promotionaumaroc.com Open in urlscan Pro
2606:4700:3032::681b:b752 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://promoalert.ma/
Effective URL:
https://promotionaumaroc.com/
Submission: On April 22 via automatic, source certstream-suspicious (April 22nd 2020, 2:08:17 pm UTC)

Summary HTTP 68 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 68 HTTP transactions. The main IP is 2606:4700:3032::681b:b752, located in United States and belongs to CLOUDFLARENET, US. The main domain is promotionaumaroc.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 26th 2019. Valid for: a year.

This is the only time promotionaumaroc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::681c:16c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2606:4700:303... 2606:4700:3032::681b:b752	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
68	12

1 2606:4700:3034::681c:16c6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

promoalert.ma	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:3032::681b:b752 (United States)

ASN13335 (CLOUDFLARENET, US)

promotionaumaroc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub.promotionaumaroc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	promotionaumaroc.com promotionaumaroc.com pub.promotionaumaroc.com	2 MB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	64 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	google.com 1 redirects adservice.google.com www.google.com	1021 B
2	google.de adservice.google.de www.google.de	948 B
2	gstatic.com fonts.gstatic.com	22 KB
2	googletagservices.com www.googletagservices.com	43 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
1	googleapis.com fonts.googleapis.com	471 B
1	promoalert.ma 1 redirects promoalert.ma	340 B
68	12

	Domain	Requested by
44	promotionaumaroc.com	promotionaumaroc.com
5	pagead2.googlesyndication.com	promotionaumaroc.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com promotionaumaroc.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	promotionaumaroc.com
2	www.googletagservices.com	promotionaumaroc.com pagead2.googlesyndication.com
1	www.google.de	promotionaumaroc.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	pub.promotionaumaroc.com	promotionaumaroc.com
1	cdn.onesignal.com	promotionaumaroc.com
1	www.googletagmanager.com	promotionaumaroc.com
1	fonts.googleapis.com	promotionaumaroc.com
1	promoalert.ma	1 redirects
68	18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
t.me
bit.ly

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-26` - `2020-09-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://promotionaumaroc.com/
Frame ID: FB30D10ECA1C33F8511D220FB01C2DB4
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200416/r20190131/zrt_lookup.html
Frame ID: E3137644D443EB223EB0A8F4331305B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4587838000600660&output=html&adk=3046330955&adf=2044148826&lmt=1587564480&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpromotionaumaroc.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587564480942&bpp=12&bdt=260&idt=117&shv=r20200416&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1234772599269&frm=20&pv=2&ga_vid=1494360910.1587564481&ga_sid=1587564481&ga_hid=678619852&ga_fc=0&iag=0&icsg=601036073983&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1592&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531%2C44716867&oid=3&pvsid=62835980124617&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
Frame ID: B803B4262B93EB14C86C227EB6304E25
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4587838000600660&output=html&h=250&slotname=4084643887&adk=880714845&adf=1327027473&w=970&lmt=1587564480&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fpromotionaumaroc.com%2F&flash=0&wgl=1&adsid=NT&dt=1587564480956&bpp=4&bdt=274&idt=164&shv=r20200416&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1234772599269&frm=20&pv=1&ga_vid=1494360910.1587564481&ga_sid=1587564481&ga_hid=678619852&ga_fc=0&iag=0&icsg=2800059329535&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=291&ady=273&biw=1592&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531%2C44716867&oid=3&pvsid=62835980124617&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0o3AAlcN7E&p=https%3A//promotionaumaroc.com&dtd=170
Frame ID: 702A24FB276C192E673D51C5B91FB479
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 233025EDDEF0EC98BE9C66F69BB652A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://promoalert.ma/ HTTP 301
https://promotionaumaroc.com/ Page URL

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

meta generator /WooCommerce ([\d.]+)/i

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
meta generator /WooCommerce ([\d.]+)/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
meta generator /WooCommerce ([\d.]+)/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
meta generator /WooCommerce ([\d.]+)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

68
Requests

100 %
HTTPS

93 %
IPv6

12
Domains

18
Subdomains

12
IPs

3
Countries

2536 kB
Transfer

3540 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/PromotionMaroc/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCOrualMC6tFta5TmCXAjETg

Search URL Search Domain Scan URL

URL: https://t.me/promotionaumaroc

Search URL Search Domain Scan URL

URL: https://bit.ly/3atBsIS
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://promoalert.ma/ HTTP 301
https://promotionaumaroc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=678619852&t=pageview&_s=1&dl=https%3A%2F%2Fpromotionaumaroc.com%2F&ul=en-us&de=UTF-8&dt=Promotion%20au%20maroc%20%7C%20Le%20site%20N%C2%B01%20des%20promotions%20au%20Maroc&sd=24-bit&sr=1600x1200&vp=1592x1200&je=0&_u=IEBAAUAB~&jid=232121209&gjid=1412347874&cid=1494360910.1587564481&tid=UA-39196623-1&_gid=390799028.1587564481&_r=1&gtm=2ou4f0&z=1603534889 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_gid=390799028.1587564481&gjid=1412347874&_v=j81&z=1603534889 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_v=j81&z=1603534889 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_v=j81&z=1603534889&slf_rd=1&random=3158472825

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
promotionaumaroc.com/
Redirect Chain

https://promoalert.ma/
https://promotionaumaroc.com/

75 KB
13 KB

1062ms
944ms

Document
text/html

2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

dfdefaa098372dbc8c766d0d5614679529343f20f9751e86c94a2638c636a7b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: promotionaumaroc.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 22 Apr 2020 14:08:00 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d63260cce463acce9ee3baddcd721ac841587564479; expires=Fri, 22-May-20 14:07:59 GMT; path=/; domain=.promotionaumaroc.com; HttpOnly; SameSite=Lax
link: <https://promotionaumaroc.com/wp-json/>; rel="https://api.w.org/" <https://promotionaumaroc.com/>; rel=shortlink
last-modified: Wed, 22 Apr 2020 14:08:00 GMT
expires: Wed, 22 Apr 2020 16:08:00 GMT
pragma: public
cache-control: max-age=7200, public
x-powered-by: W3 Total Cache/0.9.7.4
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 587fea0e5b031762-FRA
content-encoding: br
cf-request-id: 0243d09cf60000176214b1a200000001

Redirect headers

status: 301
date: Wed, 22 Apr 2020 14:07:59 GMT
content-type: text/html
set-cookie: __cfduid=d323d5fe133868ff9fab169a6c76262591587564479; expires=Fri, 22-May-20 14:07:59 GMT; path=/; domain=.promoalert.ma; HttpOnly; SameSite=Lax
location: https://promotionaumaroc.com/
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 587fea0d3e4f3258-FRA
cf-request-id: 0243d09c4600003258d30ca200000001

GET
H2 200 4b68b.css
promotionaumaroc.com/wp-content/cache/minify/ 39 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/4b68b.css?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

d319a06ec32cebd7e3e48ae279d7796bd62a05e967a57f24613765e41876b5f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 269847
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0b20000176214b49200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:57 GMT
server: cloudflare
etag: W/"pub1569109797;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea1458981762-FRA
expires: Mon, 19 Apr 2021 11:10:33 GMT

GET
H2 200 caad3.css
promotionaumaroc.com/wp-content/cache/minify/ 195 KB
35 KB 18ms
16ms Stylesheet
text/css 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/caad3.css?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

e6d2c5b3212043f6a9642a49f9f75088174b2932c99ddb3f8243c65ec865480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18083947
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0b20000176214b4a200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:51 GMT
server: cloudflare
etag: W/"pub1569109791;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea1458991762-FRA
expires: Fri, 25 Sep 2020 06:48:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 872 B
471 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa6f22af71f6176e78755341cb5148500a9bb86515b9cc346dd4b2e5890e1bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Apr 2020 14:08:00 GMT
server: ESF
date: Wed, 22 Apr 2020 14:08:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Apr 2020 14:08:00 GMT

GET
H2 200 55c5b.css
promotionaumaroc.com/wp-content/cache/minify/ 6 KB
3 KB 15ms
14ms Stylesheet
text/css 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/55c5b.css?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

8b11a9286e5be47f24b10baa601dec5c52dfe4f918b976141110ccdd67b6c469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15002515
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0b20000176214b4b200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:54 GMT
server: cloudflare
etag: W/"pub1569109794;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea14589a1762-FRA
expires: Fri, 30 Oct 2020 22:46:05 GMT

GET
H2 200 df983.js Show response
promotionaumaroc.com/wp-content/cache/minify/ 105 KB
35 KB 29ms
28ms Script
application/x-javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/df983.js?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

3367b47845c05039ebf3162ed86eafdc8d93f4ca601672721131eb6aa1ec3f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6496753
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0b20000176214b4c200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:34 GMT
server: cloudflare
etag: W/"pub1569109774;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea14589c1762-FRA
expires: Sat, 06 Feb 2021 09:28:46 GMT

GET
H2 200 6e6ce.js Show response
promotionaumaroc.com/wp-content/cache/minify/ 58 KB
16 KB 22ms
21ms Script
application/x-javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/6e6ce.js?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

d300ded13e4ce03bcfb13ddaaf002d0567ede6b1e27f19a72dfedfc41f4ee304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14953783
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0b20000176214b4d200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:57 GMT
server: cloudflare
etag: W/"pub1569109797;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea14589e1762-FRA
expires: Sat, 31 Oct 2020 12:18:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 27ms
21ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-39196623-1

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

574ee950aebefcef548bfb86901fde21cfb377fb6a11470615154569127eac01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30161
x-xss-protection: 0
last-modified: Wed, 22 Apr 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Apr 2020 14:08:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a43c44b5b6294b72a737ac4db4b709ed0980f2533b948cb19b5dde2a794f8b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39354
x-xss-protection: 0
server: cafe
etag: 6668813492124690560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Apr 2020 14:08:00 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 42ms
15ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1d2bcb61802ca852d198062aa3d4e0294555fe3fdb9aeedd68c072bcc12cde8

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 2102
etag: W/"9189e8a4b6e2d2bd8b624325af5b4d52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 587fea14cb2b6371-FRA
cf-request-id: 0243d0a10100006371008d2200000001
expires: Thu, 23 Apr 2020 02:08:00 GMT

GET
H2 200 promotionaumaroc.gif
promotionaumaroc.com/wp-content/uploads/2013/12/ 5 KB
5 KB 22ms
16ms Image
image/gif 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2013/12/promotionaumaroc.gif?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 97f80a04b1d32588172f10b3fb94a6a7e00a7374e8cd002a86253880b5bac4a6

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 15135114
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 5287
cf-request-id: 0243d0a0ee0000176214b56200000001
pragma: public
last-modified: Sat, 21 Sep 2019 23:55:31 GMT
server: cloudflare
etag: "5d86b873-14a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9411762-FRA
expires: Thu, 29 Oct 2020 09:56:06 GMT

GET
H2 200 citroen-ami-maroc-1-310x165.jpeg
promotionaumaroc.com/wp-content/uploads/2020/03/ 12 KB
12 KB 58ms
52ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/03/citroen-ami-maroc-1-310x165.jpeg
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: a5cdad8084ab50665042d780650c34d21c14c5bc4a5824c7cb3f77a88cb232e7

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 11952
cf-request-id: 0243d0a0ee0000176214b57200000001
pragma: public
last-modified: Mon, 09 Mar 2020 10:56:42 GMT
server: cloudflare
etag: "5e6620ea-2eb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9421762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 trafic-touristique-maroc-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/02/ 3 KB
3 KB 54ms
49ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/02/trafic-touristique-maroc-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 6631d80195648b47bbe9912acde5d9930e7f311053155986ad4a8bcc86a98a14

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 3274
cf-request-id: 0243d0a0ee0000176214b58200000001
pragma: public
last-modified: Mon, 24 Feb 2020 14:33:58 GMT
server: cloudflare
etag: "5e53ded6-cca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9431762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 golf-8-prix-maroc-9.jpg
promotionaumaroc.com/wp-content/uploads/2019/10/ 79 KB
79 KB 56ms
51ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2019/10/golf-8-prix-maroc-9.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 57ce83fa60560f22f7d4c15fec730a64e2422bb45ada022caa5ae98193197e7b

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 80576
cf-request-id: 0243d0a0ee0000176214b59200000001
pragma: public
last-modified: Fri, 06 Dec 2019 10:58:58 GMT
server: cloudflare
etag: "5dea3472-13ac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9451762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 toyota-corolla-s.png
promotionaumaroc.com/wp-content/uploads/2019/04/ 856 KB
857 KB 23ms
18ms Image
image/png 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2019/04/toyota-corolla-s.png?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: d0044caa0c214bb491add850fb083f91012cad57aa0ccba0750242a70f5409ed

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 5971655
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 876908
cf-request-id: 0243d0a0ee0000176214b5a200000001
pragma: public
last-modified: Mon, 10 Feb 2020 13:40:04 GMT
server: cloudflare
etag: "5e415d34-d616c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9471762-FRA
expires: Fri, 12 Feb 2021 11:20:25 GMT

GET
H2 200 bali-asie-310x165.jpg
promotionaumaroc.com/wp-content/uploads/2020/02/ 14 KB
14 KB 22ms
17ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/02/bali-asie-310x165.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 70a78ca885b03772061923d5c09a66a0dab02c00277a4894e933d4b04eb41a34

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 226774
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 14469
cf-request-id: 0243d0a0ee0000176214b5b200000001
pragma: public
last-modified: Wed, 26 Feb 2020 12:24:22 GMT
server: cloudflare
etag: "5e566376-3885"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9481762-FRA
expires: Mon, 19 Apr 2021 23:08:26 GMT

GET
H2 200 maroc-bangkok-2020-110x75.jpeg
promotionaumaroc.com/wp-content/uploads/2020/02/ 4 KB
4 KB 22ms
17ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/02/maroc-bangkok-2020-110x75.jpeg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 7558ca6e5702b490fe8719eff1210a67cbd8ec665bf4534a094f7c46f82cd805

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 4768171
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 3961
cf-request-id: 0243d0a0ee0000176214b5c200000001
pragma: public
last-modified: Wed, 26 Feb 2020 12:48:11 GMT
server: cloudflare
etag: "5e56690b-f79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b94a1762-FRA
expires: Fri, 26 Feb 2021 09:38:29 GMT

GET
H2 200 bangkok-voyage-maroc-2.jpg
promotionaumaroc.com/wp-content/uploads/2019/10/ 465 KB
465 KB 30ms
25ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2019/10/bangkok-voyage-maroc-2.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: f9238f6e2a83f8ecf16a56867b5eb8a79a263aac112d39b6d23f01a3f74a087c

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 6493512
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 475938
cf-request-id: 0243d0a0ee0000176214b5d200000001
pragma: public
last-modified: Mon, 21 Oct 2019 15:56:20 GMT
server: cloudflare
etag: "5dadd524-74322"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b94c1762-FRA
expires: Sat, 06 Feb 2021 10:22:48 GMT

GET
H2 200 bangkok-voyage-maroc-1.jpg
promotionaumaroc.com/wp-content/uploads/2019/10/ 183 KB
183 KB 69ms
65ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2019/10/bangkok-voyage-maroc-1.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 22b9c0d958dc498a8e6c16b82f37c9ac1e847d7757118cd3f566612c14713265

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 187463
cf-request-id: 0243d0a0ee0000176214b5e200000001
pragma: public
last-modified: Mon, 21 Oct 2019 15:41:14 GMT
server: cloudflare
etag: "5dadd19a-2dc47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b94d1762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 electroplanet-thumbnail-310x165.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 17 KB
17 KB 51ms
47ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/electroplanet-thumbnail-310x165.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: e94bfa35ab53708b5340bf2f17f2b3b32fb04fa8ba8e7aa1b7bedb0c10b41b9f

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 17037
cf-request-id: 0243d0a0ee0000176214b5f200000001
pragma: public
last-modified: Mon, 20 Apr 2020 14:48:21 GMT
server: cloudflare
etag: "5e9db635-428d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b94e1762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 aswak-assalam-thumbnail-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 4 KB
4 KB 49ms
44ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/aswak-assalam-thumbnail-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 22e950c91a4d9169f1b7331761eafee73ebfe2338504335cdd934d718bdcd26a

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4124
cf-request-id: 0243d0a0ee0000176214b60200000001
pragma: public
last-modified: Mon, 20 Apr 2020 14:00:09 GMT
server: cloudflare
etag: "5e9daae9-101c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b94f1762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 BIM-Mardi-thumbnail-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 5 KB
5 KB 44ms
40ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/BIM-Mardi-thumbnail-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: d9d8c4c1f172c83fc7b5a3bf485a0456b966571041ef1a33091e8365560ea30b

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4750
cf-request-id: 0243d0a0ee0000176214b61200000001
pragma: public
last-modified: Sat, 18 Apr 2020 13:37:42 GMT
server: cloudflare
etag: "5e9b02a6-128e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9501762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 kitea-thumbnail-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 4 KB
4 KB 67ms
62ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/kitea-thumbnail-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 0bf47e663b62193c262bdd2e62247e60e69d39cb70cd9743c83687874c8363d4

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4145
cf-request-id: 0243d0a0ee0000176214b62200000001
pragma: public
last-modified: Thu, 16 Apr 2020 15:54:40 GMT
server: cloudflare
etag: "5e987fc0-1031"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9521762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 nouvelle_tendance_h19_03-min-310x165.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 6 KB
6 KB 22ms
18ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/nouvelle_tendance_h19_03-min-310x165.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: a2a35a2fcc3801a67715658a7fa69dda8f5370f3b81b60c79cae162574e4acc7

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 837824
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 6034
cf-request-id: 0243d0a0ee0000176214b63200000001
pragma: public
last-modified: Sun, 12 Apr 2020 20:29:50 GMT
server: cloudflare
etag: "5e937a3e-1792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9541762-FRA
expires: Mon, 12 Apr 2021 21:24:16 GMT

GET
H2 200 oriflame-thumbnail-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 4 KB
4 KB 52ms
49ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/oriflame-thumbnail-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: e32b3dfbf170a8b11b55b2b9dceff5db1c43cef96d39ed76bf6c8c4f48caff7e

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4012
cf-request-id: 0243d0a0ee0000176214b64200000001
pragma: public
last-modified: Tue, 07 Apr 2020 15:38:49 GMT
server: cloudflare
etag: "5e8c9e89-fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b95a1762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 BIM-Mardi-thumbnail-2-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/03/ 5 KB
5 KB 26ms
23ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/03/BIM-Mardi-thumbnail-2-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: d9faef73159fe8d6bef33582151bd4abe5846d81750b5161d616108f81f3c368

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 1275274
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4912
cf-request-id: 0243d0a0ee0000176214b65200000001
pragma: public
last-modified: Thu, 19 Mar 2020 17:11:12 GMT
server: cloudflare
etag: "5e73a7b0-1330"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b95d1762-FRA
expires: Wed, 07 Apr 2021 19:53:26 GMT

GET
H2 200 wp-emoji-release.min.js Show response
promotionaumaroc.com/wp-includes/js/ 14 KB
4 KB 26ms
22ms Script
application/javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotionaumaroc.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
cf-cache-status: HIT
age: 15017228
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0ee0000176214b66200000001
pragma: public
last-modified: Sat, 21 Sep 2019 23:49:34 GMT
server: cloudflare
etag: W/"5d86b70e-3610"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 587fea14b95f1762-FRA
expires: Fri, 30 Oct 2020 18:40:52 GMT

GET
H2 200 marjane-thumbnail-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/03/ 3 KB
3 KB 26ms
23ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/03/marjane-thumbnail-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 091da776812050a6699902a5df3246fa81981357daadc948b4c0cd2ef879b3b1

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 3211382
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 3240
cf-request-id: 0243d0a0ee0000176214b67200000001
pragma: public
last-modified: Fri, 13 Mar 2020 13:31:59 GMT
server: cloudflare
etag: "5e6b8b4f-ca8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9601762-FRA
expires: Tue, 16 Mar 2021 10:04:58 GMT

GET
H2 200 cosmos-thumbnail-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 4 KB
4 KB 44ms
41ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/cosmos-thumbnail-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: a67c94f9ecf5bde19b525b445624341ea5556d0b0a8a44796c6d96cb085222cf

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4383
cf-request-id: 0243d0a0ee0000176214b68200000001
pragma: public
last-modified: Sat, 11 Apr 2020 18:41:33 GMT
server: cloudflare
etag: "5e920f5d-111f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9621762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 BIM-Vendredi-thumbnail-1-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 4 KB
4 KB 27ms
23ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/BIM-Vendredi-thumbnail-1-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 0374ca41bb914c66c8cb3477b4f5e66f8fa313cb10212c79bab2934bdb808488

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 1095809
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4292
cf-request-id: 0243d0a0ee0000176214b69200000001
pragma: public
last-modified: Wed, 08 Apr 2020 17:35:23 GMT
server: cloudflare
etag: "5e8e0b5b-10c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9651762-FRA
expires: Fri, 09 Apr 2021 21:44:31 GMT

GET
H2 200 biougnach-thumbnail-110x75.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 4 KB
4 KB 54ms
51ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/biougnach-thumbnail-110x75.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: dbed35825fa1c87bcb4d4f30d13b52edda11bbc842e39ed90e457065a16e8a35

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 4273
cf-request-id: 0243d0a0ee0000176214b6a200000001
pragma: public
last-modified: Sun, 05 Apr 2020 23:21:15 GMT
server: cloudflare
etag: "5e8a67eb-10b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9691762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 promotion-facebook.jpg
pub.promotionaumaroc.com/wp-content/uploads/2019/06/ 13 KB
14 KB 39ms
15ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pub.promotionaumaroc.com/wp-content/uploads/2019/06/promotion-facebook.jpg

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b643e75b1f09f46e0e6279946f74526fd505da9a2df19958625c371897ae4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
status: 200
content-length: 13810
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jun 2019 20:12:09 GMT
server: cloudflare
x-frame-options: DENY
etag: "5d094599-35f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
cf-request-id: 0243d0a1020000176214b71200000001
accept-ranges: bytes
cf-ray: 587fea14d99b1762-FRA

GET
H2 200 promotionaumarocap.jpg
promotionaumaroc.com/wp-content/uploads/2020/03/ 38 KB
39 KB 26ms
23ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/03/promotionaumarocap.jpg?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 8af0ce611f479e809b4e7413c44bc88e8f9ced8ab2a5d60dc6e0dc65ddef2ca7

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 2016168
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 39240
cf-request-id: 0243d0a0ee0000176214b6b200000001
pragma: public
last-modified: Sun, 29 Mar 2020 23:15:43 GMT
server: cloudflare
etag: "5e812c1f-9948"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b96a1762-FRA
expires: Tue, 30 Mar 2021 06:05:12 GMT

GET
H2 200 dee63.js Show response
promotionaumaroc.com/wp-content/cache/minify/ 11 KB
4 KB 11ms
10ms Script
application/x-javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/dee63.js?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

57cb03293e135398ff1a169ad5229b37d35b0a1473b62ba8157bc2a2494a3327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1054191
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0d00000176214b50200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:43 GMT
server: cloudflare
etag: W/"pub1569109783;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea1488f61762-FRA
expires: Sat, 10 Apr 2021 09:18:08 GMT

GET
H2 200 3c2c7.js Show response
promotionaumaroc.com/wp-content/cache/minify/ 2 KB
940 B 11ms
11ms Script
application/x-javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/3c2c7.js?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

6c8222c7ecc4c35be6c026b80306f187f2c3eae7934fba058f36e6a7fbfe7fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 799914
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0d40000176214b51200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:43 GMT
server: cloudflare
etag: W/"pub1569109783;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea1489011762-FRA
expires: Tue, 13 Apr 2021 07:56:06 GMT

GET
H2 200 b4041.js Show response
promotionaumaroc.com/wp-content/cache/minify/ 2 KB
656 B 23ms
16ms Script
application/x-javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/b4041.js?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

551c995231f0266a4cd786337f0a45fb3fac02f24ca9bd81134c5921304f3bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14953783
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0ec0000176214b53200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:43 GMT
server: cloudflare
etag: W/"pub1569109783;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea14a9391762-FRA
expires: Sat, 31 Oct 2020 12:18:16 GMT

GET
H2 200 abe60.js Show response
promotionaumaroc.com/wp-content/cache/minify/ 211 KB
63 KB 30ms
24ms Script
application/x-javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/abe60.js?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

20780ea08f20abd4434bbaf22c52e5bdb1d4e3e23c2aa30024888199270b5adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6496753
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0ec0000176214b54200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:54 GMT
server: cloudflare
etag: W/"pub1569109794;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea14a93a1762-FRA
expires: Sat, 06 Feb 2021 09:28:46 GMT

GET
H2 200 3cf12.js Show response
promotionaumaroc.com/wp-content/cache/minify/ 3 KB
1 KB 22ms
16ms Script
application/x-javascript 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/wp-content/cache/minify/3cf12.js?x41901

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

0d6804cf5dd20f84948ff776212bfc2f6bdfc0d2e06c844ddde115be0b77f0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18088082
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
cf-request-id: 0243d0a0ec0000176214b55200000001
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 21 Sep 2019 23:49:54 GMT
server: cloudflare
etag: W/"pub1569109794;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 587fea14a93b1762-FRA
expires: Fri, 25 Sep 2020 05:39:58 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 42 KB
15 KB 64ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe1244a9a19db22f8fcc8a0663bf6ddde0699b7d9bcd4dfbd2ffbaeae2a26b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "493 / 323 of 1000 / last-modified: 1587436432"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14359
x-xss-protection: 0
expires: Wed, 22 Apr 2020 14:08:00 GMT

GET
H2 200 body-bg2.png
promotionaumaroc.com/wp-content/themes/sahifa/images/patterns/ 864 B
1 KB 23ms
23ms Image
image/png 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/themes/sahifa/images/patterns/body-bg2.png
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: cc4485e93792b78eaff636e0112e94ea871a8a6d5a981893d56d4c3a3b84fa81

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 18093535
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 864
cf-request-id: 0243d0a0f40000176214b6c200000001
pragma: public
last-modified: Sat, 21 Sep 2019 23:49:38 GMT
server: cloudflare
etag: "5d86b712-360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b96e1762-FRA
expires: Fri, 25 Sep 2020 04:09:05 GMT

GET
H2 200 home.png
promotionaumaroc.com/wp-content/themes/sahifa/images/ 1022 B
1 KB 25ms
25ms Image
image/png 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/themes/sahifa/images/home.png?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

Referer: https://promotionaumaroc.com/wp-content/cache/minify/caad3.css?x41901
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 11077313
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 1022
cf-request-id: 0243d0a0f40000176214b6d200000001
pragma: public
last-modified: Sat, 21 Sep 2019 23:49:38 GMT
server: cloudflare
etag: "5d86b712-3fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9701762-FRA
expires: Tue, 15 Dec 2020 09:06:07 GMT

GET
H2 200 fontawesome-webfont.woff2
promotionaumaroc.com/wp-content/themes/sahifa/fonts/fontawesome/ 55 KB
56 KB 20ms
20ms Font
font/woff2 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotionaumaroc.com/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://promotionaumaroc.com/wp-content/cache/minify/caad3.css?x41901
Origin: https://promotionaumaroc.com

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 170040
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 56780
cf-request-id: 0243d0a0f40000176214b6e200000001
pragma: public
last-modified: Sat, 21 Sep 2019 23:49:39 GMT
server: cloudflare
etag: "5d86b713-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14b9721762-FRA
expires: Tue, 20 Apr 2021 14:54:00 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Origin: https://promotionaumaroc.com

Response headers

date: Wed, 15 Apr 2020 05:25:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
age: 636157
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11396
x-xss-protection: 0
expires: Thu, 15 Apr 2021 05:25:23 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Origin: https://promotionaumaroc.com

Response headers

date: Tue, 14 Apr 2020 20:54:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:00:07 GMT
server: sffe
age: 666833
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11236
x-xss-protection: 0
expires: Wed, 14 Apr 2021 20:54:07 GMT

GET
H2 200 electroplanet-thumbnail-660x330.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 46 KB
46 KB 48ms
46ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/electroplanet-thumbnail-660x330.jpg
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 67626ede79488938467865e8dce845b1a0edc455e8d2cb0b398adeaecca98d8e

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 47291
cf-request-id: 0243d0a10e0000176214b73200000001
pragma: public
last-modified: Mon, 20 Apr 2020 14:48:21 GMT
server: cloudflare
etag: "5e9db635-b8bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14e9d11762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 aswak-assalam-thumbnail-660x330.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 37 KB
37 KB 15ms
14ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/aswak-assalam-thumbnail-660x330.jpg
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 1674a0d7516524c534b6db53969318889b9e566f271d07b24bf5af326d072142

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 161425
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 38011
cf-request-id: 0243d0a10f0000176214b74200000001
pragma: public
last-modified: Mon, 20 Apr 2020 14:00:09 GMT
server: cloudflare
etag: "5e9daae9-947b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14e9d31762-FRA
expires: Tue, 20 Apr 2021 17:17:35 GMT

GET
H2 200 BIM-Mardi-thumbnail-660x330.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 52 KB
52 KB 46ms
45ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/BIM-Mardi-thumbnail-660x330.jpg
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: d904bda7ca25053d1bc5471d5b810aad97626b657a5aa15d233f0a1d425d0ea7

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 53150
cf-request-id: 0243d0a10f0000176214b75200000001
pragma: public
last-modified: Sat, 18 Apr 2020 13:37:42 GMT
server: cloudflare
etag: "5e9b02a6-cf9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14e9d51762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 carrefour-thumbnail-660x330.jpg
promotionaumaroc.com/wp-content/uploads/2020/04/ 40 KB
40 KB 45ms
43ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/04/carrefour-thumbnail-660x330.jpg
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 3e12f7c35a946f4d481898c5829417d938418db481c39a6001290eea12b5338b

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: MISS
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 40876
cf-request-id: 0243d0a10f0000176214b76200000001
pragma: public
last-modified: Wed, 15 Apr 2020 14:31:41 GMT
server: cloudflare
etag: "5e971acd-9fac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14e9d61762-FRA
expires: Thu, 22 Apr 2021 14:08:00 GMT

GET
H2 200 marjane-thumbnail-1-621x330.jpg
promotionaumaroc.com/wp-content/uploads/2020/03/ 48 KB
48 KB 18ms
16ms Image
image/jpeg 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/uploads/2020/03/marjane-thumbnail-1-621x330.jpg
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 1af2beac2b3679cf99e344c3299438e5c433085f463fa2259560a0ff78a57b8d

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 2093292
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 49365
cf-request-id: 0243d0a10f0000176214b77200000001
pragma: public
last-modified: Fri, 27 Mar 2020 19:27:59 GMT
server: cloudflare
etag: "5e7e53bf-c0d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14e9d91762-FRA
expires: Mon, 29 Mar 2021 08:39:48 GMT

GET
H2 200 stripe.png
promotionaumaroc.com/wp-content/themes/sahifa/images/ 93 B
251 B 13ms
12ms Image
image/png 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promotionaumaroc.com/wp-content/themes/sahifa/images/stripe.png?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: 23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Referer: https://promotionaumaroc.com/wp-content/cache/minify/caad3.css?x41901
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 8303239
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 93
cf-request-id: 0243d0a10f0000176214b78200000001
pragma: public
last-modified: Sat, 21 Sep 2019 23:49:38 GMT
server: cloudflare
etag: "5d86b712-5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14e9da1762-FRA
expires: Sat, 16 Jan 2021 11:40:41 GMT

GET
H2 200 BebasNeue-webfont.woff
promotionaumaroc.com/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 13ms
12ms Font
font/woff 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promotionaumaroc.com/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff?x41901
Requested by: Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.9.7.4
Resource Hash: e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://promotionaumaroc.com/wp-content/cache/minify/caad3.css?x41901
Origin: https://promotionaumaroc.com

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
cf-cache-status: HIT
age: 170040
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
content-length: 19996
cf-request-id: 0243d0a1120000176214b79200000001
pragma: public
last-modified: Sat, 21 Sep 2019 23:49:39 GMT
server: cloudflare
etag: "5d86b713-4e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 587fea14e9df1762-FRA
expires: Tue, 20 Apr 2021 14:54:00 GMT

POST
H2 200 / Show response
promotionaumaroc.com/ 391 B
542 B 426ms
425ms XHR
application/json 2606:4700:3032::681b:b752
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promotionaumaroc.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/wp-content/cache/minify/df983.js?x41901

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b752 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / W3 Total Cache/0.9.7.4

Resource Hash

fe9fdcda771cbb412c6507da7ed5a121901c00a8a04907335ce07b70ebebf2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://promotionaumaroc.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: W3 Total Cache/0.9.7.4
status: 200
vary: Accept-Encoding
cf-request-id: 0243d0a1790000176214b7d200000001
referrer-policy: no-referrer-when-downgrade
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://promotionaumaroc.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 587fea158b2e1762-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-39196623-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1766
date: Wed, 22 Apr 2020 13:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 22 Apr 2020 15:38:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 31ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=promotionaumaroc.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 39ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=promotionaumaroc.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200416/r20190131/ 216 KB
81 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200416/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cc1e7852cd367dcbef7e66eb5fbc96a59f301e866a7ed527c5b0b66e21658ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83078
x-xss-protection: 0
server: cafe
etag: 15339147587662863779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Apr 2020 14:08:00 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200416/r20190131/ Frame E313 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200416/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200416/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://promotionaumaroc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://promotionaumaroc.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 16 Apr 2020 15:14:52 GMT
expires: Thu, 30 Apr 2020 15:14:52 GMT
content-type: text/html; charset=UTF-8
etag: 2883597723061595496
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4868
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 514388
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 pubads_impl_2020042001.js Show response
securepubads.g.doubleclick.net/gpt/ 171 KB
63 KB 105ms
31ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Apr 2020 20:16:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 64174
x-xss-protection: 0
expires: Wed, 22 Apr 2020 14:08:01 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=678619852&t=pageview&_s=1&dl=https%3A%2F%2Fpromotionaumaroc.com%2F&ul=en-us&de=UTF-8&dt=Promotion%20au%20maroc%20%7C%20Le%20site%20N%C2%B01%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_gid=390799028.1587564481&gjid=1412347874&_v=j81&z=1603534889
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_v=j81&z=1603534889
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_v=j81&z=1603534889&slf_rd=1&random=3158472825

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_v=j81&z=1603534889&slf_rd=1&random=3158472825

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Apr 2020 14:08:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Apr 2020 14:08:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39196623-1&cid=1494360910.1587564481&jid=232121209&_v=j81&z=1603534889&slf_rd=1&random=3158472825
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=678619852&t=pageview&_s=2&dl=https%3A%2F%2Fpromotionaumaroc.com%2F&ul=en-us&de=UTF-8&dt=Promotion%20au%20maroc%20%7C%20Le%20site%20N%C2%B01%20des%20promotions%20au%20Maroc&sd=24-bit&sr=1600x1200&vp=1592x1200&je=0&_u=IEBAAUAB~&jid=&gjid=&cid=1494360910.1587564481&tid=UA-39196623-1&_gid=390799028.1587564481&gtm=2ou4f0&z=403767879

Requested by

Host: promotionaumaroc.com
URL: https://promotionaumaroc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Apr 2020 22:53:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 659690
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B803 0
0 120ms
120ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4587838000600660&output=html&adk=3046330955&adf=2044148826&lmt=1587564480&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpromotionaumaroc.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587564480942&bpp=12&bdt=260&idt=117&shv=r20200416&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1234772599269&frm=20&pv=2&ga_vid=1494360910.1587564481&ga_sid=1587564481&ga_hid=678619852&ga_fc=0&iag=0&icsg=601036073983&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1592&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531%2C44716867&oid=3&pvsid=62835980124617&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200416/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4587838000600660&output=html&adk=3046330955&adf=2044148826&lmt=1587564480&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpromotionaumaroc.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587564480942&bpp=12&bdt=260&idt=117&shv=r20200416&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1234772599269&frm=20&pv=2&ga_vid=1494360910.1587564481&ga_sid=1587564481&ga_hid=678619852&ga_fc=0&iag=0&icsg=601036073983&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1592&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531%2C44716867&oid=3&pvsid=62835980124617&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://promotionaumaroc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://promotionaumaroc.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 22 Apr 2020 14:08:01 GMT
server: cafe
content-length: 657
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Apr-2020 14:23:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Wed, 22 Apr 2020 14:08:01 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200416/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70d5c45513d094e7ee22b3553952f0a228600dfbde43d810d36e46e07bf2f319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587382633128681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28351
x-xss-protection: 0
expires: Wed, 22 Apr 2020 14:08:01 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 702A 0
0 499ms
499ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4587838000600660&output=html&h=250&slotname=4084643887&adk=880714845&adf=1327027473&w=970&lmt=1587564480&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fpromotionaumaroc.com%2F&flash=0&wgl=1&adsid=NT&dt=1587564480956&bpp=4&bdt=274&idt=164&shv=r20200416&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1234772599269&frm=20&pv=1&ga_vid=1494360910.1587564481&ga_sid=1587564481&ga_hid=678619852&ga_fc=0&iag=0&icsg=2800059329535&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=291&ady=273&biw=1592&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531%2C44716867&oid=3&pvsid=62835980124617&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0o3AAlcN7E&p=https%3A//promotionaumaroc.com&dtd=170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200416/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4587838000600660&output=html&h=250&slotname=4084643887&adk=880714845&adf=1327027473&w=970&lmt=1587564480&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fpromotionaumaroc.com%2F&flash=0&wgl=1&adsid=NT&dt=1587564480956&bpp=4&bdt=274&idt=164&shv=r20200416&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1234772599269&frm=20&pv=1&ga_vid=1494360910.1587564481&ga_sid=1587564481&ga_hid=678619852&ga_fc=0&iag=0&icsg=2800059329535&dssz=37&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=291&ady=273&biw=1592&bih=1200&scr_x=0&scr_y=0&eid=21065474%2C21065531%2C44716867&oid=3&pvsid=62835980124617&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0o3AAlcN7E&p=https%3A//promotionaumaroc.com&dtd=170
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://promotionaumaroc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://promotionaumaroc.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 22 Apr 2020 14:08:01 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Apr-2020 14:23:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Wed, 22 Apr 2020 14:08:01 GMT
cache-control: private

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 31ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200416&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200416/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acc64e0c193d93b651c2d83734a8c09091f0705ee3315df8d25e17fd28d5294a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Apr 2020 14:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5164
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ovlp&adf=1327027473&client=ca-pub-4587838000600660&eid=21065531%2C21065474%2C44716867&et=1&io=0&saldr=aa&oa=0.00&qid=CIPY08ea_OgCFZa43godF6kE1Q&roa=0&slot=4084643887&sp=0%2C0&tgt=ins%2Faswift_1_expand.0&tr=291%2C273%2C1261%2C523&url=https%3A%2F%2Fpromotionaumaroc.com%2F&vp=1592x1200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Apr 2020 14:08:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200416/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 14:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 22 Apr 2020 14:08:01 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 2330 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://promotionaumaroc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://promotionaumaroc.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 22 Apr 2020 14:03:22 GMT
expires: Thu, 22 Apr 2021 14:03:22 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200416&jk=62835980124617&bg=!a2ilaHBYiZxXts48jeACAAAAN1IAAAAJmQFgtDplESMdn77USxVkiNT3wHKadDkFw8S0SgoZ5WLWb_3bRnBDNKw1g97fwMU8Cm_wN12kn8g5QCENKi8ur6tfyrdYMaPhxiHOPgC2QHePEd6hO0oQd302zqZJioD-t5UNrK4GxMWLMVezQPD_IrXaoVlOz6zpVmzVFhg--UU1J7908M3WXn_al11_enRNKHhgRi3bSpd9xjdxbO2nBQ-3UoS-6-XVZQX1-blGi9olxwIbxW3Hju48B8Lenzqw9dyBO8HkzfG7IiNRcx4GdVA44WvtAYPkY2JrjnmLHhYaA-aqSD4dsQb-4FolDAwIOpT8JK17zyLaeNZ6YKPa-2jm4F8vQoqdywFlYUB4Aqzv5wNFHMqu8CHeb8aveOP1k2XD5FWf_UdbA0JgxTDGQVSgsblP9MVOXUP_xlgwOqYrfAHz1kZKnffqAsThQi-C6k6MyPgA-h8hrRAOWidvWuCWmg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promotionaumaroc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Apr 2020 14:08:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 08:59:25	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://promotionaumaroc.com/wp-content/cache/minify/df983.js?x41901(Line 4) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
promoalert.ma
promotionaumaroc.com
pub.promotionaumaroc.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
172.217.22.66
2606:4700:3032::681b:b752
2606:4700:3034::681c:16c6
2606:4700::6812:e134
2a00:1450:4001:800::2002
2a00:1450:4001:806::200a
2a00:1450:4001:808::2001
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:814::2008
2a00:1450:4001:816::2002
2a00:1450:4001:818::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9b
0374ca41bb914c66c8cb3477b4f5e66f8fa313cb10212c79bab2934bdb808488
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
091da776812050a6699902a5df3246fa81981357daadc948b4c0cd2ef879b3b1
0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0
0bf47e663b62193c262bdd2e62247e60e69d39cb70cd9743c83687874c8363d4
0d6804cf5dd20f84948ff776212bfc2f6bdfc0d2e06c844ddde115be0b77f0eb
1674a0d7516524c534b6db53969318889b9e566f271d07b24bf5af326d072142
1af2beac2b3679cf99e344c3299438e5c433085f463fa2259560a0ff78a57b8d
1b643e75b1f09f46e0e6279946f74526fd505da9a2df19958625c371897ae4b7
20780ea08f20abd4434bbaf22c52e5bdb1d4e3e23c2aa30024888199270b5adf
22b9c0d958dc498a8e6c16b82f37c9ac1e847d7757118cd3f566612c14713265
22e950c91a4d9169f1b7331761eafee73ebfe2338504335cdd934d718bdcd26a
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
3367b47845c05039ebf3162ed86eafdc8d93f4ca601672721131eb6aa1ec3f0a
3cc1e7852cd367dcbef7e66eb5fbc96a59f301e866a7ed527c5b0b66e21658ab
3e12f7c35a946f4d481898c5829417d938418db481c39a6001290eea12b5338b
551c995231f0266a4cd786337f0a45fb3fac02f24ca9bd81134c5921304f3bbb
574ee950aebefcef548bfb86901fde21cfb377fb6a11470615154569127eac01
57cb03293e135398ff1a169ad5229b37d35b0a1473b62ba8157bc2a2494a3327
57ce83fa60560f22f7d4c15fec730a64e2422bb45ada022caa5ae98193197e7b
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
6631d80195648b47bbe9912acde5d9930e7f311053155986ad4a8bcc86a98a14
67626ede79488938467865e8dce845b1a0edc455e8d2cb0b398adeaecca98d8e
6c8222c7ecc4c35be6c026b80306f187f2c3eae7934fba058f36e6a7fbfe7fed
70a78ca885b03772061923d5c09a66a0dab02c00277a4894e933d4b04eb41a34
70d5c45513d094e7ee22b3553952f0a228600dfbde43d810d36e46e07bf2f319
7558ca6e5702b490fe8719eff1210a67cbd8ec665bf4534a094f7c46f82cd805
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af0ce611f479e809b4e7413c44bc88e8f9ced8ab2a5d60dc6e0dc65ddef2ca7
8b11a9286e5be47f24b10baa601dec5c52dfe4f918b976141110ccdd67b6c469
97f80a04b1d32588172f10b3fb94a6a7e00a7374e8cd002a86253880b5bac4a6
a1d2bcb61802ca852d198062aa3d4e0294555fe3fdb9aeedd68c072bcc12cde8
a2a35a2fcc3801a67715658a7fa69dda8f5370f3b81b60c79cae162574e4acc7
a43c44b5b6294b72a737ac4db4b709ed0980f2533b948cb19b5dde2a794f8b3f
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a5cdad8084ab50665042d780650c34d21c14c5bc4a5824c7cb3f77a88cb232e7
a67c94f9ecf5bde19b525b445624341ea5556d0b0a8a44796c6d96cb085222cf
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acc64e0c193d93b651c2d83734a8c09091f0705ee3315df8d25e17fd28d5294a
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
cc4485e93792b78eaff636e0112e94ea871a8a6d5a981893d56d4c3a3b84fa81
d0044caa0c214bb491add850fb083f91012cad57aa0ccba0750242a70f5409ed
d300ded13e4ce03bcfb13ddaaf002d0567ede6b1e27f19a72dfedfc41f4ee304
d319a06ec32cebd7e3e48ae279d7796bd62a05e967a57f24613765e41876b5f8
d904bda7ca25053d1bc5471d5b810aad97626b657a5aa15d233f0a1d425d0ea7
d9d8c4c1f172c83fc7b5a3bf485a0456b966571041ef1a33091e8365560ea30b
d9faef73159fe8d6bef33582151bd4abe5846d81750b5161d616108f81f3c368
dbed35825fa1c87bcb4d4f30d13b52edda11bbc842e39ed90e457065a16e8a35
dfdefaa098372dbc8c766d0d5614679529343f20f9751e86c94a2638c636a7b8
e32b3dfbf170a8b11b55b2b9dceff5db1c43cef96d39ed76bf6c8c4f48caff7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d2c5b3212043f6a9642a49f9f75088174b2932c99ddb3f8243c65ec865480e
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
e94bfa35ab53708b5340bf2f17f2b3b32fb04fa8ba8e7aa1b7bedb0c10b41b9f
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe
f9238f6e2a83f8ecf16a56867b5eb8a79a263aac112d39b6d23f01a3f74a087c
fa6f22af71f6176e78755341cb5148500a9bb86515b9cc346dd4b2e5890e1bff
fe1244a9a19db22f8fcc8a0663bf6ddde0699b7d9bcd4dfbd2ffbaeae2a26b33
fe9fdcda771cbb412c6507da7ed5a121901c00a8a04907335ce07b70ebebf2ec

promotionaumaroc.com Open in urlscan Pro 2606:4700:3032::681b:b752 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

93 %IPv6

12 Domains

18 Subdomains

12 IPs

3 Countries

2536 kBTransfer

3540 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

promotionaumaroc.com Open in urlscan Pro
2606:4700:3032::681b:b752 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

93 %
IPv6

12
Domains

18
Subdomains

12
IPs

3
Countries

2536 kB
Transfer

3540 kB
Size

1
Cookies

68 HTTP transactions
0 data transactions