URL: https://airpods.winmyapple.com/
Submission: On November 22 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 47.251.166.157, located in United States and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is airpods.winmyapple.com.
TLS certificate: Issued by R11 on November 22nd 2024. Valid for: 3 months.
This is the only time airpods.winmyapple.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 47.251.166.157 45102 (ALIBABA-C...)
1 2a00:1450:400... 15169 (GOOGLE)
2 157.240.253.1 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
6 157.240.253.35 32934 (FACEBOOK)
22 6
Apex Domain
Subdomains
Transfer
12 winmyapple.com
airpods.winmyapple.com
214 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
631 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
22 5
Domain Requested by
12 airpods.winmyapple.com airpods.winmyapple.com
6 www.facebook.com airpods.winmyapple.com
2 connect.facebook.net airpods.winmyapple.com
connect.facebook.net
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com airpods.winmyapple.com
22 5

This site contains no links.

Subject Issuer Validity Valid
airpods.winmyapple.com
R11
2024-11-22 -
2025-02-20
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-01 -
2024-11-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://airpods.winmyapple.com/
Frame ID: 9277A877B88AD5549303055F2202AB5F
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Apple

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

398 kB
Transfer

1188 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
airpods.winmyapple.com/
2 KB
1 KB
Document
General
Full URL
https://airpods.winmyapple.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
84ec888486547e610e064a06ba72797e2be11f9fe913b6a6d57ff5a12d5d3109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-encoding
gzip
content-type
text/html
date
Fri, 22 Nov 2024 10:49:42 GMT
etag
W/"67405f59-681"
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
322 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-87PVDGDJKL
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98cdd0c131d7ee837791e926ab633b769a353af8fd85d0d1f800c38b057a68a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 22 Nov 2024 10:49:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:49:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109584
x-xss-protection
0
server
Google Tag Manager
index-BBxOpriO.js
airpods.winmyapple.com/assets/
218 KB
87 KB
Script
General
Full URL
https://airpods.winmyapple.com/assets/index-BBxOpriO.js
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
a7518ed055a35cee5a992b10b843ebbe5a324ef421040e11adb85e15eb1b90f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"67405f59-36637"
expires
Fri, 22 Nov 2024 22:49:42 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:42 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
vary
Accept-Encoding
index-BVNHpuhb.css
airpods.winmyapple.com/assets/
251 KB
51 KB
Stylesheet
General
Full URL
https://airpods.winmyapple.com/assets/index-BVNHpuhb.css
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
d05e3906adde74c37af8303391aaa6c5ad8340081d1c90092fd3af0c643069d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"67405f59-3ea77"
expires
Fri, 22 Nov 2024 22:49:42 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:42 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-fRQJUVtL' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:49:42 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-fRQJUVtL' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=23, mss=1232, tbw=4432, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
XJT38oLT7iFBgpFCzFY2m7bAgAjlCf4xnKhwzmnIatOpKDvQoV6G6Wr0h0eiWTDQ9Wcq8F7UB2oD3Cu22GNv0w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
1021321469798124
connect.facebook.net/signals/config/
67 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1021321469798124?v=2.9.176&r=stable&domain=airpods.winmyapple.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
c079418bc0babbb4d964b37beb7469f22e15e7c7faa8a82fd46d449c98b15f39
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ziXqnVzk' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:49:42 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ziXqnVzk' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=77, mss=1232, tbw=70884, tp=67, tpl=0, uplat=211, ullat=0
pragma
public
x-fb-debug
FTZnRKMEvWjKpJF0Z5o06z/CuKR1dI6ljDJ37oajtjV9BD0RHlYHb679Bbr6YAjagkttdqIceFAFuyO9bCZ4Iw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-87PVDGDJKL&gtm=45je4bk0v9200605348za200&_p=1732272582325&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1099973802.1732272583&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732272582&sct=1&seg=0&dl=https%3A%2F%2Fairpods.winmyapple.com%2F&dt=Apple&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1036
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-87PVDGDJKL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://airpods.winmyapple.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:49:42 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1021321469798124&ev=PageView&dl=https%3A%2F%2Fairpods.winmyapple.com%2F&rl=&if=false&ts=1732272582829&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732272582828.296197774185532796&ler=empty&cdl=API_unavailable&it=1732272582536&coo=false&rqm=GET
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4476, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 22 Nov 2024 10:49:42 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
198 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1021321469798124&ev=PageView&dl=https%3A%2F%2Fairpods.winmyapple.com%2F&rl=&if=false&ts=1732272582829&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732272582828.296197774185532796&ler=empty&cdl=API_unavailable&it=1732272582536&coo=false&rqm=FGET
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440054089465134416"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
suciraJAVSO72mrPYtZiQ/3bgAyDhnwJ+iwKiWLs2owUyryjbK1IE+semdFkXS/oAcOFqJQ1wZ9F5aJl3w5hnw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440054089465134416", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=5132, tp=17, tpl=0, uplat=218, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1021321469798124&ev=PageView&dl=https%3A%2F%2Fairpods.winmyapple.com%2F%23%2F&rl=&if=false&ts=1732272583082&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1732272582828.296197774185532796&ler=empty&cdl=API_unavailable&it=1732272582536&coo=false&rqm=GET
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4940, tp=15, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
194 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1021321469798124&ev=PageView&dl=https%3A%2F%2Fairpods.winmyapple.com%2F%23%2F&rl=&if=false&ts=1732272583082&sw=1600&sh=1200&v=2.9.176&r=stable&ec=1&o=4126&fbp=fb.1.1732272582828.296197774185532796&ler=empty&cdl=API_unavailable&it=1732272582536&coo=false&rqm=FGET
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440054092893749045"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
w7SrsKDA5MqT7IzwVQsarmn577L0/vwx2E6lpKzUcnB+tUa5SyzPemk2bf1aCzFEujawVSvwg5ZLTkVyMp4DKA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440054092893749045", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=26, mss=1232, tbw=7996, tp=22, tpl=0, uplat=120, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
index-C5qv2nTi.js
airpods.winmyapple.com/assets/
10 KB
4 KB
Script
General
Full URL
https://airpods.winmyapple.com/assets/index-C5qv2nTi.js
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/assets/index-BBxOpriO.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
f385c8e028c79d112b42e6ea7bb63dc83c1390938a48ece90cb35bc327a559b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"67405f59-29a9"
expires
Fri, 22 Nov 2024 22:49:43 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
vary
Accept-Encoding
submit-success-BXGpUc6b.js
airpods.winmyapple.com/assets/
62 B
415 B
Script
General
Full URL
https://airpods.winmyapple.com/assets/submit-success-BXGpUc6b.js
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/assets/index-BBxOpriO.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
0a1ec119d9bfcd5710c45ccb9f25893597820ce56bf44f4cff4bd1592ab777a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
etag
"67405f59-3e"
expires
Fri, 22 Nov 2024 22:49:43 GMT
accept-ranges
bytes
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-length
62
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
index-WIsRcRkC.js
airpods.winmyapple.com/assets/
4 KB
2 KB
Script
General
Full URL
https://airpods.winmyapple.com/assets/index-WIsRcRkC.js
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/assets/index-BBxOpriO.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
bbfc583e8bbad8204ecca1e0b1a9d07aabf191a72155965bfd4a3fd6aa0b5a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"67405f59-1054"
expires
Fri, 22 Nov 2024 22:49:43 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
vary
Accept-Encoding
index-CihlzA90.css
airpods.winmyapple.com/assets/
327 B
672 B
Stylesheet
General
Full URL
https://airpods.winmyapple.com/assets/index-CihlzA90.css
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/assets/index-BBxOpriO.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
539a9df8f8ce4209063b95a87c7796d84f77904c4faedd395969de7a1e588329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
etag
"67405f59-147"
expires
Fri, 22 Nov 2024 22:49:43 GMT
accept-ranges
bytes
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
content-length
327
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
index-Dw17R_s1.css
airpods.winmyapple.com/assets/
1 KB
904 B
Stylesheet
General
Full URL
https://airpods.winmyapple.com/assets/index-Dw17R_s1.css
Requested by
Host: airpods.winmyapple.com
URL: https://airpods.winmyapple.com/assets/index-BBxOpriO.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
160ab2b519f7c9b69f064fbf084c9588777eee48704d71452a55d5b0e2d50f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=43200
content-encoding
gzip
etag
W/"67405f59-53f"
expires
Fri, 22 Nov 2024 22:49:43 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
text/css
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
vary
Accept-Encoding
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1021321469798124&ev=PageView&dl=https%3A%2F%2Fairpods.winmyapple.com%2F%23%2Fquestionnaire&rl=&if=false&ts=1732272583292&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=4126&fbp=fb.1.1732272582828.296197774185532796&ler=empty&cdl=API_unavailable&it=1732272582536&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=27, mss=1232, tbw=9020, tp=26, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
191 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1021321469798124&ev=PageView&dl=https%3A%2F%2Fairpods.winmyapple.com%2F%23%2Fquestionnaire&rl=&if=false&ts=1732272583292&sw=1600&sh=1200&v=2.9.176&r=stable&ec=2&o=4126&fbp=fb.1.1732272582828.296197774185532796&ler=empty&cdl=API_unavailable&it=1732272582536&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440054092120588420"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
E1IvpRn7ebG+v+M2Sdezw/Su0SAKt08cAPqjy/B2m+hrRVN2tuaQ8tGXBaNBnM0aDO0yuzAJSNtE3h3htsA0aQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440054092120588420", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=27, mss=1232, tbw=9308, tp=30, tpl=0, uplat=150, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
goods-banner3-DxbFpXaJ.png
airpods.winmyapple.com/assets/
59 KB
56 KB
Image
General
Full URL
https://airpods.winmyapple.com/assets/goods-banner3-DxbFpXaJ.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
68cc2ade530dd5e1bab2c8fc3a32256b9d05549294c47ed2337e1add542a88e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"67405f59-ea47"
expires
Sun, 22 Dec 2024 10:49:43 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
image/png
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
vary
Accept-Encoding
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5b8347b4acaa6e4d8b9f950dff9ebce803a900d6a43a1b3faf11853d5b2d900

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
payments-bI5Bsc6z.png
airpods.winmyapple.com/assets/
9 KB
9 KB
Image
General
Full URL
https://airpods.winmyapple.com/assets/payments-bI5Bsc6z.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
5e3c0ddc78946d9d5e5b0f5e5d8c32d8003962e580475a6359899514bb937d47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"67405f59-23ee"
expires
Sun, 22 Dec 2024 10:49:43 GMT
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
image/png
last-modified
Fri, 22 Nov 2024 10:39:21 GMT
server
nginx
vary
Accept-Encoding
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df23b89fecc6a112e8752c52645527f1f4c3a9b1c6454e009ad7c835a6b4a98b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://airpods.winmyapple.com
Referer

Response headers

Content-Type
font/woff2
apple.svg
airpods.winmyapple.com/
1 KB
1 KB
Other
General
Full URL
https://airpods.winmyapple.com/apple.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b62f2ddc190f517deece6d506b86898032d0bf3fc686fe570ada1963a85ed412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
W/"673d75b0-55b"
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Nov 2024 05:37:52 GMT
server
nginx
vary
Accept-Encoding
apple.svg
airpods.winmyapple.com/
1 KB
0
Other
General
Full URL
https://airpods.winmyapple.com/apple.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.251.166.157 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
b62f2ddc190f517deece6d506b86898032d0bf3fc686fe570ada1963a85ed412

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://airpods.winmyapple.com/

Response headers

content-encoding
gzip
etag
W/"673d75b0-55b"
alt-svc
quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"
date
Fri, 22 Nov 2024 10:49:43 GMT
content-type
image/svg+xml
last-modified
Wed, 20 Nov 2024 05:37:52 GMT
server
nginx
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| QuestionnaireFbqMarks function| OrderSubmitFbqMarks function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ number| uidEvent

3 Cookies

Domain/Path Name / Value
.winmyapple.com/ Name: _ga
Value: GA1.1.1099973802.1732272583
.winmyapple.com/ Name: _ga_87PVDGDJKL
Value: GS1.1.1732272582.1.0.1732272582.0.0.0
.winmyapple.com/ Name: _fbp
Value: fb.1.1732272582828.296197774185532796

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airpods.winmyapple.com
connect.facebook.net
region1.google-analytics.com
www.facebook.com
www.googletagmanager.com
157.240.253.1
157.240.253.35
2001:4860:4802:32::36
2a00:1450:4001:810::2008
47.251.166.157
0a1ec119d9bfcd5710c45ccb9f25893597820ce56bf44f4cff4bd1592ab777a2
160ab2b519f7c9b69f064fbf084c9588777eee48704d71452a55d5b0e2d50f28
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
539a9df8f8ce4209063b95a87c7796d84f77904c4faedd395969de7a1e588329
5e3c0ddc78946d9d5e5b0f5e5d8c32d8003962e580475a6359899514bb937d47
68cc2ade530dd5e1bab2c8fc3a32256b9d05549294c47ed2337e1add542a88e9
84ec888486547e610e064a06ba72797e2be11f9fe913b6a6d57ff5a12d5d3109
98cdd0c131d7ee837791e926ab633b769a353af8fd85d0d1f800c38b057a68a3
a5b8347b4acaa6e4d8b9f950dff9ebce803a900d6a43a1b3faf11853d5b2d900
a7518ed055a35cee5a992b10b843ebbe5a324ef421040e11adb85e15eb1b90f1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b62f2ddc190f517deece6d506b86898032d0bf3fc686fe570ada1963a85ed412
bbfc583e8bbad8204ecca1e0b1a9d07aabf191a72155965bfd4a3fd6aa0b5a43
c079418bc0babbb4d964b37beb7469f22e15e7c7faa8a82fd46d449c98b15f39
d05e3906adde74c37af8303391aaa6c5ad8340081d1c90092fd3af0c643069d9
df23b89fecc6a112e8752c52645527f1f4c3a9b1c6454e009ad7c835a6b4a98b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f385c8e028c79d112b42e6ea7bb63dc83c1390938a48ece90cb35bc327a559b3