&recv=67&lost=0&retrans=0&sent_bytes=155046&recv_bytes=10142&delivery_rate=279630&cwnd=91200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=333&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
x-ratelimit-limit
10
content-type
application/json; charset=utf-8
server
cloudflare
priority
u=1,i
8e3deb761dad1981
okwin.shop/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 890C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://okwin.shop/cdn-cgi/challenge-platform/h/b/jsd/r/8e3deb761dad1981
Requested by
Host: okwin.shop
URL: https://okwin.shop/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMECD5le6%2F3z11JlfmWt5Cda%2BKJhr65O7z0nrcM7A9ikmvOFJmvhhkAA85fFXusr7at1XRlJljQWCIOI9WQPyFCkCoIbtCd%2F3mSbHZFVlgo77yhomvg4sIBZOafTaCDrDgi1YeyvbNc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3deb784f7d1981-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6606&sent=149&recv=83&lost=0&retrans=0&sent_bytes=156474&recv_bytes=27633&delivery_rate=157036&cwnd=91200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=372&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1535282094016335&ev=PageView&dl=https%3A%2F%2Fokwin.shop%2F%3Faffilate%3DDISCOUNT20&rl=&if=false&ts=1731827623733&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731827623731.426410091950227921&cs_est=true&ler=empty&cdl=API_unavailable&it=1731827623600&coo=false&rqm=GET
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4504, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1535282094016335&ev=PageView&dl=https%3A%2F%2Fokwin.shop%2F%3Faffilate%3DDISCOUNT20&rl=&if=false&ts=1731827623733&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.1.1731827623731.426410091950227921&cs_est=true&ler=empty&cdl=API_unavailable&it=1731827623600&coo=false&rqm=FGET
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438143003711159879"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
TCN0wEs8j7kb33GhkwaLhQU6gdmBAcUN7BosYHnVJgRmH3+k0LOgJ2JDbPTqKHQ3KHH0bbQ7iNaXP0Uc3NFRzg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438143003711159879", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4872, tp=13, tpl=0, uplat=121, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
G8IiP0L.png
i.imgur.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/G8IiP0L.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
6f2b83c7e5d141bf22e41b5f1acdfb619e823c4d17c4657e103327fd369e3134
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

etag
"33114e3668b15fa52f804605a660bb19"
age
848874
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
n8jHC8fkXcDkOnBjjFgKpPohuwCxKOP7MtqZeBregzJY6cP-iqfJpw==
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/png
last-modified
Fri, 06 Sep 2024 14:59:09 GMT
x-cache-hits
3, 0
x-served-by
cache-iad-kiad7000026-IAD, cache-fra-eddf8230153-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1731827624.833331,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
4501
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
65Yr4ua.png
i.imgur.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/65Yr4ua.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
26101cba246f7f5f0389cdf7a2af89d6296b48a67cb1dbe44e0cc3571b1a06c8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

etag
"2cd6be72fb2305bdc6b98248f027435c"
age
1178026
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
xTJYkPCokLlqELKm85tRXBzcHo0ZcRoHOo0_vXzrtfELk6nAnX9n3A==
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/png
last-modified
Fri, 06 Sep 2024 14:59:09 GMT
x-cache-hits
3, 0
x-served-by
cache-iad-kjyo7100065-IAD, cache-fra-eddf8230153-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1731827624.833256,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
2202
x-amz-cf-pop
IAD12-P4
server
cat factory 1.0
x-amz-server-side-encryption
AES256
hero-section-desktop-C1GqRvEf.png
okwin.shop/landing-page/assets/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/hero-section-desktop-C1GqRvEf.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef6b6d2148e0de927a9df71b89a627084fb66c4935f262d1733c348548f37b8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"1ba34-192b60e81a8"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbB8XL2%2F9jltUZI6T01%2BnoVk1RBDQx9L3dEIIn3JQcgqleHTjpLNqpgY1NhYe3DDWxXj%2FgYw4EmDDtGXeSpWCRbZQwrxyRraoI20pFNhcoS687ocXRfOL9aODWsoIquSoxj0fPDM93o%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=113204
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6840&sent=151&recv=85&lost=0&retrans=0&sent_bytes=157667&recv_bytes=28748&delivery_rate=56331&cwnd=91200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=461&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/webp
content-disposition
inline; filename="hero-section-desktop-C1GqRvEf.webp"
vary
Accept
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78cfea1981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
101792
server
cloudflare
Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YOG-eCRXMR5Kw.woff2
fonts.gstatic.com/s/ibmplexsansarabic/v12/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsansarabic/v12/Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YOG-eCRXMR5Kw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Arabic:wght@500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0cbcef8d9822c460a2a4ac7746f1043cfe5836db4ff878cb6d3f6c70f980127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://fonts.googleapis.com/

Response headers

age
316485
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:18:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:18:58 GMT
last-modified
Tue, 02 May 2023 15:30:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
44528
x-xss-protection
0
server
sffe
Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPi-OCRXMR5Kw.woff2
fonts.gstatic.com/s/ibmplexsansarabic/v12/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsansarabic/v12/Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPi-OCRXMR5Kw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Arabic:wght@500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0eed9cd0505ab57ffaa4c23ef5727c67d646bb02fe6e666e21b2f12a85f515c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://fonts.googleapis.com/

Response headers

age
163861
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 09:42:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 09:42:42 GMT
last-modified
Tue, 02 May 2023 15:07:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
46344
x-xss-protection
0
server
sffe
Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YOG-eCUXMQ.woff2
fonts.gstatic.com/s/ibmplexsansarabic/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsansarabic/v12/Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YOG-eCUXMQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Arabic:wght@500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1cd77ed4c294717422cec0213c09adcdcd7c51eca5c7619bb4c2a2e7a8f04e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://fonts.googleapis.com/

Response headers

age
315229
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:39:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:39:54 GMT
last-modified
Tue, 02 May 2023 15:29:57 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19144
x-xss-protection
0
server
sffe
Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPO_-CUXMQ.woff2
fonts.gstatic.com/s/ibmplexsansarabic/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsansarabic/v12/Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPO_-CUXMQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Arabic:wght@500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5986fe50ffc2fd7c690521ddbf96f03b52e444744550cc2e523070864e963638
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://fonts.googleapis.com/

Response headers

age
161840
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 10:16:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 10:16:23 GMT
last-modified
Tue, 02 May 2023 15:14:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19716
x-xss-protection
0
server
sffe
Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPi-OCUXMQ.woff2
fonts.gstatic.com/s/ibmplexsansarabic/v12/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsansarabic/v12/Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPi-OCUXMQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Arabic:wght@500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64cd98b8c972341c48db20a8c9b5f3e4e8ea410a6534633b07067c554dc7873b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://fonts.googleapis.com/

Response headers

age
231043
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 15:03:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 15:03:00 GMT
last-modified
Tue, 02 May 2023 15:10:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20096
x-xss-protection
0
server
sffe
Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPO_-CRXMR5Kw.woff2
fonts.gstatic.com/s/ibmplexsansarabic/v12/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsansarabic/v12/Qw3NZRtWPQCuHme67tEYUIx3Kh0PHR9N6YPO_-CRXMR5Kw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Arabic:wght@500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d927fcbabc291537a6c9c1d641e6c24235cd40a8627ad48d4d2588eb8bd40e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://okwin.shop
Referer
https://fonts.googleapis.com/

Response headers

age
315479
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:35:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:35:44 GMT
last-modified
Tue, 02 May 2023 15:20:43 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
45804
x-xss-protection
0
server
sffe
truncated
/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ea03b7410bd170368f19d8604dd3637dad6d4ac9e6383b3357b089e26b5f40d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		826 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa2f261128079f0e6e6db6e8ee6135483f5b7198211d0e5925c1b98483672455

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
delivery-compagines-Dczk6jVh.png
okwin.shop/landing-page/assets/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/delivery-compagines-Dczk6jVh.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34b56bc3fd5e8e41d6def4dd7c55b24b5dfb11683a0159cf694de20863332c73

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"e5f9-192b60e81a8"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Ff1x%2FbXMzIM14LE74G338HMrQsof%2BdsAZ5oURkiJLfc7IA2xzONBmP30tTuicYUT3ERmQvnJgI02RHwQITxrRNviZicRj5WoYXrYeNxYaiBn%2B9i9VakoO7rGiNOyrYxaJuhQkSc3PsQ%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=58873
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7335&sent=298&recv=105&lost=0&retrans=0&sent_bytes=331026&recv_bytes=37821&delivery_rate=4003947&cwnd=103200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=508&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/webp
content-disposition
inline; filename="delivery-compagines-Dczk6jVh.webp"
vary
Accept
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f80a1981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
54284
server
cloudflare
orders-feature-D4U_dMIf.png
okwin.shop/landing-page/assets/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/orders-feature-D4U_dMIf.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7ad65ba8e50085c08e03545d3b426b3f94420157589e1c92825aa96df2575d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"5271-192b60e81a8"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkOXq8%2F3oJFY1Kd%2FmIZDdTfBs6wtBEGuJo%2Fq1PEt%2F4%2F9BzQ1bkNp5y%2F15eDL20S3EQyeWQv80yQ25Mir%2BtbYwF1On%2F6dKNJSyh8HHVwk6RJH0cxJmlmrFeqNIWup2RhMUTOAqRn0%2BkM%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=21105
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7721&sent=261&recv=103&lost=0&retrans=0&sent_bytes=286865&recv_bytes=37733&delivery_rate=3568001&cwnd=103200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=501&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/webp
content-disposition
inline; filename="orders-feature-D4U_dMIf.webp"
vary
Accept
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f80b1981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18970
server
cloudflare
sub-store-CPrhr1Ef.png
okwin.shop/landing-page/assets/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/sub-store-CPrhr1Ef.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61459483347bf7cfcc1bc6ce781554d9cd04e94429209ec7393ac0f2253e2a17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"53e3-192b60e81a8"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rwG2%2Fpa8bnRytG74IZC8%2BpgqWtP9UUcUQ9jOQAaP1O5T37EpCA5eRq0ASmXM0Kh4sY7PDnV9P1MZvwPhA6yAMOZvlfiA5CG%2BpV8YrWP%2BtSF6PCHmqT7nMwrXf28R8%2F2sWoAur5Vmpw%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=21475
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7264&sent=384&recv=108&lost=0&retrans=0&sent_bytes=430626&recv_bytes=37954&delivery_rate=7423319&cwnd=123600&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=513&x=1", cfExtPri, cfHdrFlush;dur=1
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/webp
content-disposition
inline; filename="sub-store-CPrhr1Ef.webp"
vary
Accept
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f80c1981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
20136
server
cloudflare
stock-tracking-CD4LUCWO.png
okwin.shop/landing-page/assets/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/stock-tracking-CD4LUCWO.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e080df06e808be7f9cb1bc3a4ceaecb104fb3b3161941132bbd8527e4f63e63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-cache-status
MISS
etag
W/"58bc-192b60e81a8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3XinZ58k5tR7FnZJQ%2FVy9fNlwcW1Ng4ZdjdYvX1%2FJvbT7jjoe%2FlpYYJGWf52UipACU8J%2FGsuzNAe2T6kX%2FhOsR%2F3TMKBGis8Mw0nUexAhMwi6so2mY7dOUWvmc%2Ft3KtFaR8Bz9y1qU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7285&sent=371&recv=107&lost=0&retrans=0&sent_bytes=416247&recv_bytes=37909&delivery_rate=6262007&cwnd=116400&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=510&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f80d1981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
22716
server
cloudflare
offers-feature-DmQkHiv2.png
okwin.shop/landing-page/assets/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/offers-feature-DmQkHiv2.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92039b4ee4baac564536bd86b0eef311183d306331a8648dc8eb97e91255a558

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"63d7-192b60e81a8"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHLDHZFTrQx%2F3fnHy9uYDWYfA1UnXid0fkLxBiIQJxrvkTyBC54wWRadakPQcQWp%2F0O8b65geZjiZYQ%2BnFcKaFZ4J%2BrsHbaAA36v%2Ba7JVpS%2FgJwYrEZVkJNJ6kuMIT7ucA52n6xk4m4%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=25559
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7721&sent=240&recv=103&lost=0&retrans=0&sent_bytes=262530&recv_bytes=37733&delivery_rate=3568001&cwnd=103200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=499&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/webp
content-disposition
inline; filename="offers-feature-DmQkHiv2.webp"
vary
Accept
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f80f1981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
23044
server
cloudflare
themes-and-apperance-B_e92JmI.png
okwin.shop/landing-page/assets/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/themes-and-apperance-B_e92JmI.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302e21ce98a78a29ec40b918653421e9eed69028045a69477b6bf1200b301435

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-cache-status
MISS
etag
W/"85bc-192b60e81a8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8umv5lZ6rpe3i1fWvc%2F5x05YG0mlJrq61384RKw0OCQsdv6EfVjILTFWPYBbbnTLk%2FrN2KtP2%2FQtTye6Pz7iaMSRhubm77OGNOCadmB%2BsAmkPXvvS8esSUQZBQOfS7P8ZTyg8cIgWQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7335&sent=278&recv=105&lost=0&retrans=0&sent_bytes=307026&recv_bytes=37821&delivery_rate=4003947&cwnd=103200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=507&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f8111981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
34236
server
cloudflare
marketing-system-Bj-fQowK.png
okwin.shop/landing-page/assets/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/marketing-system-Bj-fQowK.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49bde110b8a76c298f8cf952020f10ac190c7c14ce166123a2d3ea459dd92e50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"4685-192b60e81a8"
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwxlLKDxZn8Nq3cLgTPnQmo1%2BZ%2BMEMgn02vrYdtgKZaJjScbD2GHZH3sKW4fipjaaF2mW3Lm9DmvnbN1Q7HaMtpjLSgbcTjeYtddRXzl2cx9CeKEfF0Yr28e4%2BQ8Mikr2wAk3U662jg%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=18053
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7335&sent=288&recv=105&lost=0&retrans=0&sent_bytes=319026&recv_bytes=37821&delivery_rate=4003947&cwnd=103200&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=507&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/webp
content-disposition
inline; filename="marketing-system-Bj-fQowK.webp"
vary
Accept
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f8121981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16140
server
cloudflare
manage-team-BlMN-4Rh.png
okwin.shop/landing-page/assets/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okwin.shop/landing-page/assets/manage-team-BlMN-4Rh.png
Requested by
Host: okwin.shop
URL: https://okwin.shop/?affilate=DISCOUNT20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ec70cd53c9c8ce763e3a27cb59ff3210b5f68f58236ac333578bc8b7721d05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

cf-cache-status
MISS
etag
W/"712f-192b60e81a8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMOZVrHS%2BRLTugfAQNvMzmHpCn4bbrlQY1P7WjvpR84769pKNVc5M1Cp%2FZQXlUM1h76S4kd7xilcCAPPXaRFeBAHg8zBfj2goFUbk8njkzFxLSEtLbRGlUKF0rNGIRR9pP5wXcVXr4E%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7264&sent=384&recv=108&lost=0&retrans=0&sent_bytes=430626&recv_bytes=37954&delivery_rate=7423319&cwnd=123600&unsent_bytes=0&cid=0a7a0eaddb572c0e&ts=514&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 21:07:37 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3deb78f8131981-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
28975
server
cloudflare
rum
okwin.shop/cdn-cgi/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okwin.shop/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:f0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://okwin.shop/?affilate=DISCOUNT20

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e3deb79a8831981-FRA
access-control-allow-origin
https://okwin.shop
date
Sun, 17 Nov 2024 07:13:43 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
cuM40VF.png
i.imgur.com/ 		11 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i.imgur.com/cuM40VF.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
48406763f4ce14611af8ca18cd38fb728c5c4c04ae843a847c04cbbb8088ee04
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://okwin.shop/

Response headers

etag
"cbeb4746fee8b63a1927b042700d4083"
age
1716167
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
E_LP9c9GmGWxpXwyacqcuCweBU_G6Pe0Ap4cd_Ql5NxTlzcRjfAbug==
date
Sun, 17 Nov 2024 07:13:43 GMT
content-type
image/png
last-modified
Fri, 06 Sep 2024 14:59:09 GMT
x-cache-hits
8, 0
x-served-by
cache-iad-kjyo7100131-IAD, cache-fra-eddf8230153-FRA
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1731827624.954556,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
11549
x-amz-cf-pop
IAD12-P2
server
cat factory 1.0
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
okwin.shop
URL
https://okwin.shop/v1/company-public/refresh

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data object| gaGlobal string| __reactRouterVersion object| __cfBeacon

5 Cookies

Domain/Path Name / Value
okwin.shop/ Name: XSRF-TOKEN
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uSWQiOiIxNmI5N2UzZS1mNWNkLTQxZjktOGQxMC01ZWI2NzlmZmNkM2IiLCJjbGllbnRJcCI6IjIwMDE6YWM4OjIwOjNhMDA6MTAxMTpmYmZmOjI4ZWM6OTk2NCIsImlhdCI6MTczMTgyNzYyMywiZXhwIjoxNzMxODI3NjQ5fQ.LJWG6vzXw54TbgaZxmpfV_3lP1qwqpgvneTgWdpE8j0
.okwin.shop/ Name: _ga_L0C10BM8BX
Value: GS1.1.1731827623.1.0.1731827623.60.0.0
.okwin.shop/ Name: _ga
Value: GA1.1.898224811.1731827624
.okwin.shop/ Name: _fbp
Value: fb.1.1731827623731.426410091950227921
.okwin.shop/ Name: cf_clearance
Value: jeKtQtOHnhOJRc8zbfM5ZIrVK9ubtTsoHcnNQMnDUoA-1731827623-1.2.1.1-1i8u0hLmPdZ_W_nK6x8UVL29bj9rXqmurYeu0L4ouPG.QCj6p9pJ2Ma_V_LKv7hQwO8BXSkLcxW6hqq880Vx5fFO.3uw57mTik79.OEUd46wVt1HWVJS1ja2XvaG9KV5Tjx1y1SkyJfCign55eHM1ixJN5xojkFCKgNnqdfZAFTBE2lEZ0fCrpBnPN3qfpb7WDHsbfRiDpdIktSUF0xp17oAdyyq_n8pNFeaWheXgdOfH2uRKnWjRAldiLS1iDEVerzdSJgfHzWj2cluvj1vjnaZRXY9OQxUwQ4AVDUC3OTALKeQu3BeqBK0wGV8GwJPIiQibmSdk0VgzERNFWmXZgZua0VjAb6xzNGDZiMBqUudjTvgJKbYWsB2GKUkR1vM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
okwin.shop
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
www.okwin.sioservice-dz.com
okwin.shop
142.171.234.170
199.232.192.193
2001:4860:4802:34::36
2606:4700:20::681a:f0d
2606:4700::6810:4f49
2a00:1450:4001:802::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:400c:c0d::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
142be502fa360fdb33c13cc0851ded0e99873e4481c1eaa7a4646e96b0b356ac
26101cba246f7f5f0389cdf7a2af89d6296b48a67cb1dbe44e0cc3571b1a06c8
302e21ce98a78a29ec40b918653421e9eed69028045a69477b6bf1200b301435
34b56bc3fd5e8e41d6def4dd7c55b24b5dfb11683a0159cf694de20863332c73
3b21b3bfe1684ba8296008a1d3a81853d2de9e7892960653ba44617ea3f1d2e3
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
48406763f4ce14611af8ca18cd38fb728c5c4c04ae843a847c04cbbb8088ee04
49bde110b8a76c298f8cf952020f10ac190c7c14ce166123a2d3ea459dd92e50
4e080df06e808be7f9cb1bc3a4ceaecb104fb3b3161941132bbd8527e4f63e63
4f0a249a29bcbb9296e45f96f7f8fcf9fbda3f6c82d43d3dbf7602fbf29e2021
5986fe50ffc2fd7c690521ddbf96f03b52e444744550cc2e523070864e963638
61459483347bf7cfcc1bc6ce781554d9cd04e94429209ec7393ac0f2253e2a17
64cd98b8c972341c48db20a8c9b5f3e4e8ea410a6534633b07067c554dc7873b
6e612dd31c255f4ec93eea01949a96f16720a83a53f2e6e9012a6c563174c55d
6ea03b7410bd170368f19d8604dd3637dad6d4ac9e6383b3357b089e26b5f40d
6f2b83c7e5d141bf22e41b5f1acdfb619e823c4d17c4657e103327fd369e3134
86d6862b7918a3a8256c9466221a61caece717ef3045fab23d547612cc5b0a2f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8add589e2251924204f97a7fb10d0b338466449c4900adc9b931a0c9d7219d3f
92039b4ee4baac564536bd86b0eef311183d306331a8648dc8eb97e91255a558
9a02834696e663a7e6cf59d7c6838ea912c2658694de37c03fa8ed5ebc25c59e
a0cbcef8d9822c460a2a4ac7746f1043cfe5836db4ff878cb6d3f6c70f980127
a1cd77ed4c294717422cec0213c09adcdcd7c51eca5c7619bb4c2a2e7a8f04e5
aa2f261128079f0e6e6db6e8ee6135483f5b7198211d0e5925c1b98483672455
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c0eed9cd0505ab57ffaa4c23ef5727c67d646bb02fe6e666e21b2f12a85f515c
d4ec70cd53c9c8ce763e3a27cb59ff3210b5f68f58236ac333578bc8b7721d05
d927fcbabc291537a6c9c1d641e6c24235cd40a8627ad48d4d2588eb8bd40e43
dbbf4e6e2f87ab776b4b55a2928a29433f433dfdb804508d4492efbbe68e87d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b6d2148e0de927a9df71b89a627084fb66c4935f262d1733c348548f37b8c
ef7ad65ba8e50085c08e03545d3b426b3f94420157589e1c92825aa96df2575d