secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://l1l.pw/bx07y6
Effective URL:
https://secure.gratowin.com/
Submission: On November 11 via manual (November 11th 2022, 1:59:25 pm UTC) from IT — Scanned from NL

Summary HTTP 175 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 175 HTTP transactions. The main IP is 147.78.140.54, located in Bulgaria and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is secure.gratowin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2022. Valid for: a year.

This is the only time secure.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::6815:3476	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	147.78.140.9 147.78.140.9	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
62	147.78.140.54 147.78.140.54	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
27	2a00:1450:400... 2a00:1450:4001:808::2010	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:8200:c:2c6b:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:205... 2600:9000:2057:2c00:19:2a6:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a05:d018:56f... 2a05:d018:56f:b802:834:8d0e:be2f:5ebe	16509 (AMAZON-02) (AMAZON-02)
10	54.88.197.161 54.88.197.161	14618 (AMAZON-AES) (AMAZON-AES)
8	147.78.140.52 147.78.140.52	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	87.246.163.84 87.246.163.84	12578 (APOLLO-AS...) (APOLLO-AS Latvia)
14	2606:4700:303... 2606:4700:3031::6815:18a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	13.226.153.62 13.226.153.62	16509 (AMAZON-02) (AMAZON-02)
1	18.64.103.20 18.64.103.20	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.96 18.66.248.96	16509 (AMAZON-02) (AMAZON-02)
175	22

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

l1l.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3476 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

record.gwnetopartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.78.140.9 (Bulgaria) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

click.power-ppp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 147.78.140.54 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

secure.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms2.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:808::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:8200:c:2c6b:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

eue.monicaatron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:2c00:19:2a6:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2afn796dyftlg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d018:56f:b802:834:8d0e:be2f:5ebe (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pok.monicaatron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.88.197.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-197-161.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 147.78.140.52 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

analytics.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.246.163.84 (Jaunmarupe, Latvia)

ASN12578 (APOLLO-AS Latvia, LV)

anakatech.uat1.evo-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3031::6815:18a7 (United States)

ASN13335 (CLOUDFLARENET, US)

cms2.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.226.153.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-62.dus51.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-20.txl50.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-96.dus51.r.cloudfront.net

438961925528018.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	gratowin.com secure.gratowin.com cms2.gratowin.com	887 KB
29	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 storage.googleapis.com — Cisco Umbrella Rank: 398	992 KB
28	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 8769 assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 13279 438961925528018.webpush.freshchat.com	685 KB
14	netoplaycdn.com cms2.netoplaycdn.com	611 KB
8	streamygame.com analytics.streamygame.com ga.streamygame.com	6 KB
8	monicaatron.com eue.monicaatron.com pok.monicaatron.com	31 KB
7	gstatic.com fonts.gstatic.com	164 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
3	cloudfront.net d2afn796dyftlg.cloudfront.net	9 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5188	21 KB
2	power-ppp.com 1 redirects click.power-ppp.com	582 B
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 10116	25 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1662
1	evo-test.com anakatech.uat1.evo-test.com	3 KB
1	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 22077	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	94 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 712	20 KB
1	gwnetopartners.com 1 redirects record.gwnetopartners.com	918 B
1	l1l.pw 1 redirects l1l.pw	720 B
175	19

	Domain	Requested by
60	secure.gratowin.com	secure.gratowin.com
27	storage.googleapis.com	secure.gratowin.com
16	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
14	cms2.netoplaycdn.com
10	wchat.freshchat.com	secure.gratowin.com wchat.freshchat.com assetscdn-wchat.freshchat.com
7	fonts.gstatic.com	fonts.googleapis.com
7	pok.monicaatron.com	eue.monicaatron.com secure.gratowin.com
4	ga.streamygame.com	storage.googleapis.com secure.gratowin.com
4	analytics.streamygame.com	secure.gratowin.com
4	www.google-analytics.com	www.googletagmanager.com secure.gratowin.com
3	d2afn796dyftlg.cloudfront.net	secure.gratowin.com d2afn796dyftlg.cloudfront.net
3	mpsnare.iesnare.com	secure.gratowin.com mpsnare.iesnare.com
2	438961925528018.webpush.freshchat.com	wchat.freshchat.com 438961925528018.webpush.freshchat.com
2	cms2.gratowin.com	secure.gratowin.com
2	fonts.googleapis.com	secure.gratowin.com client
2	click.power-ppp.com	1 redirects secure.gratowin.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	script.crazyegg.com	www.googletagmanager.com
1	anakatech.uat1.evo-test.com	secure.gratowin.com
1	eue.monicaatron.com	www.googletagmanager.com
1	web-sdk.smartlook.com	secure.gratowin.com
1	www.googletagmanager.com	secure.gratowin.com
1	maxcdn.bootstrapcdn.com	secure.gratowin.com
1	record.gwnetopartners.com	1 redirects
1	l1l.pw	1 redirects
175	25

This site contains links to these domains. Also see Links.

Domain
www.netopartners.com

Subject Issuer	Validity	Valid
secure.gratowin.com Cloudflare Inc ECC CA-3	`2022-07-30` - `2023-07-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2022-04-29` - `2023-05-23`	a year	crt.sh
1688964705.rsc.cdn77.org R3	`2022-10-19` - `2023-01-17`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.monicaatron.com Amazon	`2022-01-10` - `2023-02-08`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
cms2.gratowin.com Cloudflare Inc ECC CA-3	`2022-07-30` - `2023-07-30`	a year	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
analytics.streamygame.com Cloudflare Inc ECC CA-3	`2022-07-31` - `2023-07-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
ga.streamygame.com Cloudflare Inc ECC CA-3	`2022-07-31` - `2023-07-31`	a year	crt.sh
*.env.evo-test.com SSL.com RSA SSL subCA	`2022-03-17` - `2023-03-15`	a year	crt.sh
click.power-ppp.com Cloudflare Inc ECC CA-3	`2022-07-22` - `2023-07-22`	a year	crt.sh
freshchat.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
freshworksapi.com Amazon	`2022-01-03` - `2023-01-31`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://secure.gratowin.com/
Frame ID: 6007F02B03C9189CB054A179B3C3CBBB
Requests: 133 HTTP requests in this frame

Frame: https://secure.gratowin.com/brand-info.json
Frame ID: 6CF05177A426D5BF3AD3217B85EB20A2
Requests: 1 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Frame ID: 61D2E3457E2C67D03A52BDB4DAA01D43
Requests: 3 HTTP requests in this frame

Frame: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=
Frame ID: 784A96410A8CAB13E6FB24616C4FB4D7
Requests: 3 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Frame ID: B44B707AE4D21C4F5845A050A0841201
Requests: 3 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Frame ID: 75815390EAD22F9C7EB22632C74F306F
Requests: 24 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Frame ID: 86ED94E69C45F637FFBB5D59CCBAF587
Requests: 3 HTTP requests in this frame

Frame: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Frame ID: DB9F45ABAEE151995C841B98BD76D485
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GratoWin

Page URL History Show full URLs

https://l1l.pw/bx07y6 HTTP 302
https://record.gwnetopartners.com/_Nra-vbUc4RzEVfCBOCm48GNd7ZgqdRLk/16/?pg=1&payload=26488&CID=115922140 HTTP 301
https://click.power-ppp.com/click/60bf5e913466e?affToken=06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk&pg=1&payload=2... HTTP 302
https://secure.gratowin.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

175
Requests

99 %
HTTPS

61 %
IPv6

19
Domains

25
Subdomains

22
IPs

5
Countries

3579 kB
Transfer

9325 kB
Size

35
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netopartners.com/
Title: Affiliates Program

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://l1l.pw/bx07y6 HTTP 302
https://record.gwnetopartners.com/_Nra-vbUc4RzEVfCBOCm48GNd7ZgqdRLk/16/?pg=1&payload=26488&CID=115922140 HTTP 301
https://click.power-ppp.com/click/60bf5e913466e?affToken=06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk&pg=1&payload=26488&CID=115922140&LP=746&referrer=&affiliateID=9017&media= HTTP 302
https://secure.gratowin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

175 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.gratowin.com/
Redirect Chain

https://l1l.pw/bx07y6
https://record.gwnetopartners.com/_Nra-vbUc4RzEVfCBOCm48GNd7ZgqdRLk/16/?pg=1&payload=26488&CID=115922140
https://click.power-ppp.com/click/60bf5e913466e?affToken=06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk&pg=1&payload=26488&CID=115922140&LP=746&referrer=&affiliateID=9017&media=
https://secure.gratowin.com/

4 KB
2 KB

331ms
204ms

Document
text/html

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48bb649b47cc5f6158ee225276553a64d7227daffae8c9218ea4871265731af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
cache-control: no-cache,max-age=0
cf-cache-status: DYNAMIC
cf-ray: 76878c1bab405c26-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 11 Nov 2022 13:59:14 GMT
expires: Fri, 11 Nov 2022 13:59:14 GMT
last-modified: Wed, 09 Nov 2022 12:55:19 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1667998519606601
x-goog-hash: crc32c=tOLyUw== md5=+UTyA2LG0RZRrLq3IoRVOg==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2918
x-guploader-uploadid: ADPycduHJTACKckEWm72P8wPgROOtAIfkZ_8SijRVcqCIWV4Ht9GNlCWYGiJ4LIJdTuCx6AnvIx1ofGfH5MdMK829i8JtQ

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 76878c19a8b8bbad-FRA
content-type: text/html; charset=UTF-8
date: Fri, 11 Nov 2022 13:59:14 GMT
location: https://secure.gratowin.com/#/lobby?Inc=120193525&affToken=06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk&pg=1&payload=26488&CID=115922140&LP=746&referrer=&affiliateID=9017&media=&ABClicks=1&shorten_link=5bc7025150425&shorten_target=11133&flow=register&netoClickId=636e55325e0f95c441c2645c
rd: err: No redis
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 84ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7e8c0838d21cf95ca8c25ac55696f1c10d99491e9c7fc606126ade7a3890918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 13:59:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 13:59:14 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 113ms
53ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 23270
cdn-cachedat: 08/04/2021 00:04:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 291155c564a8317f49b30b4b12a3a127
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76878c1d4f90bbf1-FRA
cdn-requestpullsuccess: True

GET
H2 200 dot-pulse.css
secure.gratowin.com/ 4 KB
1 KB 54ms
53ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/dot-pulse.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2914
x-guploader-uploadid: ADPycdux0fyqbmUFsDU4_9UZXwbu4WNsD5n-uXPpQTtiLC7wKtQUvunSjpfYDhR8WM9Cn-Qu27KJBy9Y7DO7G8ukXQ3t31nbF2dp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 30 May 2022 08:22:10 GMT
server: cloudflare
etag: W/"63ec6ad3f23feea868bb8ad6eb2c62d1"
vary: Accept-Encoding
x-goog-hash: crc32c=Z/NCrA==, md5=Y+xq0/I/7qhou4rW6yxi0Q==
x-goog-generation: 1652707997437993
content-type: text/css
cache-control: public, max-age=14400
x-goog-stored-content-length: 4542
cf-ray: 76878c1cfe705c26-FRA
expires: Fri, 11 Nov 2022 17:59:14 GMT

GET
H2 200 offline-js-script.js Show response
secure.gratowin.com/ 16 KB
4 KB 90ms
89ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/offline-js-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aae23685ad6563cbbb3e33632fb29c31078254370c57be634b7a80f173ce708

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2914
x-guploader-uploadid: ADPycdsmSN93F1M5Tise23MOAS7Z7vKScUX7aWoRbfMW2Bgp4cxK7JqtY1WxXZTVuD1NZRPzXez8EzTA_fykzWF9ikyZOg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:44 GMT
server: cloudflare
etag: W/"1eda92aed77dbe82805bdea3a910830e"
vary: Accept-Encoding
x-goog-hash: crc32c=gzFIHw==, md5=HtqSrtd9voKAW96jqRCDDg==
x-goog-generation: 1664785549304022
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 16008
cf-ray: 76878c1cfe8c5c26-FRA
expires: Fri, 11 Nov 2022 17:59:14 GMT

GET
H2 200 390.530f4d223693e6ae5560.css
secure.gratowin.com/ 90 KB
26 KB 55ms
54ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/390.530f4d223693e6ae5560.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b73da20b1f30c7ab6d927eb975f42a172d016f7690bce5abd5082feb73cad23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 575
x-guploader-uploadid: ADPycduyn5DwTZMHEbRcIARlTMDd2Y8bvsNQqURzgAYXIjT3mCKX3AV_v0TgzcH00dYuXCrWBhdNjko6AMcSj3ykE7erbrSeDQvH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:41 GMT
server: cloudflare
etag: W/"b34f390b1a5f2432aefd283159436b4d"
vary: Accept-Encoding
x-goog-hash: crc32c=XbYdPg==, md5=s085CxpfJDKu/SgxWUNrTQ==
x-goog-generation: 1667998481476628
content-type: text/css
cache-control: public, max-age=14400
x-goog-stored-content-length: 92024
cf-ray: 76878c1cfe785c26-FRA
expires: Fri, 11 Nov 2022 17:59:14 GMT

GET
H2 200 main.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 2 MB
471 KB 91ms
90ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/main.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f94145801e9c75b596991161163237251c7e3e8e9321d95425897164f4d5bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdtHAlch9MpDm3v_q60s6InekgRYwiVK-V639Qn_pCQo2xnRL-YvojlKAct-eh97tghaiPzGbOWY-zdS6entvtxezLxzJajF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:31 GMT
server: cloudflare
etag: W/"9b6149bef2302d1a0e4f8aa98e799c1d"
vary: Accept-Encoding
x-goog-hash: crc32c=fbFwLg==, md5=m2FJvvIwLRoOT4qpjnmcHQ==
x-goog-generation: 1667998471069265
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 1890269
cf-ray: 76878c1cfe8d5c26-FRA
expires: Fri, 11 Nov 2022 17:59:14 GMT

GET
H2 200 runtime.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 6 KB
3 KB 72ms
71ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f31a2bf1b8f72bad7377bad16c9d2ea2ed4ed35434926a5ab659559d8fd4b143

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 575
x-guploader-uploadid: ADPycdtZwSl8AsWFy8iWw6jPAZDIXuRaKoeFnFqBz4S62dZR4uRXEluo8dbOpRldbscNiXcQ2ZbpUk1-YrJjNU29r6vQHw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:48 GMT
server: cloudflare
etag: W/"bcc02f3a29e6bfc54c53313667e4cb6a"
vary: Accept-Encoding
x-goog-hash: crc32c=F4rC0A==, md5=vMAvOinmv8VMUzE2Z+TLag==
x-goog-generation: 1667998488399803
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 6369
cf-ray: 76878c1cfe8f5c26-FRA
expires: Fri, 11 Nov 2022 17:59:14 GMT

GET
H2 200 1_pixel.png
secure.gratowin.com/assets/images/ 2 KB
2 KB 44ms
43ms Image
image/png 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/images/1_pixel.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
cf-cache-status: HIT
age: 2914
x-guploader-uploadid: ADPycds9eNAwqz57hWbFiPMRk1deidxJ2TTip9qv3b3XcVFWRGLbxITV6t-Ywd1WK9hrsyfKQ53x1IHQ-XiSpngPSa9FSWEr841r
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1943
last-modified: Mon, 30 May 2022 08:22:19 GMT
server: cloudflare
etag: "f0601ed2d0bef14ed7ce4793b13a670b"
vary: Accept-Encoding
x-goog-generation: 1652708007878653
content-type: image/png
x-goog-hash: crc32c=hQGYGw==, md5=8GAe0tC+8U7XzkeTsTpnCw==
cache-control: public, max-age=14400
x-goog-stored-content-length: 1943
accept-ranges: bytes
cf-ray: 76878c1daffb5c26-FRA
expires: Fri, 11 Nov 2022 17:59:14 GMT

GET
H2 200 freshchat-script.js Show response
secure.gratowin.com/ 898 B
779 B 86ms
85ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/freshchat-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a134462a1251b71b1d5b1f5637362c79bcf549cbf055ece97ffa9379bebdcc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ADPycds3_yRJqrFWXQIWp8Tf3tOdI8qmbNZS-1jsuaB3ymdXIvJN13Yq1CCkuMEgi6OQqHUmc9G0SNFbwMZRi4loVvVe-8zSpbcD
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:55:19 GMT
server: cloudflare
etag: W/"aa68e402e7120bdd9400f3110495f847"
vary: Accept-Encoding
x-goog-hash: crc32c=1MlbWQ==, md5=qmjkAucSC92UAPMRBJX4Rw==
x-goog-generation: 1667998519601638
content-type: application/javascript
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 898
cf-ray: 76878c1db8285c26-FRA
expires: Fri, 11 Nov 2022 13:59:14 GMT

GET
H2 200 iovation-script.js Show response
secure.gratowin.com/ 5 KB
2 KB 55ms
54ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/iovation-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd039d1d5621472a25b228ca3f48c08aef9cabf180e982530cd84a3abc04555

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2914
x-guploader-uploadid: ADPycdvkNOTNaKyicnpvjvyPiFCR30Ki4RqZDGUVXDpQDpIHR4n-Ikd8SMygWvU4J6hZY9wcXGrQcgKK2WBy8ROMTzcutb5pKzdT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 16 Aug 2022 05:50:20 GMT
server: cloudflare
etag: W/"76098bc71cf65bf3e16dcba0dd42b6ec"
vary: Accept-Encoding
x-goog-hash: crc32c=OvAm8g==, md5=dgmLxxz2W/Phbcug3UK27A==
x-goog-generation: 1660629020266186
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 5514
cf-ray: 76878c1db8295c26-FRA
expires: Fri, 11 Nov 2022 17:59:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 377 KB
94 KB 134ms
62ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4c5f23e836cb6037f657e883c28f76ea4a587c1df83706e2468a3d6f20505ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95807
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Nov 2022 13:59:14 GMT

GET
H2 200 brand-info.json Show response
secure.gratowin.com/ Frame 6CF0 810 B
631 B 82ms
81ms Document
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/brand-info.json
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2627
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 76878c1dc8395c26-FRA
content-encoding: gzip
content-type: application/json
date: Fri, 11 Nov 2022 13:59:14 GMT
etag: W/"2591ae3250ac9433c6a7e9ab77315c90"
expires: Fri, 11 Nov 2022 14:15:27 GMT
last-modified: Sun, 03 Jan 2021 08:59:18 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1609664358830795
x-goog-hash: crc32c=uP0vxg== md5=JZGuMlCslDPGp+mrdzFckA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 810
x-guploader-uploadid: ADPycdu4ShThrGVvI5PXtb02Uf6NLnPO5KZ_fZPdzoChSbVzj2nrvsXmWK3-P5525nvwL6VJip_r58NSIUB1ajiDQ0WxWLiJq1XN

GET
H2 200 invisible.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 61D2 33 KB
16 KB 32ms
31ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be95d333e3058c6d1a25cff241c561a4ec61e4370500b2b872b6da74a4ab29d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76878c1de8785c26-FRA

GET
H2 404 static_wdp.js
secure.gratowin.com/iojs/general5/ 0
0 89ms
89ms Script
application/xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/iovation-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:14 GMT
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
x-guploader-uploadid: ADPycdstnIbjI7FNoiVbejZAMcDsaSJL-i-fsGPCPPXpJFa9q2wmYJrrMyaDGImQJi70gxdV5wJWtbXCU2QFlvaYF9j8UNDpUNtN
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 76878c1e190a5c26-FRA
expires: Fri, 11 Nov 2022 13:59:14 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 41 KB
19 KB 133ms
33ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/iovation-script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

94439ce51d3eb2aaea835d40996d194f4c7b8aa3af7310161a90526d10843137

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Nov 2022 13:59:15 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H2 200 appData Show response
secure.gratowin.com/playerapi/ 22 KB
6 KB 315ms
315ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appData?language=en&device=DESKTOP&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fcdc5a2c897577bd56fd4acb50088f03dcf672b6781e1d8210c308d284d6e083

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"57c1-RWEFTvpoYz93k31qu2JgzhryZwk"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c1f5c095c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 appStaticData Show response
secure.gratowin.com/playerapi/ 2 KB
1004 B 973ms
972ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appStaticData?language=en&device=DESKTOP&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8a0e3d7ad35501062f2b9632e7880f2ff9b3a38647d303f87a31bc86552d861d

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"766-DzEIviAmdI0dudTgxqrSJ+h01mA"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 76878c1f5c145c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 3 KB
2 KB 151ms
20ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.530f4d223693e6ae5560.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

bd77d85cc719bb6675abad344ae7bf39820775b384bdaaef26ae31e0cf283a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 11 Nov 2022 13:59:15 GMT
strict-transport-security: max-age=31536000
content-encoding: br
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 208
x-77-nzt: AcO1qhGCY87/0AAAAA
x-accel-expires: @1668175547
last-modified: Fri, 11 Nov 2022 12:02:08 GMT
server: CDN77-Turbo
etag: W/"636e39c0-bd1"
x-77-nzt-ray: ffffffffc810f4d933556e63ca235a0e
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 pica.js
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 61D2 18 KB
8 KB 38ms
37ms Other
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12fbe4645768d7523178517ffcaf9773204dac1956b74723b93353b8ebf27338

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76878c1f7c485c26-FRA

GET
H2 200 en.json Show response
secure.gratowin.com/i18n/lang/ 202 KB
45 KB 179ms
178ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/i18n/lang/en.json?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e88b451a65908ecf2d5c5c2a87c2e4b7f54d0d0b5c364f9eb17dd2000a9c867

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-guploader-uploadid: ADPycdsuBUr29UD5i4NvuxCxN6SPX7JEsv1biwSTUqYixUhZy-eLI99kt5JL5tSTESz7bKiEjp7cHctcRglwaEyzi8C_RQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:55:24 GMT
server: cloudflare
etag: W/"b386e3869ac65468eb129f064d461fe9"
vary: Accept-Encoding
x-goog-generation: 1667998524795484
content-type: application/json
x-goog-hash: crc32c=NLibPw==, md5=s4bjhprGVGjrEp8GTUYf6Q==
cache-control: no-store,no-cache,max-age=0
x-goog-stored-content-length: 207035
cf-ray: 76878c1f7c625c26-FRA
expires: Fri, 11 Nov 2022 13:59:15 GMT

GET
H2 200 8.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 11 KB
12 KB 89ms
22ms Image
image/png 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/8.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:52:25 GMT
age: 410
x-guploader-uploadid: ADPycdsUWmgzn1TkdfTFwPTOhTLkns8SSlcX9weyyfLux0d__MWX6AtcGEbkZZ7MAVBbeOGz_C29pltUIGlyYgW6y8fb-g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11475
last-modified: Mon, 14 Dec 2020 09:52:31 GMT
server: UploadServer
etag: "21a5358c0ea98af8a9aa561c2bffb91d"
x-goog-generation: 1607939551876388
x-goog-hash: crc32c=uYCRdA==, md5=IaU1jA6pivipqlYcK/+5HQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 11475
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:52:25 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.5.0/ 505 B
924 B 31ms
31ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.5.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ff4f33c28cd3477035b503fb39b248b8cf84eab7685ab73859bb27d35055e51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:15 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sat, 11 Nov 2023 13:59:15 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 45ms
31ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.7419456281159897

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a23594bf288597e328514af60f0c11c542167e50fbdeb2be055d0392e8e9d29c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Fri, 11 Nov 2022 13:59:15 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ff2cb211279275e2c0d3cbfc21123537.js Show response
eue.monicaatron.com/sxp/i/ 79 KB
29 KB 147ms
27ms Script
text/javascript 2600:9000:2315:8200:c:2c6b:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eue.monicaatron.com/sxp/i/ff2cb211279275e2c0d3cbfc21123537.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8200:c:2c6b:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: fb30356afb32fb181406ee8e553ef3331c06ab3c5725cd8ac2dd557d5686684d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 07:14:05 GMT
content-encoding: gzip
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: DUS51-P2
age: 39428
etag: "13cde-vgYwW6iR6yLeXVURkoosFGJyTUM"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 29670
x-amz-cf-id: 8q_bnnPyA0J6G_zmgVqyHP3EYCfi9VherIWn1QgM0ao6LxwXXU-u8w==
expires: Fri, 11 Nov 2022 15:02:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 13:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 11 Nov 2022 15:15:54 GMT

GET
H2 200 oapit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 35 KB
7 KB 91ms
23ms Script
application/javascript 2600:9000:2057:2c00:19:2a6:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2c00:19:2a6:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27675ea031f0d8c57d6be647474797e75fea9270f941d47c6411aada4f18045d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:55:47 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Tue, 09 Aug 2022 10:27:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 228
etag: W/"f19b8c15b9951fc07f566241735877e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2Lo6wFuXP8KrMpv3MW8Wzhgd3ldRQFcflKtKucx3qcVry02RelHNzw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
146 B 28ms
26ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=987200809&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F&ul=en-us&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=763948560&gjid=1429771652&cid=982017774.1668175155&tid=UA-27702367-6&_gid=337736107.1668175155&_r=1&gtm=2wgb90KSBWD3B&z=1952487109

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 13:59:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 20ms
20ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=987200809&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F&ul=en-us&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageView&ea=PageView_Platform_Secure&el=%2F&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=982017774.1668175155&tid=UA-27702367-6&_gid=337736107.1668175155&gtm=2wgb90KSBWD3B&z=295775497

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 22:38:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55216
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pushreg.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
942 B 23ms
22ms Script
application/javascript 2600:9000:2057:2c00:19:2a6:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/pushreg.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2c00:19:2a6:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ff8f0c174db748442f0760616142b2f6e4f1d9bbb03078a45b6f143c65c2fee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:55:49 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Mon, 10 Aug 2020 09:23:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 219
etag: W/"8c8a277b7efff9b15eab1545ef7be1fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RiE3__NTC9Uvj0hv2FGogJ2KxLYpF8RxQPzEL6yGpOLJ1rwbtdQiIw==

GET
H2 200 oapi-heartbit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
1 KB 22ms
21ms Script
application/javascript 2600:9000:2057:2c00:19:2a6:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapi-heartbit.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2c00:19:2a6:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:55:49 GMT
content-encoding: gzip
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
last-modified: Tue, 12 Oct 2021 12:03:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 218
etag: W/"95ada3efe9ca8f8c93d082b428af1d4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JJlbscKDtuK351a2VZC0ovxeSGO2JcvqztPLJ_gH9A693S10vNz3-A==

GET
H2 200 vendors~Cashier~GameFrameValidations~Lobby~StartSessionModal.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 13 KB
5 KB 53ms
51ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Cashier~GameFrameValidations~Lobby~StartSessionModal.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1654ffc9517eac6a8465347cc574e70fd552b9f621330d46f21bd1d17bffd71

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdv-M0jnDLm9MdmeOvtL7P4XvggMqx6r4CBbDXovdwIkMX0chhItR4QShtmBDC6pN3LIJ6CwLnpVOCiGdG024-wQExZgZ4Rl
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:43 GMT
server: cloudflare
etag: W/"79251397402e6acc53889a67f6243662"
vary: Accept-Encoding
x-goog-hash: crc32c=4Eypdg==, md5=eSUTl0AuasxTiJpn9iQ2Yg==
x-goog-generation: 1667998483334245
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 13788
cf-ray: 76878c20cfe85c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 vendors~Cashier~GameFrameValidations~Lobby.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 17 KB
6 KB 49ms
47ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Cashier~GameFrameValidations~Lobby.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17001aa0a8eb7c800393a5368355d4cfc3d67d7ce9cd5d60aa6f8a689eb90183

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdtQ76sE4swCTE73zylNo7LSArZ0XqJe8YXnWBF16QBKlu98BYzfmRfX22njszAkYEACx4KWE5EDK-1bed_RTC0xYg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:44 GMT
server: cloudflare
etag: W/"0bc5e07592c93dde5278bda5a97bf06a"
vary: Accept-Encoding
x-goog-hash: crc32c=X++Ndg==, md5=C8XgdZLJPd5SeL2lqXvwag==
x-goog-generation: 1667998484928530
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 17046
cf-ray: 76878c20cfee5c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 vendors~Lobby~Slider.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 57 KB
15 KB 51ms
49ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Lobby~Slider.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c056e1acd999d799c48f5b6c19ae662043900459e8adf37d7b96264164a9fbfc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycduqHgiZk9nEh5XSATE7qsH_RzM1M3kjbcDs13h_jmfBNuUBjoQH5NxGB8NoKY3ZXAEUTLVeGuC6ZFFrBAqYp01B1MuTL51o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:29 GMT
server: cloudflare
etag: W/"229c8fba2f7f8ff0282020cec39d3cdd"
vary: Accept-Encoding
x-goog-hash: crc32c=EC79Pg==, md5=IpyPui9/j/AoICDOw5083Q==
x-goog-generation: 1667998469245073
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 57986
cf-ray: 76878c20cfef5c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 vendors~Lobby.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 14 KB
5 KB 50ms
48ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Lobby.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0d44d47275fb3b3e130875e1d235173d55126ff9b62c4982d03a3eb173931e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdsC3cqIk85VP5sjl0Hyd_2JjCTvV3CEd7Zk04F69Ocp-5Ft2LNecxgJ0v1fRlMlLBWUuF1O5KQBHevyaLF15Pj4Sw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:37 GMT
server: cloudflare
etag: W/"cd2b52f06d989071964ba85f408a1cc2"
vary: Accept-Encoding
x-goog-hash: crc32c=XCTNyg==, md5=zStS8G2YkHGWS6hfQIocwg==
x-goog-generation: 1667998477554524
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 14484
cf-ray: 76878c20cff05c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 362.530f4d223693e6ae5560.css
secure.gratowin.com/ 122 KB
17 KB 46ms
45ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/362.530f4d223693e6ae5560.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8967bb1e45a846acb8c1d1d953a65a65a7ac2ee4a67cf6ca608186e3f59a4388

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdv4SYkbtZOxqTmDVAvwWbVb3juM7C35bhyArTKyWgqNr60EnwdZChcvglK4C19Uzma8P0MOwEyfUlH974wWJXp6nQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:31 GMT
server: cloudflare
etag: W/"2986bcf1a52a21be16ff8ffa34e3bed6"
vary: Accept-Encoding
x-goog-hash: crc32c=e4ANFA==, md5=KYa88aUqIb4W/4/6NOO+1g==
x-goog-generation: 1667998471536315
content-type: text/css
cache-control: public, max-age=14400
x-goog-stored-content-length: 124754
cf-ray: 76878c20cfec5c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 Lobby.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 239 KB
70 KB 47ms
46ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/Lobby.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fecf2d49f1501ed257517820737dd30ac677a727f7a926cd1781006e37b66071

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycduFIH0Xkp7eZL-WD-mZ1S-P7-26nvqFvK9ErcaDahYcTs6d1wJWarji4nfYevGeIKNVKXiZ7TW1YRqlVj5WCzAeq0-qn5rY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:49 GMT
server: cloudflare
etag: W/"2d0964533bf3e9f6f0bfa69f403a2526"
vary: Accept-Encoding
x-goog-hash: crc32c=0DYmnA==, md5=LQlkUzvz6fbwv6afQDolJg==
x-goog-generation: 1667998489633185
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 245154
cf-ray: 76878c20cff15c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 refreshToken Show response
secure.gratowin.com/playerapi/ 29 B
183 B 317ms
316ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/refreshToken?device=DESKTOP&language=en&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1d-8FgmlGBAlsa83L78oaBAOCRXFa8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c20cff25c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 ct Show response
pok.monicaatron.com/ 4 KB
2 KB 137ms
47ms Script
text/javascript 2a05:d018:56f:b802:834:8d0e:be2f:5ebe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pok.monicaatron.com/ct?id=25827&url=https%3A%2F%2Fsecure.gratowin.com%2F%26cq_aff%3D9017%23%2Flobby%3FInc%3D120193525%26affToken%3D06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk%26pg%3D1%26payload%3D26488%26CID%3D115922140%26LP%3D746%26referrer%3D%26affiliateID%3D9017%26media%3D%26ABClicks%3D1%26shorten_link%3D5bc7025150425%26shorten_target%3D11133%26flow%3Dregister%26netoClickId%3D636e55325e0f95c441c2645c&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1668175155444&hl=2&op=0&ag=1563651821&rand=132585252622225265171111815056182412753915810214219711605566131711605955660&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM0OTNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMSwwLDMsMCwwLDcsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw3Il0sWy0xLCItIl0sWy0yLCI1LGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJISkw4NkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9yODcwdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJwYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJdLFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI5ODIwMTc3NzQuMTY2ODE3NTE1NSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjoyMTcwMDAwMCxcInVqaHNcIjoxODIwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlswLDkuNywwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2NjgxNzUxNTUzOTEsMF0iXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstMzgsImksLTEsLTEsODQwLDAsMSwwLDQyLDg1LDIwNCwtMSwwLDEzMjYuMSwxMzY0LjMsMTg2NywxODY4Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDNdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiRXRjL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFstNTAsIi0iXSxbLTUxLCItIl0sWy01MiwiLSJdLFstNTMsIjEwMCJdLFsiZGRiIiwiMCw0LDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDEsMCwzLDQ0LDAsMSwwLDEsMCwwLDAsMCJdLFsiYm5jaCIsODJdLFsiYWJuY2giLDgyXV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=GrcUJvDv6k&pto=1921&ver=48&gac=982017774.1668175155&mei=&ap=&duid=1.1668175155.hw2mMLcO2tBF0gMV&suid=1.1668175155.SjEqc7YLGOg1HhbS&tuid=1.1668175155.2jMEwXNlkEMrJQTz&fbc=-&gtm=W10%3D&it=29%2C1621%2C151&fbcl=-&gacl=&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: eue.monicaatron.com
URL: https://eue.monicaatron.com/sxp/i/ff2cb211279275e2c0d3cbfc21123537.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 330ebd7c8983ac1ddd4d31dc45ad365c55c85efc17addb97a4937095c01ce8f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Fri, 11 Nov 2022 13:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1354
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 76878c1bab405c26 Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 61D2 2 B
338 B 67ms
66ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/cv/result/76878c1bab405c26
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 76878c22cd1c5c26-FRA
content-type: text/plain; charset=UTF-8

POST
H2 200 getAll Show response
secure.gratowin.com/translations/ 1017 B
552 B 88ms
88ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/translations/getAll?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7592f557ccef92c4ed1960c97ec10e098d49008a6f8cb0717453b87d42f5bf56

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"3f9-Ef4TVzs1wwywNyU5FHJudGMIEkI"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 76878c22ed585c26-FRA

GET
H2 200 JackpotAnimation.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 6 KB
2 KB 214ms
213ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/JackpotAnimation.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31180d2c49fe6cf169ab806293b099975605ec8771a1015ef893a551b0c68d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdsh6Zo8pS68HI-dDKpYn5RG1fLMrbdXIbLFcRH-ajKtdfrFNQigHvw48p-OhiwmHbCzEq-3rdk1O07lUBGabk0MSA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:28 GMT
server: cloudflare
etag: W/"3c4fe177d05235759cf33c4ed0aa3b48"
vary: Accept-Encoding
x-goog-hash: crc32c=Fb+Mwg==, md5=PE/hd9BSNXWc8zxO0Ko7SA==
x-goog-generation: 1667998468140481
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 6413
cf-ray: 76878c22fd845c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 BonusAnimation.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 8 KB
3 KB 40ms
39ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/BonusAnimation.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07bdc83a52df59d810bef733e5c3b869f596f55b748539c2043bcd42cf40bec0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdsb76SG1lhkFJFGN8N3uP2Y6_dIJNQK58ZfUY6M3TO4IhhXTtCHyHbsHBNIaBcw2H6lOIoyHpKQJQo2nka6lKpZNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:29 GMT
server: cloudflare
etag: W/"f8425696a3a00afb05d423da9474584e"
vary: Accept-Encoding
x-goog-hash: crc32c=MpGJZQ==, md5=+EJWlqOgCvsF1CPalHRYTg==
x-goog-generation: 1667998469377055
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 8253
cf-ray: 76878c22fd865c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 LimitNotification.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 5 KB
2 KB 44ms
44ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/LimitNotification.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6659e42a82f6cc4c326142b361755aa8b6119e78b7fb83c017361da7b407f7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1992
x-guploader-uploadid: ADPycdvXfBbbTx7osX-w1oxVvT3izpe7bMfbs2n8hw6IN1Sovj0ZPktj2jMCMozp9MKAjHEclpzDrz2FBm6bE6sxIUNF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:33 GMT
server: cloudflare
etag: W/"59d86579f092975b81827fb43e93f2af"
vary: Accept-Encoding
x-goog-hash: crc32c=327b9g==, md5=WdhlefCSl1uBgn+0PpPyrw==
x-goog-generation: 1667998473466726
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 4805
cf-ray: 76878c22fd8a5c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/slider/ 19 KB
5 KB 1179ms
1091ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/slider/?lang=en&brandId=8&playerType=0&lobbyTemplateId=3&selectedGameTab=1&isLoggedIn=false&affiliateId=9017&ABClicks=1&CID=115922140&Inc=120193525&LP=746&affiliateID=9017&flow=register&media=&netoClickId=636e55325e0f95c441c2645c&payload=26488&pg=1&referrer=&shorten_link=5bc7025150425&shorten_target=11133&affiliateToken=1&affToken=06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk&eventStartDates=1668427200000&eventEndDates=1669075140000&eventWinnerEndDates=1669507140000&eventTypes=7&activityType=T&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d89df419e485367e2399d0d2474b49a8f607fe1bf7e338eabf67a2be2e92ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 76878c23ef6a91d8-FRA

GET
H2 404 logo.png
secure.gratowin.com/undefined/brands/null/ 3 KB
3 KB 152ms
152ms Image
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/undefined/brands/null/logo.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462c2fdf29d6d8a845147098b8018eb0c6721811ea5f3fb3b064d38444fe87cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ADPycdu_4fpEHmrBe43WbUtCVRLk0gpKWrSR2DlcSJQQVs1Zpc-tDI-BVR_zfOkVZRvcx80UFFknrfGcAeBMArr-qeizFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:55:19 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1667998519606601
content-type: text/html
x-goog-hash: crc32c=tOLyUw==, md5=+UTyA2LG0RZRrLq3IoRVOg==
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 2918
cf-ray: 76878c236e5f5c26-FRA
expires: Fri, 11 Nov 2022 13:59:15 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924

Request headers

Referer
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H2 200 getRecentWinnings Show response
secure.gratowin.com/playerapi/recentWinnings/ 3 KB
812 B 347ms
347ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/recentWinnings/getRecentWinnings?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9448ebe31f31f5d30a90e19e035fb88fae6a9b1c774bb4a62b43f37867713306

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"ae9-lIIooTg/V8NohvCJSlBVpFDmXKU"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c237e7a5c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.gratowin.com/playerapi/games/ 216 B
405 B 273ms
272ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"d8-JgpI/fzMDIZ27W48J+QlmA3pDJY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c237e885c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.gratowin.com/playerapi/games/ 216 B
246 B 273ms
272ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"d8-JgpI/fzMDIZ27W48J+QlmA3pDJY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c237e8a5c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 joinNow-icon.svg
secure.gratowin.com/assets/internal-icons/ 402 B
578 B 38ms
36ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/joinNow-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1991
x-guploader-uploadid: ADPycduFvvBWn0as6NCowbAaILsgZrAO_sfj-YuNIyePzMaT9JXH1oewKIWxTFg-55IionxBXLqjwHBS5Dc4XoEPhM6ZLOvJrRZp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 28 Jun 2022 12:42:52 GMT
server: cloudflare
etag: W/"fcf6455fb9d2e83224da551cc3054ff6"
vary: Accept-Encoding
x-goog-hash: crc32c=7BBWuA==, md5=/PZFX7nS6DIk2lUcwwVP9g==
x-goog-generation: 1656420171986440
content-type: image/svg+xml
cache-control: public, max-age=14400
x-goog-stored-content-length: 402
cf-ray: 76878c23bf185c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 login-icon.svg
secure.gratowin.com/assets/internal-icons/ 510 B
557 B 53ms
51ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/login-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1991
x-guploader-uploadid: ADPycdu8hmXRgO0sFyGB7DLwsuqT0yPmUztgMVHGjcNXacqP6LAlpzQ26VyxdBKsfRIukqhMlZ6xO3-q5EJIWd9CAJDvrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 03 Oct 2022 08:25:59 GMT
server: cloudflare
etag: W/"0ca8fb0f2089abf726d203bee36c8cbc"
vary: Accept-Encoding
x-goog-hash: crc32c=UXvSvQ==, md5=DKj7DyCJq/cm0gO+42yMvA==
x-goog-generation: 1664785559130709
content-type: image/svg+xml
cache-control: public, max-age=14400
x-goog-stored-content-length: 510
cf-ray: 76878c23bf1d5c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 promotions-icon.svg
secure.gratowin.com/assets/internal-icons/ 1 KB
893 B 51ms
49ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/promotions-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2913
x-guploader-uploadid: ADPycdv1PToQHtwr3d7PuEuZ8pua-WOqPhMfalvS6B2QjHKFbyUvQ8EYKEZBy1-kcvIZ-hgrg0t8kHbw04Qpvbn8fLCpcHu4uI_K
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 30 May 2022 08:22:14 GMT
server: cloudflare
etag: W/"9761427b1a19bf0f0d615356a9ea92a7"
vary: Accept-Encoding
x-goog-hash: crc32c=hjcbWg==, md5=l2FCexoZvw8NYVNWqeqSpw==
x-goog-generation: 1653483386285146
content-type: image/svg+xml
cache-control: public, max-age=14400
x-goog-stored-content-length: 1412
cf-ray: 76878c23bf205c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 vipClub-icon.svg
secure.gratowin.com/assets/internal-icons/ 529 B
704 B 47ms
45ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/vipClub-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2913
x-guploader-uploadid: ADPycduscTuCz8VEBoLxCy17CvFAKFFK73XzcDfM2te57TMqk945F8bMYeCuYBXfVQuMW7WphYTeqw9gI0pADi8M8YHTDyWQQ8QR
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:56 GMT
server: cloudflare
etag: W/"725a97efe97819c4531fbe67de1b54c9"
vary: Accept-Encoding
x-goog-hash: crc32c=aXyrag==, md5=clqX7+l4GcRTH75n3htUyQ==
x-goog-generation: 1664785558329992
content-type: image/svg+xml
cache-control: public, max-age=14400
x-goog-stored-content-length: 529
cf-ray: 76878c23bf225c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 banking-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
1 KB 51ms
50ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/banking-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1991
x-guploader-uploadid: ADPycdsuFCsTIW1-TRhysjE7A-l9REottCjPixZidWoImkFrW7ud8VIU9xF1fDLAgli9Tz88EfczGHkiKkSZfGKe6zZ_EvD1Vrn6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Sun, 29 May 2022 06:57:16 GMT
server: cloudflare
etag: W/"97b0c09efe576a5c2df1da456faceec4"
vary: Accept-Encoding
x-goog-hash: crc32c=zejJ6A==, md5=l7DAnv5Xalwt8dpFb6zuxA==
x-goog-generation: 1652708003026297
content-type: image/svg+xml
cache-control: public, max-age=14400
x-goog-stored-content-length: 2300
cf-ray: 76878c23bf245c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 contact_us-icon.svg
secure.gratowin.com/assets/internal-icons/ 522 B
583 B 49ms
48ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/contact_us-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2913
x-guploader-uploadid: ADPycdskUWOL4wBrjBx-eS5ROy7hYkqlhuC-DQBrw5QjmEWbaqRO71LnECd1jG-InjJ3kaAz1pbbvHv4OWhkmjIlgAroPaPzyA0v
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Mon, 30 May 2022 08:22:14 GMT
server: cloudflare
etag: W/"b48b2b51825c35ae80e02c41711e7c68"
vary: Accept-Encoding
x-goog-hash: crc32c=fs4Iyg==, md5=tIsrUYJcNa6A4CxBcR58aA==
x-goog-generation: 1652708002363127
content-type: image/svg+xml
cache-control: public, max-age=14400
x-goog-stored-content-length: 522
cf-ray: 76878c23bf265c26-FRA
expires: Fri, 11 Nov 2022 17:59:15 GMT

GET
H2 200 tc_imp.gif
pok.monicaatron.com/tracker/ 43 B
79 B 34ms
33ms Image
image/gif 2a05:d018:56f:b802:834:8d0e:be2f:5ebe
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pok.monicaatron.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136ce6c632ef468f989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5c14856f2017071a10acf9f29f671a87d28006256b1cab2c2455803c8e36960d390676c25b550c670509c7ba6c4f77be26bb25cb43e2913bf05365ad5c7b721bdf53ec46f4c6d7dd3bbb2807ff7bcaa8556d8e0e3143714493d60264f260b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a5938677a0d8dd5aef489d593e72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7dfe961d32ba8aff25860fac46b6d71b961d999c77cc6e33c0cf768d3696d3edf49df3f1477fe425b4b3f2284d26f9913f82be50eb0102419457459a9384c9d6ec827ccd3ad388b89d73e2307a398b356f9587ac4d23d4b728f952b2d200987aaf7d59167fc037e05e8c95fd24e9d0689058e48bd8ed6a875e4832af0a315d6c6d4efa9f558344cff9dc0df68c2afcba09f684bcc6789cb6d7716f3a9aec01179fa50a410cf9efe46ba63c9ee254f99357c671a130905ad616d6ac3cd16647e9a99660297d35557f491e42e8ec9a3d8454ee1917126dadcd3bd291180df9ae82efe83593e0f28df48bf3a818147ff64690f50131c1073045b83f042f37fb7efd251ec2e9c4628f60d3278ebd6f95e74fdd2e514e64533e44c984e9da3d7a56990e13c98c9eb6f29f045cddf4e83f8091263f87a14e653aa2e88d5b27b421d05a9a19e13ace128dc116abbe36e3c88ad49c4231fdfc2937d764ac8cacb954c93d77495b86624053b8bf4ddcfe1ed8e7e7da48dfd595390f2b55fb6cb90fae49a0c33cc067016314786f75f3489293600dab65d2f4ad6098cb0dcc2761b303227dd9b1865b1eb72eab9c1ac859231c58eb6a5fdef682368f2e6a888f01a8d7dfff8145dd5a513c14f4712d539b950d59bf2efbec977ffc8fb55b0338db3e320216d2054cf4dbb20a1bfb616dd095815dcad7b3d35a27b22ca6016a57d053257fd1cc19428dd2ffcbe1b413fd27a06ed748dd9d5681b4ac393dfd875ec398b8bac5f4d3cc314792be6257c642ee59e25ca5965da898b0b363ae9496bda212699ef3e7e042c75280531167136dcf8e5a6ca924b95abcf641d240299a350cad22af9c3b31fc33621b579dead92b83d35f257c4629d5c1dfe0ef5dd17dc5f0694bebc06c696f0b7b252da163e5e9713c93bbc287a0ffb4a6bcd33abbb6f35f582118312e73380a98040159a9f0b8b9&cri=GrcUJvDv6k&ts=342&cb=1668175155786
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Fri, 11 Nov 2022 13:59:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 404 left-background.jpg
secure.gratowin.com/undefined/brands/null/ 3 KB
3 KB 133ms
132ms Image
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/undefined/brands/null/left-background.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462c2fdf29d6d8a845147098b8018eb0c6721811ea5f3fb3b064d38444fe87cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvFYRthY-iYoYHSqz5vPliYq6tSdO92p96AWGEYbiT8Ene326ig5G58GOCi7LD0oHAmF6eNokQx_EYJrowAcyAcj0BMBedJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:55:19 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1667998519606601
content-type: text/html
x-goog-hash: crc32c=tOLyUw==, md5=+UTyA2LG0RZRrLq3IoRVOg==
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 2918
cf-ray: 76878c23cf455c26-FRA
expires: Fri, 11 Nov 2022 13:59:15 GMT

GET
H2 404 right-background.jpg
secure.gratowin.com/undefined/brands/null/ 3 KB
3 KB 101ms
100ms Image
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/undefined/brands/null/right-background.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462c2fdf29d6d8a845147098b8018eb0c6721811ea5f3fb3b064d38444fe87cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:15 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ADPycds4Os2lSyyP1P8gXXqDuSP94A7nx5obT_qnKDMnDv5e0lthMG88ujhQDzVoNdkiFsDpmejlY7zkSFiDxOJhY1xk0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:55:19 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1667998519606601
content-type: text/html
x-goog-hash: crc32c=tOLyUw==, md5=+UTyA2LG0RZRrLq3IoRVOg==
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 2918
cf-ray: 76878c23cf475c26-FRA
expires: Fri, 11 Nov 2022 13:59:15 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 59 KB
19 KB 413ms
199ms Script
application/javascript 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.530f4d223693e6ae5560.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

9522f06273f78d21fff2f56b7a3ff41d77a705ededacbfba7e8044436c17743d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 95992ea7-dd93-40ed-82aa-17be4d9f0a12
x-trace-id: 00-eb8be1f566fcf1b3382cbb230e9181e8-3ed95a48951df071-00
served-by: 9886
last-modified: Thu, 27 Oct 2022 11:43:31 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 9886

GET index.html
storage.googleapis.com/moon-prod/static-content/jackpot/new/ Frame 784A 0
0

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 143ms
65ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76878c261d78918e-FRA
content-length: 0
date: Fri, 11 Nov 2022 13:59:16 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 event Show response
analytics.streamygame.com/ 0
322 B 205ms
136ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 13:59:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 76878c26fa419066-FRA
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 79ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 251587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:06:09 GMT

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/footer// 24 KB
5 KB 110ms
109ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/footer//?lang=en&regCountry=undefined&login=0&state=&brandId=8&currency=undefined&type=&playerType=0&eventTypes=&eventStartDates=&eventEndDates=&eventWinnerEndDates=&isLoggedIn=false&ABClicks=1&CID=115922140&Inc=120193525&LP=746&affToken=06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk&affiliateID=9017&flow=register&media=&netoClickId=636e55325e0f95c441c2645c&payload=26488&pg=1&referrer=&shorten_link=5bc7025150425&shorten_target=11133&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa9a1dad97051fd4567d4822108bd49994d47c5c07043cf09a4c4c959b5efa4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 76878c25cccc91d8-FRA

GET
H2 200 1.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 14 KB
5 KB 48ms
45ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/1.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a85a0aebe0bf124d93f5bc99f5c59ea9a04170c8073373cae0e70a14a70e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1907
x-guploader-uploadid: ADPycdsZ6QP74mL3tPrdHCieQ0RjbE1LdC2oZ3cRVH-92Imr64bh90jDA0rg6lKSycY-U17l72m8EKea0wAItRlsNkKfwcO7zJg7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:47 GMT
server: cloudflare
etag: W/"ad4703a0fe316f7d38f18aeb03ce2fc6"
vary: Accept-Encoding
x-goog-hash: crc32c=1BmElA==, md5=rUcDoP4xb3048YrrA84vxg==
x-goog-generation: 1667998487779385
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 14577
cf-ray: 76878c25cc255c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 200 2.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 7 KB
2 KB 55ms
51ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/2.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe198199fc88325c116d73a6de560919c6dbd00eea5a7e5bd8cf5a3f01d4818

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2877
x-guploader-uploadid: ADPycdtWsH1NfZWujRMVfIcgkayoE7uDl8HEBLxMom1P2RKSejGyGWVApiQDAE5-LsZkuYsnWRO-gQROaEBdEoCL8M_5fg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:44 GMT
server: cloudflare
etag: W/"b720b4da55a22ebabd6751bbf52e654c"
vary: Accept-Encoding
x-goog-hash: crc32c=mn7DMA==, md5=tyC02lWiLrq9Z1G79S5lTA==
x-goog-generation: 1667998483997564
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 7346
cf-ray: 76878c25dc315c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 200 6.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 5 KB
2 KB 119ms
115ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/6.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f81c733603f1510eb54a44877a5a0ac91af987b5d301916773090a287412647

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtIXXTDNdFLay0AvnVjFH0uytdUSD-5U7rMBdO7ijrjG4W4jvGBaTGVquXHEPDFph9tQ_-I4nTIW_tKCS7LTIS6kKeTv4Pt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:43 GMT
server: cloudflare
etag: W/"af245afba6ec906dffb02db9e3e58391"
vary: Accept-Encoding
x-goog-hash: crc32c=3fgQSA==, md5=ryRa+6bskG3/sC254+WDkQ==
x-goog-generation: 1667998483873351
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 5323
cf-ray: 76878c25dc325c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 200 0.530f4d223693e6ae5560.css
secure.gratowin.com/ 4 KB
1 KB 58ms
55ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/0.530f4d223693e6ae5560.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 068b6bee16a46a62f0204552bb3fd2f914dc8bd4cfb439fdad84c470b3ea5b36

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1907
x-guploader-uploadid: ADPycdtrdXdoK3xOzHthX5BVAXWr0Hz6GTqgPb235IeaoQCG6Loh9oDe5e_J8JK1ujRPnAKE1IvBQbqRzbGRWiwBjaFhuFrzcbPC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:43 GMT
server: cloudflare
etag: W/"99bf35ab6596def7660315b1fbdd6564"
vary: Accept-Encoding
x-goog-hash: crc32c=o4otMQ==, md5=mb81q2WW3vdmAxWx+91lZA==
x-goog-generation: 1667998483203091
content-type: text/css
cache-control: public, max-age=14400
x-goog-stored-content-length: 4533
cf-ray: 76878c25dc2b5c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 200 0.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 8 KB
3 KB 42ms
40ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/0.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9975ab224e45cd21e6c446234577ba824e9214673a4b9376297a0b0e87e4de8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1907
x-guploader-uploadid: ADPycdtpZfyYcpk0oSF1mhWOWKKk2V0let9e4hYQwAFfT9Goc8BeKAnQmwamp8DdlJIXIdyhayxFKA-c1nHdXhYu8bctMf1NKKc5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:46 GMT
server: cloudflare
etag: W/"e48e050e01a5ae678558c7247d06c51e"
vary: Accept-Encoding
x-goog-hash: crc32c=s/Egkw==, md5=5I4FDgGlrmeFWMckfQbFHg==
x-goog-generation: 1667998486719318
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 7978
cf-ray: 76878c25dc345c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 200 372.530f4d223693e6ae5560.css
secure.gratowin.com/ 8 KB
2 KB 203ms
200ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/372.530f4d223693e6ae5560.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e6c85007cc8380c6fd8fc1c5e990341d544429a273539ccd5161ffee04fcd5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtp5tDDSn9VZxP3D9becde12l4hwGzVvb4V2MIEokN4d6IfYnCkf1nCHqiOThZ04v0Wy7rlAy_bbWNMG6hwlUXoF8ZjSZ-U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:33 GMT
server: cloudflare
etag: W/"892f2850d64e9227f23657d141c8adf3"
vary: Accept-Encoding
x-goog-hash: crc32c=c3Pemg==, md5=iS8oUNZOkifyNlfRQcit8w==
x-goog-generation: 1667998473775444
content-type: text/css
cache-control: public, max-age=14400
x-goog-stored-content-length: 8177
cf-ray: 76878c25dc2e5c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 200 RegisterModal.530f4d223693e6ae5560.bundle.js Show response
secure.gratowin.com/ 221 KB
40 KB 121ms
120ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/RegisterModal.530f4d223693e6ae5560.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.530f4d223693e6ae5560.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0205a3f4fbb415e135f905d147d0bab53101c5f3bee04c24c81958a7cc6045f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtzFhpgE1F5WTFNjkj_WCjixvu8odOhjswnBUuOemzgufdrTKpdmsAZAGeRq8rvbKVJ9VZKfHCr_9JkeO52P9VxP1FxmpgA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:49 GMT
server: cloudflare
etag: W/"7ca35e9631b170f62db2a0f86475a0c2"
vary: Accept-Encoding
x-goog-hash: crc32c=Cl2snQ==, md5=fKNeljGxcPYtsqD4ZHWgwg==
x-goog-generation: 1667998489459879
content-type: application/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 225827
cf-ray: 76878c25dc365c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H3 200 index.html Show response
storage.googleapis.com/moon-prod/static-content/jackpot/new/ Frame 784A 32 KB
32 KB 33ms
32ms Document
text/html 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.530f4d223693e6ae5560.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b6ee5642e247392075c40330df8d51d04005266b70e50e29a988998dde3a459

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-length: 32573
content-type: text/html
date: Fri, 11 Nov 2022 13:00:11 GMT
etag: "c192dbec0a4ad7d191126157fa3c0018"
expires: Fri, 11 Nov 2022 14:00:11 GMT
last-modified: Wed, 21 Sep 2022 14:17:03 GMT
server: UploadServer
x-goog-generation: 1663769823685434
x-goog-hash: crc32c=g0/5XQ== md5=wZLb7ApK19GREmFX+jwAGA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32573
x-guploader-uploadid: ADPycdtxKKAeV4la5Vq-AAlzZm5Ub7bJkCrOS4GcF3nsy8cn9k9gjPAmH5C7LAo1gqslfN2_McTVNT5ATzgrKTpBy5hzkQ

GET
H3 200 logo.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 52 KB
52 KB 32ms
31ms Image
image/png 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:52:07 GMT
age: 429
x-guploader-uploadid: ADPycdtWfDLrtdeB5STydAZpdYg1ng9TFd48dtJVeVh30axoUPWfUcTJ16CxgPymk3iMjAa2rQHRYY1hwO3rhOTVGYWxOVTOG6qX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53570
last-modified: Sun, 06 Sep 2020 14:56:18 GMT
server: UploadServer
etag: "8da035e6e305e63288d58c81e1cb6316"
x-goog-generation: 1599404178125470
x-goog-hash: crc32c=F2Tmng==, md5=jaA15uMF5jKI1YyB4ctjFg==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 53570
accept-ranges: bytes
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:49 GMT
expires: Fri, 11 Nov 2022 14:52:07 GMT

GET
H2 200 getRecentWinnings Show response
secure.gratowin.com/playerapi/recentWinnings/ 3 KB
798 B 172ms
172ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/recentWinnings/getRecentWinnings?currency=EUR&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 86239e53fea737f2be4b5ad4249ba9e4574f3a5f29cf708630d8163ed56b5c54

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"adf-lF7ETX0qLOHVAQbhiXFXBfD2Nps"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c25dc395c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 games Show response
secure.gratowin.com/playerapi/ 259 KB
22 KB 81ms
81ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games?country=DE&device=desktop&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 297e3949449cf71811071187877b2d0232599df04f6431bd0df479d6c8cfa180

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"40c00-TyJa58BvjqRcu/glcpMFrZoq5CQ"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c25dc3e5c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getBrandLanguages Show response
secure.gratowin.com/playerapi/ 120 B
199 B 85ms
84ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/getBrandLanguages?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 47e0491532608bf09394cc3cd209c4920173cfaa6e02d7d8994478f44dc5f0cd

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"78-K1vwrEOqGpXJmkTeEv6boc9il2A"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 76878c25ec545c26-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 languages-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
1018 B 38ms
37ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/languages-icon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2914
x-guploader-uploadid: ADPycdul6TF-IWUE-QoJyIwVqrimJQ1BlOR3O3MlhF5LwqBVSKygU19vAaZ8LeIoqVjUbHjCIkTCfoFaPc2w_xl9KiSXeFtIghFJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 09 Nov 2022 12:54:57 GMT
server: cloudflare
etag: W/"0e648574a50c4a2f1572086f886ee580"
vary: Accept-Encoding
x-goog-hash: crc32c=15Fj5Q==, md5=DmSFdKUMSi8VcghviG7lgA==
x-goog-generation: 1666790024822991
content-type: image/svg+xml
cache-control: public, max-age=14400
x-goog-stored-content-length: 1925
cf-ray: 76878c25ec645c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 76ms
52ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 65821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H3 200 left-background.jpg
storage.googleapis.com/moon-prod/static-content/brands/8/ 211 KB
211 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/left-background.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d53ae31112aa2b41ea425f2702a7c5563a122d75b725d9f8dd18856d378210d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:10:27 GMT
age: 2929
x-guploader-uploadid: ADPycdudgt-Ivxpx-fD1I3C8XONKeAlAnQ6ijjS7Pk-dJBhVX9ncqdP0w6TV2tUglNDydsjpC3dnsqQkgC5YH84bAlGuj-mZqGyX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215958
last-modified: Sun, 06 Sep 2020 14:56:17 GMT
server: UploadServer
etag: "0b976b08237086537b3d063e73fc42d6"
x-goog-generation: 1599404177852497
x-goog-hash: crc32c=mddCPQ==, md5=C5drCCNwhlN7PQY+c/xC1g==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 215958
accept-ranges: bytes
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 08:00:02 GMT
expires: Fri, 11 Nov 2022 14:10:27 GMT

GET
H3 200 right-background.jpg
storage.googleapis.com/moon-prod/static-content/brands/8/ 187 KB
187 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/right-background.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae6ccbecb882f3edc3f742a60a60d75d93c9ffa2d3039cfdb5e1b900bd307e85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:10:27 GMT
age: 2929
x-guploader-uploadid: ADPycdudZaxW8gpTdxfGYueokwL6vX_mVmyQyRtEhQjSukySZl--Cs_bef8E2VmjhUcu1fA2gXukbQwkY2dRf0Zh9gcbFti7S0Q7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191883
last-modified: Sun, 06 Sep 2020 14:56:18 GMT
server: UploadServer
etag: "1f143849746b1ddb7e37f52463404de5"
x-goog-generation: 1599404178430596
x-goog-hash: crc32c=Y+VbbQ==, md5=HxQ4SXRrHdt+N/UkY0BN5Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 191883
accept-ranges: bytes
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:42 GMT
expires: Fri, 11 Nov 2022 14:10:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 66ms
45ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 335664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 21:13:39 GMT
x-content-type-options: nosniff
age: 233137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 21:13:39 GMT

GET
H2 200 status Show response
ga.streamygame.com/jackpot/ Frame 784A 1 KB
747 B 121ms
77ms XHR
application/json 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/jackpot/status?brandId=8&customerId=1003

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

188a39edf5a34ba8b4ff33a5fe4028315ced390917c7002ebfeb3c363d4df014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://storage.googleapis.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 13:59:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://storage.googleapis.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 76878c281f189b46-FRA
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 status
ga.streamygame.com/jackpot/ Frame 0
0 243ms
180ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/jackpot/status?brandId=8&customerId=1003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://storage.googleapis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: https://storage.googleapis.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76878c26aad39b46-FRA
content-length: 0
date: Fri, 11 Nov 2022 13:59:16 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 gameDynamicData
ga.streamygame.com/ Frame 0
0 196ms
182ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.gratowin.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76878c26badb9b46-FRA
content-length: 0
date: Fri, 11 Nov 2022 13:59:16 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iframe.js Show response
anakatech.uat1.evo-test.com/frontend/evo/r2/js/ 9 KB
3 KB 253ms
73ms Script
application/javascript 87.246.163.84
APOLLO-AS Latvia

General

Check archive.org

Show headers Download Go to

Full URL

https://anakatech.uat1.evo-test.com/frontend/evo/r2/js/iframe.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.530f4d223693e6ae5560.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.246.163.84 Jaunmarupe, Latvia, ASN12578 (APOLLO-AS Latvia, LV),

Reverse DNS

Software

nginx /

Resource Hash

db97fa54c59105635eb62cec45d76ff7e6142674917545f54cd4fc9215df65d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:16 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 11 Nov 2022 07:48:50 GMT
Server: nginx
ETag: "636dfe62-98b"
Vary: Origin
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 2443

POST
H2 200 gameDynamicData Show response
ga.streamygame.com/ 76 KB
5 KB 175ms
91ms XHR
application/json 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.gratowin.com

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae0496f387bedf969317129bf163f1b8d7863fc41da549097d81c3f718a34fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 13:59:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 76878c286e629244-FRA
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 all_games.png
secure.gratowin.com/assets/images/ 354 B
647 B 47ms
42ms Image
image/png 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/images/all_games.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a3bad77018a615558340201b8d3a3ef4161786e11be214f99591cedf354066

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: HIT
age: 2001
x-guploader-uploadid: ADPycdsJGjG2xCuwbvjJkoLq6Dgr-qmVWrMFqWxxJxfjGAtfAIdoC9pLulWnuxfYhCB0BSXu4nNapB2QoiC6zYO6YEE6S2kuoVgB
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 354
last-modified: Tue, 21 Jun 2022 11:20:31 GMT
server: cloudflare
etag: "3ed75eebadf2c8b072295a399faea728"
vary: Accept-Encoding
x-goog-generation: 1655810431513662
content-type: image/png
x-goog-hash: crc32c=EIeYUA==, md5=Ptde663yyLByKVo5n66nKA==
cache-control: public, max-age=14400
x-goog-stored-content-length: 354
accept-ranges: bytes
cf-ray: 76878c26cec15c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H3 200 category_19.png
storage.googleapis.com/gsdev/moon-prod/web/ 986 B
1019 B 32ms
27ms Image
image/png 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_19.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bc364554159c5ace8fbae0965ff955753855fbf7c0238ba5acbbe46af0d6ba3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:10:27 GMT
age: 2929
x-guploader-uploadid: ADPycdvTl8rLA6H5U-_rU4rYDLlkr-jNRmIvG4ut9H-vOJmi_g1QzzqTjrsSQ3jUjA75UyasysUY8nJbjLoS6H8RW0QYxf1MTLjx
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 986
last-modified: Mon, 10 Oct 2022 12:59:11 GMT
server: UploadServer
etag: "a7058eb8d1bb78719195505f7ffe8cdd"
x-goog-generation: 1665406751724026
x-goog-hash: crc32c=LHM7VQ==, md5=pwWOuNG7eHGRlVBff/6M3Q==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 986
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:10:27 GMT

GET
H3 200 category_13.png
storage.googleapis.com/gsdev/moon-prod/web/ 720 B
752 B 31ms
27ms Image
image/png 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_13.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:04:09 GMT
age: 3307
x-guploader-uploadid: ADPycdspbPy3ZFYsrhJPbmlH-UqeUcms098eKVhU9AI9pIfuhjH1rcXrowqRBiNyQDV_1HmZTWZASd5Mkl2BKM5DQPHT4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 720
last-modified: Wed, 08 Jun 2022 05:07:22 GMT
server: UploadServer
etag: "a581f632f302b5b5dd5ac3f09e555cf0"
x-goog-generation: 1654664842710704
x-goog-hash: crc32c=C2zfPg==, md5=pYH2MvMCtbXdWsPwnlVc8A==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 720
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:04:09 GMT

GET
H3 200 category_18.png
storage.googleapis.com/gsdev/moon-prod/web/ 1 KB
1 KB 30ms
26ms Image
image/png 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_18.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0ebb87df614d24d505185917fb3b26027f914fe0aed27df37fa5147316ad6787

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:10:27 GMT
age: 2929
x-guploader-uploadid: ADPycdsTXwQ8wPswTfnOy37nVkH2_U_YSMR0X9waB1VeOJXvUPtY-8RPaT7vUUQqzZFLrrsXLF1CjW3CC1DWQFtV49hf0NudVgc0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
last-modified: Wed, 27 Apr 2022 08:49:03 GMT
server: UploadServer
etag: "3b504b5bce433dc0685ac9b540ca1139"
x-goog-generation: 1651049343214781
x-goog-hash: crc32c=VXvZcA==, md5=O1BLW85DPcBoWsm1QMoROQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 1085
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:10:27 GMT

GET
H3 200 category_14.png
storage.googleapis.com/gsdev/moon-prod/web/ 870 B
897 B 28ms
24ms Image
image/png 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_14.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c21ac0bbb27a457552858b53c117acc699665377f80e292970c9c56f7306dadc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:10:27 GMT
age: 2929
x-guploader-uploadid: ADPycdswx916L_GdrZFDGUEP3cyki-Bm9bV9-WD481QQNY7e5rytrPedMe8miY2L7G4KlJA8TyLX0lW7wdmuG3eQ-YANu1Jt9mme
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 870
last-modified: Wed, 22 Jun 2022 14:18:27 GMT
server: UploadServer
etag: "8c0734f152a88c26d33f3bc85e4b0a85"
x-goog-generation: 1655907507000284
x-goog-hash: crc32c=NhUd8Q==, md5=jAc08VKojCbTPzvIXksKhQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 870
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:10:27 GMT

GET
H3 200 category_4.png
storage.googleapis.com/gsdev/moon-prod/web/ 766 B
799 B 28ms
27ms Image
image/png 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_4.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 07c35e512149ad1a8be5a7fb9672da7ec67fa0c329432a6e5a5fd7788f90b6e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:04:09 GMT
age: 3307
x-guploader-uploadid: ADPycdugFqrFLCJ9Ka8Pt87Sthde3nrFO2tnkrxesCcT9LqDJHJOEi3_JdXh1_tSNDJWlMNm-CK6hZuhYjNNccbwaDa5ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 766
last-modified: Wed, 27 Apr 2022 08:47:26 GMT
server: UploadServer
etag: "0279a0841853af18f8f4b2c455b1efa4"
x-goog-generation: 1651049246297596
x-goog-hash: crc32c=3o0W9A==, md5=AnmghBhTrxj49LLEVbHvpA==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 766
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:04:09 GMT

GET
H2 200 invisible.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame B44B 44 KB
21 KB 38ms
37ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddb16f8af70ac8dbd3dd8df6ffc7c6a19a2ddb80c9926f3dd46a91781b2bc24

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76878c271f865c26-FRA

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
591 B 113ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63d5dc678d9ffff5d8bb6288ebed31c973f904f78498acdec4d7a8dc1b2fca3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 13:59:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 13:59:16 GMT

GET
H2 200 mastercard.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 260ms
104ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/mastercard.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduE2IUK9oeBcO4gBMDTHSmsE-rlwrurHIbcwhcD-CzmUuiy20u8bXoPOtVfX7bioh7YQdnJE3pG7HXboe7DiD-OvaMgHvjX
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2569
last-modified: Mon, 02 May 2022 11:58:15 GMT
server: cloudflare
etag: "f3ff236418dbe75a588fc2f277baaab6"
vary: Accept-Encoding
x-goog-generation: 1651492695597263
content-type: image/png
x-goog-hash: crc32c=8BOYTg==, md5=8/8jZBjb51pYj8Lyd7qqtg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts%2F%2BkUCpNBJqpcnbpyU8E5FgjkL23qXkIWt0ZbhThBkt3nAqZZMOpkXF5IocPICC%2FATLTIJ0xNRuPcgXb604cvkYAtcT%2BLbGEFLWr2CmU%2Fpll2rV23gs4wqAAMj5SBRhGR8qjskE1eSCp%2FnBvnFq39ohaw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2569
accept-ranges: bytes
cf-ray: 76878c281c27bbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 PostPay.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
3 KB 228ms
73ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PostPay.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtDaJp3jxethXiSySV_IjFpytKFNQkZd4YO5vw0mOutPwE9XLJXt3RmSjhcPB9nwHyfHLWg1HB_TuCiPnsVntNrAA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2501
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "1ade0623f06ef3964f06847a2adca08a"
vary: Accept-Encoding
x-goog-generation: 1651492693814444
content-type: image/png
x-goog-hash: crc32c=2WIQPw==, md5=Gt4GI/Bu85ZPBoR6Ktygig==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7Sjakeequ%2Bz5QREu%2BYF84zEBsn%2BUzN4SGg35K8FynoUI41tEq3rL8ORfTeiZyVslwdJMDPq4V%2F80BgecjlgR40ES32eqMX2pdb6%2BHkrqszi2tT2SXW9Fw%2BY40Ai%2FExvWyg2s3BbE%2BQEKJlGBhxy8QCWvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2501
accept-ranges: bytes
cf-ray: 76878c281c2abbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 Quantom.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 254ms
99ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Quantom.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtbhoi4Vy3XjRgNP6Q9Ri2FjOynLLaQmT_8C38r9Ekg2m36yWXF4o8cXe2r8NxnZMewSKLRxFsYtjAu6adZ7BLFUS3x9GKI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1625
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "95b14f93ce4d7a3b73a65afd4da99d34"
vary: Accept-Encoding
x-goog-generation: 1651492693805894
content-type: image/png
x-goog-hash: crc32c=/nRmrA==, md5=lbFPk85Nejtzplr9TamdNA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3e96joswUjsVM0bQwHZLC9r6fEqUw%2B%2BDd8NfQzL3c%2BH9iyygruhT%2FLBd6QpEThw0G9Apksv4o%2BDnfOjnNCzSY%2BHVR3AapkTW1BfYJvbg4GrF3Q4OM%2F%2FxvEssj9m3gs2rkBSpJ%2BfGtUrTH4BfzNrlRfRuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1625
accept-ranges: bytes
cf-ray: 76878c281c2dbbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 visa.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 274ms
119ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/visa.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduxbreRTsFQr2Y4Xby7jwyHOthwLCdYPts1-1CExiK9iI5OOB1WMVahv07_GuXFXcgTn8swDUX2r371mBrq8gb5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3070
last-modified: Mon, 02 May 2022 11:58:26 GMT
server: cloudflare
etag: "e9d7082867979eabe30e401d6cf941f6"
vary: Accept-Encoding
x-goog-generation: 1651492706733395
content-type: image/png
x-goog-hash: crc32c=yJZTHQ==, md5=6dcIKGeXnqvjDkAdbPlB9g==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MlNnCxyprfSQUrgu37COuvSz4o6ZnDpf59J1Z1AGzYOoApd1emnIuFUGlY4kVRYCNzObenOJau01IjdVjmfQNjmU45kIvD8uJRmLklP3lvaUjartLmlUIHON9OPd1mR5EbVO%2BehUWF8j5BfPTBn1Af87w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3070
accept-ranges: bytes
cf-ray: 76878c281c2fbbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 Click.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 255ms
100ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Click.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduwwxPcelfrgo8-4iLBUre5DnGXuZkz1GHgThC3vNccHgXENcaU6N0pLFLp0UtUMGdLgsvLNppIsvX5EDoltAMKaPe6jB_3
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1853
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "b85f792d205fbda0910dbe67efbccfb4"
vary: Accept-Encoding
x-goog-generation: 1651492693259411
content-type: image/png
x-goog-hash: crc32c=zOEnDg==, md5=uF95LSBfvaCRDb5n77zPtA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69BnmlccnQS8sGoJvyJiGbsVfIhPTg4VMvWIhR7g0JmOnthxbW2skewarEIT%2FwmP9gnUNENK2G3gaiivjeE%2BxFzvdaH5cY%2FsQQKpVZLB08zj%2FzTm16ZrR71dgWm320XitD2KPQM%2F7ZD1sdDk5mlA6IG67w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1853
accept-ranges: bytes
cf-ray: 76878c281c32bbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 Neosurf.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
3 KB 226ms
72ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Neosurf.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvI2u1GGp9Iq7Wodug9svWvqcqjd8ElXE1539HYu3KTdpfgvsvSewFBxiUOj0NFYuY47dyeuSJcCmwHtl4nS6B9Bw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2012
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "f2b574780708ebc637d4f2b8dac8269f"
vary: Accept-Encoding
x-goog-generation: 1651492693747409
content-type: image/png
x-goog-hash: crc32c=FPaoNQ==, md5=8rV0eAcI68Y31PK42sgmnw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yzYlr9OCK6c4vREKfit1w%2FkWs4T22IkD0qnoFrQfwn7Gzxhw4MRRPnLsJ%2BaOEZZYbg3Ig%2BtVJ3d2UBVuZEKlrmywuSuVnpEAqJP3EIbZ7Ype%2FWLvECmBNxAcU%2FqVyu3TZUY0vY7xzWRBgneSTxiP1NcGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2012
accept-ranges: bytes
cf-ray: 76878c281c34bbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 CoinsPaid.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 30 KB
30 KB 94ms
88ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/CoinsPaid.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8cfd4ad458c4f9c9b78fbbf64b552d4a9a24a226039786f2a0409d768754960

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtOv6gh3hjhL13mIdxodHOGah5hWZfcLThRIvY8inPjj38AJKqdwotbVEm7z47Tkd27u83Uk0US-U5B_AqlO1AX-X0UhUhj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30590
last-modified: Mon, 02 May 2022 12:19:03 GMT
server: cloudflare
etag: "fe34379b159f351b34253ccd116b8624"
vary: Accept-Encoding
x-goog-generation: 1651493943480942
content-type: image/png
x-goog-hash: crc32c=5WQl0Q==, md5=/jQ3mxWfNRs0JTzNEWuGJA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbZHfhLvSNSSIs8AWY%2B9M3ex%2Fy7%2BAlIpAG2kC2klMJjKk9OdCmORpk61JqA7uRO%2F5NAcY2RUSBTaWUIbTlbJ7C3hSB0bjg7lOKjkwBMrTnFNyvTdpDLZOkC5EYCagq0DP%2BMAqJr69wqebcKsmFJyaNh0UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 30590
accept-ranges: bytes
cf-ray: 76878c283c9cbbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 Cashlib.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 40 KB
41 KB 115ms
108ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Cashlib.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycds7Bj1RKb1Kb7BOnMNnZcCUeLAZLPNOINpX0qC7nr5QDCN7R60nEXs1KH3LGIbo6TdqW-m0QEZePH3sCA6aAauDVacZ79kU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41452
last-modified: Mon, 02 May 2022 12:21:31 GMT
server: cloudflare
etag: "7efb0c903552116f2a60b434f81c48db"
vary: Accept-Encoding
x-goog-generation: 1651494091311094
content-type: image/png
x-goog-hash: crc32c=VLi8lw==, md5=fvsMkDVSEW8qYLQ0+BxI2w==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wi2e0oLpMHGWWNOv%2Bi%2BR7KreO2aKkSFGIPwlCwdymqdfsCQ4Krr1onjBUkIBX9%2BuKzw%2FPad6Q7USIxV36RKUyDNnCWOHP6YX25GcaZWgT5%2F0f%2BXzRQ9N1JaR1Bi%2BLX8KCgHaNFztYm5NhegOpTGuNLThFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 41452
accept-ranges: bytes
cf-ray: 76878c283ca3bbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 SSL.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 8 KB
9 KB 114ms
107ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/SSL.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycds0i5kohWfaY44NetQPyMfKAyC_raGRLy9lLB2kWx32rkgc1WmgsXijareB17eMNp37HKKwzUKgqk0ikRe9i5Ii
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8404
last-modified: Mon, 02 May 2022 12:25:35 GMT
server: cloudflare
etag: "adcf0ed844d4d6c3bc72a35c973315f0"
vary: Accept-Encoding
x-goog-generation: 1651494335286155
content-type: image/png
x-goog-hash: crc32c=v0ntag==, md5=rc8O2ETU1sO8cqNclzMV8A==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FJj%2FanzaXfNPruPDfayRch4hAmXO3rTtmxItpJmVNHOMjox9Efn4zsSmQbGhAEZs4oIwakG2KztHmEqmbvNhHXMjGAvALGu2mWJ65zoOI07lOEDzsZyLzwkoBsjW%2BB2bbrVJmg2CIELl%2F16R%2BKgYYrNig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 8404
accept-ranges: bytes
cf-ray: 76878c283ca7bbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 Plus18.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 1 KB
2 KB 90ms
84ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Plus18.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsnOz70M8QNUp2lZyPVJHCPG4nIvaz3RolBy1d1JmSm7_xcVhOvovxtVVSBrEmmbAFxsBgQIlahnRHX0g5KQwDofCiqpdPN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1196
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "a220d4a45c9d5d871044e51ab9d05d26"
vary: Accept-Encoding
x-goog-generation: 1651494334802110
content-type: image/png
x-goog-hash: crc32c=78JZmw==, md5=oiDUpFydXYcQROUaudBdJg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jyR10Yk9D0ED7M8GjR6BEcriNGNUGO8PfdRMtuTR3nKK98%2BHXzFVVVRLq6N%2FhbY0bHkEz968wp%2Fm6SbxInmOrD0arBAIANridfyECqgGAajAa3s5sQfaJyQ%2B0CFvFFCrafU24kdj%2BO90%2FZyim%2ByglZ%2FyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1196
accept-ranges: bytes
cf-ray: 76878c283cacbbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H2 200 PciDss.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 145ms
139ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PciDss.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdv6pE2fw2HUsvMi7qiGDAqzxIflngqAnJEK1uG7x5icz992Xo9k-0BFL653FijlU24-ag7OfTknsRTzHHQypBDrPeIWqwtJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3062
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "fc0a95ce0fc60e39c035243f53fdc67b"
vary: Accept-Encoding
x-goog-generation: 1651494334776388
content-type: image/png
x-goog-hash: crc32c=qWUl9A==, md5=/AqVzg/GDjnANSQ/U/3Gew==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2NV4ci4bBr%2F1ORn0o1bKb0rdxtVNxtQCAFztDwh2lRKidF5D5eVeregLHpPXvUX%2BZJypdGRpBv01IbB4mjXn4CHvoFQ%2B3pmRCpAH4t1EGfABVbXrEOiW7UQKReU14earoGMZA8aEvbFW3fvH4p8QcSXug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3062
accept-ranges: bytes
cf-ray: 76878c283cb0bbd9-FRA
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H3 200 5.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 36ms
35ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4022fcd71fc9cd5ea700911970e7a592b086c5bd47f906a3ff85227c0d531c9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:35:57 GMT
age: 1399
x-guploader-uploadid: ADPycduYbaLBNAGkHyhmgCshrsxtQ1ugiWWNjSkykKR_jiIYDYOdtQPPd1O83BE6gDptj2FYbkRe_vRhlzYe1hnMxtq_1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30546
last-modified: Sun, 09 Aug 2020 15:09:07 GMT
server: UploadServer
etag: "b03207155277dab471de820857ab80c0"
x-goog-generation: 1596985747041304
x-goog-hash: crc32c=1vTyDA==, md5=sDIHFVJ32rRx3oIIV6uAwA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30546
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:35:57 GMT

GET
H3 200 20.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 31 KB
31 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/20.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 63b3ee24f6efe1c85cffab7f293a66ba15378223cbbd6afe95fbcefb766e24c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:29:16 GMT
age: 1800
x-guploader-uploadid: ADPycdsdCowA_WhL2x277qnNWiY3-9IsmY5mMV0ShQZxJp7StCwGe21yBZvwgr4mZ1PQWHWxQNH4rp5wlt6Z5yafKojTGNyz9-y1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32183
last-modified: Sun, 09 Aug 2020 14:39:18 GMT
server: UploadServer
etag: "2bca8ea64f80c5c193113ec11eaeddd7"
x-goog-generation: 1596983958386407
x-goog-hash: crc32c=VBbNrA==, md5=K8qOpk+AxcGTET7BHq7d1w==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 32183
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:29:16 GMT

GET
H3 200 566.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 25 KB
25 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/566.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ac220b6b5ba495c19af6fe74c278c9d4638dc14841a58bce273ea5cdc1b43528

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:31:36 GMT
age: 1660
x-guploader-uploadid: ADPycdvFZRS4nPaw-RgWTIfOI-F_WTdnu1FyfToyZ2ohwN2R1FZvTsDN3VL1AHNGf0Uq0h0tbbN8QI60nPuHqFGBUtk0ow
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25642
last-modified: Tue, 22 Mar 2022 16:26:37 GMT
server: UploadServer
etag: "5983a30d69dfae3b2b7d4adee1dab016"
x-goog-generation: 1647966397781597
x-goog-hash: crc32c=WsszXA==, md5=WYOjDWnfrjsrfUre4dqwFg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 25642
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:31:36 GMT

GET
H3 200 208.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 22 KB
23 KB 65ms
63ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/208.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 200d2aa85fb27867b01a2dfccfde12e46deede7e54473f20dbcb447f71bbf703

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:52:11 GMT
age: 425
x-guploader-uploadid: ADPycdsfJoe_rhogc_jyznmntmytLPDCV57M0m16yOsTiBEef8XQp421WPXIWW5Qyt6ZDTVaRAhc70NzKK-10N6KSIhmeySruhwq
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23035
last-modified: Mon, 27 Apr 2020 08:27:47 GMT
server: UploadServer
etag: "dc45a2f63616e807696dda7c14fcb138"
x-goog-generation: 1587976067820510
x-goog-hash: crc32c=DWELAA==, md5=3EWi9jYW6Adpbdp8FPyxOA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 23035
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:52:11 GMT

GET
H3 200 567.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 31 KB
31 KB 63ms
59ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/567.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a2aa104d95fd000bb2d6d4f3f9fdb2e88ee6092a22bf892eb38a02c05ae2c141

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:30:09 GMT
age: 1747
x-guploader-uploadid: ADPycdvXwqLXCJLZrgq6jsrAsdoEK_a9dC9Pv4Ct8v7jpz0ascefKwuCmLRpoPtxYbW7_2EWY5EQtsApidaVcfnaMwXYIA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31918
last-modified: Tue, 22 Mar 2022 16:27:52 GMT
server: UploadServer
etag: "54a5155d342b52880e4cf191b361545c"
x-goog-generation: 1647966472043289
x-goog-hash: crc32c=vOgc+Q==, md5=VKUVXTQrUogOTPGRs2FUXA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 31918
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:30:09 GMT

GET
H3 200 1.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 32 KB
32 KB 59ms
56ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b796222d4d2609f2f03be081727632c910be3fc50f2836968850de194b18745

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:29:16 GMT
age: 1800
x-guploader-uploadid: ADPycduodmznPpsHSN_2F9WSAbYjCFPPdeWViwGtjrPPgxHhl7mF0x5kgaRba0sdyAqhfBk7vqrCNNMyb8qXmJZQcohLGCZMWgbF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32963
last-modified: Sun, 09 Aug 2020 14:58:57 GMT
server: UploadServer
etag: "d73921f6fb38f242ce7f66fd95aab996"
x-goog-generation: 1596985137778854
x-goog-hash: crc32c=oougTw==, md5=1zkh9vs48kLOf2b9laq5lg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 32963
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:29:16 GMT

GET
H3 200 3.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 34 KB
34 KB 61ms
55ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1431162c77266235f21cf9bc3865ef40dd41c1c2c0f8f205c0c5c7dc8fec778b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:52:11 GMT
age: 425
x-guploader-uploadid: ADPycdv8SvqPgyOO7HGrmRjM5K5-tPN4eFdtohnfgml8dpNMR_MF1zl0jQsqKuqGDoB4gfzq4kv3Wpr_Cjtvp3iue70WbDMyV1ht
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34375
last-modified: Sun, 09 Aug 2020 14:38:56 GMT
server: UploadServer
etag: "82ebb2d51168c934766a3d34bf8e1268"
x-goog-generation: 1596983936236487
x-goog-hash: crc32c=1sh3sw==, md5=guuy1RFoyTR2aj00v44SaA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 34375
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:52:11 GMT

GET
H3 200 561.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 25 KB
25 KB 57ms
51ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/561.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7802d1473dc2f606f3ef5c413bd94332d4b54c0db46d81dac822c3901b322df5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:31:35 GMT
age: 1661
x-guploader-uploadid: ADPycdtjkxcZtnIH-ofV42yetMb8jsTWiOTXqyRk-W_T7zOqlUHOVxn5GyIXAYH37bT-mYB1wi3FlBqsgIutih6cBTWpCQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25441
last-modified: Tue, 22 Mar 2022 16:18:36 GMT
server: UploadServer
etag: "c39beed81ed3dc1b9eae83af8a4ed7e5"
x-goog-generation: 1647965916233957
x-goog-hash: crc32c=onRh1w==, md5=w5vu2B7T3BueroOvik7X5Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 25441
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:31:35 GMT

GET
H3 200 175.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 29 KB
29 KB 111ms
104ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/175.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 85bbd76dda4b08d644306cfe57ea6870ee5f208aa5550b644ac2cb834b5b92fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:10:56 GMT
age: 2900
x-guploader-uploadid: ADPycdsL69EJDKFdHshxjGq29lpkM7UIZrZjndov58DVYqCMVvBeBNc7pstpV2Oo9ITd7M0pu1CK7iO6xMqCCFUyw0sD1A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30091
last-modified: Sun, 09 Aug 2020 15:40:09 GMT
server: UploadServer
etag: "437c22d1e8219d4c6a7c9200f8a43a14"
x-goog-generation: 1596987609876432
x-goog-hash: crc32c=Y6u8DQ==, md5=Q3wi0eghnUxqfJIA+KQ6FA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30091
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:10:56 GMT

GET
H3 200 2.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 27 KB
27 KB 109ms
102ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fe287b77f258f8ab1392024155e66bd07dbd3d16caa66c917e33d004ef8d0db0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:52:11 GMT
age: 425
x-guploader-uploadid: ADPycdtAKAtdAk_MvwvUr1VfY5tlIncW0cr4Hni6BP2w2TVASSLr0AEstBleX9Pg6-6rrQmZBGV9RIJUWDUFRdQ6kG4vX2igVXpl
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27189
last-modified: Sun, 09 Aug 2020 15:40:52 GMT
server: UploadServer
etag: "74271222e1979f9cb6d51020d04daae9"
x-goog-generation: 1596987652415734
x-goog-hash: crc32c=v8439Q==, md5=dCcSIuGXn5y21RAg0E2q6Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 27189
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:52:11 GMT

GET
H3 200 8.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 26 KB
26 KB 108ms
101ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/8.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ec387818cc9e2f2a6d96e4ce99c013aa94de5553980d93e5fa12b4515daada85

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:49:49 GMT
age: 567
x-guploader-uploadid: ADPycdt-krGXNfFGSozbm6hKFdSPzJRwf30iAR-2TrJPY3qbTx6fSrWgEgzcyZsXfdGgob88UiliEd_YuKLdvqQxcxbx1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26763
last-modified: Thu, 06 Aug 2020 19:27:15 GMT
server: UploadServer
etag: "8e2174c373987f7b0898e9773fc9b68c"
x-goog-generation: 1596742035274515
x-goog-hash: crc32c=2G+FaA==, md5=jiF0w3OYf3sImOl3P8m2jA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 26763
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:49:49 GMT

GET
H3 200 174.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 35 KB
35 KB 89ms
83ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/174.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e37dd4fd3a0f781d702329d74b13ef3b16459394babe3367b96dddaf3b2e658f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:49:49 GMT
age: 567
x-guploader-uploadid: ADPycdupsmSHtD3D1Nv0r3tISzm9rr4KqgxfdZBfHWWGHmW8Q3zTiRTEZThsF2mPJvvr_Q7pW0lI2QGuKhvQ1GLMTCHdXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35414
last-modified: Thu, 06 Aug 2020 06:34:08 GMT
server: UploadServer
etag: "2fddfa33d68c305afe18f2ee8dd4cb44"
x-goog-generation: 1596695648846753
x-goog-hash: crc32c=WeRmsQ==, md5=L936M9aMMFr+GPLujdTLRA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 35414
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:49:49 GMT

GET
H3 200 4.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 29 KB
29 KB 87ms
82ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da44324d9421e4ac73b1e56fe166bd8a51fa59fc512f2265b68020fb41c63a33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:16:35 GMT
age: 2561
x-guploader-uploadid: ADPycdughT3k7etsBXKIwiEpSE1uDOYqQz7_FviW8aKtNAtBkQDTulBmoyR0CetgkeMJp6cBZhxVu7e4RSpGGaWk-VgDfn_rnrUG
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29801
last-modified: Sun, 09 Aug 2020 14:37:17 GMT
server: UploadServer
etag: "4b88921a49d1e060168458c42ea5acd4"
x-goog-generation: 1596983837263791
x-goog-hash: crc32c=FHIXqg==, md5=S4iSGknR4GAWhFjELqWs1A==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 29801
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:16:35 GMT

GET
H3 200 7.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 83ms
78ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 22e7337c994a1cd7b0f534cd7a21ec765ed53a6fe3636fb8c6838bcd0994b0e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:10:57 GMT
age: 2899
x-guploader-uploadid: ADPycdtNwZVcUxlVME5Fe-2vwaSF5okYbZJ0TcFdllWZjbBjNWiy-Jv1qCj-VZN156FJgy9sJgo3Om3dPBoftsY4P2EIDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30785
last-modified: Sun, 09 Aug 2020 14:58:29 GMT
server: UploadServer
etag: "f596bf62b13ac69cd25b66466af15655"
x-goog-generation: 1596985109279554
x-goog-hash: crc32c=C9IoXg==, md5=9Za/YrE6xpzSW2ZGavFWVQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30785
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:10:57 GMT

GET
H3 200 555.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 27 KB
27 KB 154ms
149ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/555.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a251f5e969098aff7ea57994fc4f33085b6541037eb9ff5d930653f35860189

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
age: 0
x-guploader-uploadid: ADPycdu5F9UOPr2vm4HioATuCrrndXl7_u44iJsyvYgjzPuxGuyDzBiFr0nlkgArAirJF0Dl1De_cfTcI_CjayJnpzEE95_3-9kD
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27859
last-modified: Tue, 22 Mar 2022 15:24:44 GMT
server: UploadServer
etag: "c9d89b6134bfae3b853d2aff18369603"
x-goog-generation: 1647962684172386
x-goog-hash: crc32c=Bss5Zw==, md5=ydibYTS/rjuFPSr/GDaWAw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 27859
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:59:16 GMT

GET
H3 200 16.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 61ms
54ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/16.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a114bca175a4dcf455ee2b5dcc9df6e39077cd0ed52e48c297efac2c837c35bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:53:14 GMT
age: 362
x-guploader-uploadid: ADPycdtb43JomcC64iVAjhgiTOiJ4j4W6Dlua7nkxaWvdReJwj_LqzWzl1QLuDhN7b29pgXR8_OPUNJQ9cdMPte8mHdIXg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31093
last-modified: Sun, 09 Aug 2020 15:01:21 GMT
server: UploadServer
etag: "03cead98fe93ac60c2b5513efd65b834"
x-goog-generation: 1596985281991067
x-goog-hash: crc32c=sYRp4Q==, md5=A86tmP6TrGDCtVE+/WW4NA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 31093
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:53:14 GMT

GET
H3 200 18.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 26 KB
26 KB 60ms
53ms Image
image/jpeg 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/18.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d849225963e317e2b2a745c14cd800acec3fbd93a5f8b26ca3094deef15da296

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:52:19 GMT
age: 417
x-guploader-uploadid: ADPycdt1MShaCjHxYEdqpJsKNRlsTBmZhQQ6FYyBYv_SM80v16CQBzH2d5COuXTiEsUvrO7ylrPpVDfdHw-0gdxiFMbLsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27061
last-modified: Sun, 09 Aug 2020 15:00:27 GMT
server: UploadServer
etag: "6fd99674da0d9f8066e1e37c840be6f9"
x-goog-generation: 1596985227626406
x-goog-hash: crc32c=4oaI7g==, md5=b9mWdNoNn4Bm4eN8hAvm+Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 27061
accept-ranges: bytes
expires: Fri, 11 Nov 2022 14:52:19 GMT

GET
H2 200 pci.fa259500fa2b404bf054726d37c147fc.png
secure.gratowin.com/src/assets/images/ 8 KB
8 KB 196ms
189ms Image
image/png 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/src/assets/images/pci.fa259500fa2b404bf054726d37c147fc.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/372.530f4d223693e6ae5560.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17ce54eee19edef849cbc70f4ab340a4fad359219925b51cc0c5a19933a0cd57

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/372.530f4d223693e6ae5560.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsSF3ZJaAbt2syoa3ZXh4u_qCI2QFgmSxgZUCK5xcvrbS_gf-Gos9OgOTuHdWaAjnNFtliZduw58fDn6OPZh7S7OU3yWBb4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 8294
last-modified: Sun, 29 May 2022 06:57:15 GMT
server: cloudflare
etag: "fa259500fa2b404bf054726d37c147fc"
vary: Accept-Encoding
x-goog-generation: 1652708001909843
content-type: image/png
x-goog-hash: crc32c=ZwU5tA==, md5=+iWVAPorQEvwVHJtN8FH/A==
cache-control: public, max-age=14400
x-goog-stored-content-length: 8294
accept-ranges: bytes
cf-ray: 76878c286a565c26-FRA
expires: Fri, 11 Nov 2022 17:59:16 GMT

GET
H2 410 6704.js
script.crazyegg.com/pages/scripts/0078/ 0
0 111ms
38ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0078/6704.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:47:13 GMT
server: cloudflare
age: 4323
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 76878c28cbbfbb3e-FRA
content-length: 0

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 60ms
60ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 76878c286b3a918e-FRA
content-length: 0
date: Fri, 11 Nov 2022 13:59:16 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 event Show response
analytics.streamygame.com/ 0
42 B 52ms
52ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 13:59:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 76878c28cde19066-FRA
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 geoLocationDefaultCurrency Show response
secure.gratowin.com/playerapi/ 3 KB
1 KB 113ms
108ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/geoLocationDefaultCurrency?geoLocationCountryISO=DE&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1ce8e325301163f3b2fc443b0e52fd57130e486da7149622abd20c6101e20c4e

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
ldAlias

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"cca-qZSgpd9r9pP/TydmOtOrQeDj5Ag"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=a1Cr96nowdHEkQv3U1q7T8jap6cdlWPacFdfnzDOKgs-1668175156-0-ARP5PQcwr57z-0i-7ZtDdS9LArLmx5jqGiIwDd8CUPQeqRme-BBeHCWAP_BjflHpIzsFFriTheta91IRqKcnfcQhi8nlWBJROgTwWi54FfCC"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=a1Cr96nowdHEkQv3U1q7T8jap6cdlWPacFdfnzDOKgs-1668175156-0-ARP5PQcwr57z-0i-7ZtDdS9LArLmx5jqGiIwDd8CUPQeqRme-BBeHCWAP_BjflHpIzsFFriTheta91IRqKcnfcQhi8nlWBJROgTwWi54FfCC; report-to cf-csp-endpoint
access-control-allow-credentials: true
cf-ray: 76878c286a685c26-FRA
swagger-api-docs-url: /playerapi

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 74ms
26ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 251587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:06:09 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 79ms
35ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 251587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:06:09 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 64ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 251587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 16:06:09 GMT

GET
H/1.1 200
OK / Show response
wchat.freshchat.com/widget/ Frame 7581 5 KB
3 KB 228ms
110ms Document
text/html 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

9db60c18679626551b869bd24471654d7012af2a8e430162197111c93301307a

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Fri, 11 Nov 2022 13:59:16 GMT
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified: Thu, 27 Oct 2022 11:43:31 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
served-by: 4082
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 1277f91f-a9ba-4918-9f0f-5b59e40710b4
x-server: 4082
x-trace-id: 00-a9e6698b259074f2b8ff212c8239c9b6-9cc809cddac72f48-00
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK widget.css
wchat.freshchat.com/widget/css/ 8 KB
3 KB 117ms
116ms Stylesheet
text/css 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/widget.css?t=1668175156621

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

a9ec88f31255fb6b754bd738328cc171db125c21e21d65dcb3a6b9c8f1109dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 86a4ee57-4c46-47c4-aaa7-de80d68cd36f
x-trace-id: 00-072b332693ffac3324cdfc2c44fd370e-13e4f1dad76b865d-00
served-by: 4082
last-modified: Thu, 27 Oct 2022 11:43:31 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 4082
expires: Sat, 11 Nov 2023 13:59:16 GMT

GET
H2 200 pica.js
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame B44B 20 KB
9 KB 46ms
45ms Other
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d575ba8514843c0e6044d5d988cca4febe773b31afb19f3a7a5f1d979255d8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76878c29bd665c26-FRA

POST
H2 200 mon Show response
pok.monicaatron.com/ 0
149 B 33ms
33ms XHR
application/json 2a05:d018:56f:b802:834:8d0e:be2f:5ebe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pok.monicaatron.com/mon
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://secure.gratowin.com
date: Fri, 11 Nov 2022 13:59:16 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 120193525 Show response
click.power-ppp.com/traffic/update/Platform/ 0
98 B 70ms
70ms Script
text/html 147.78.140.9
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://click.power-ppp.com/traffic/update/Platform/120193525
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.9 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76878c2afdebbbad-FRA
content-type: text/html; charset=UTF-8

GET
H2 200 invisible.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 86ED 34 KB
16 KB 61ms
61ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f649b0f230fcfe18e5ddf9f5d74e6141ce5fbdfb52fa6db7a9e2341068fb53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:16 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76878c2b09535c26-FRA

GET
H3 200 Visitor_MondayCashback.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 173 KB
173 KB 208ms
175ms Image
image/jpeg 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_MondayCashback.jpg?v=95
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c10a25f5ffe29da709e31f970db2b79358a26ad7cccb04794980d66b32a2af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduo0N5L4SDDBBxo6I8Lv91PXAoS7slwJhRUng53M3N9DTOc6jF_R4ChG4aOIYkYivQ68Bsmap_5tdLpTztbxAZZTA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 176678
last-modified: Wed, 15 Jun 2022 09:48:57 GMT
server: cloudflare
etag: "d5accc4f4eb858a794dfe16f54b2c3d1"
vary: Accept-Encoding
x-goog-generation: 1655286537052766
content-type: image/jpeg
x-goog-hash: crc32c=DzlU0A==, md5=1azMT064WKeU3+FvVLLD0Q==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQgOXmNT8pRuB%2Fp64yyELz6MVh9%2B%2BQjR48xsAuKq2iypbeKOFNSVDRfEeY2lkx3NlFM6l3EbQUOR0SpyAC2GdSsr4Z7gtbde8Vl%2FwcLCPe9%2FbeBe%2FFO7CC8c4t5yz42lvcu0kU7p0H7rCxIIi6t1ACNxTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 176678
accept-ranges: bytes
cf-ray: 76878c2b4fbd9c06-FRA
expires: Fri, 11 Nov 2022 14:30:37 GMT

GET
H3 200 Visitor_AladdinFridayFun.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 158 KB
159 KB 76ms
46ms Image
image/jpeg 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_AladdinFridayFun.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93344d8fddeaba2080e60d2484f8299dcbfcde24db3dfae88df2906b883d24f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdstUA48jnVOCOlrR6ZjUf9he2skAGMSHhwQ6hcBZe18qzCNOvHvYe3UWvXn6NYr8pJodugltcqwaB5EmsW8Gv814w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 161985
last-modified: Sun, 19 Jun 2022 10:18:26 GMT
server: cloudflare
etag: "62ea522e6f3dc1cc936d42c227403b18"
vary: Accept-Encoding
x-goog-generation: 1655633906099855
content-type: image/jpeg
x-goog-hash: crc32c=Xl6s4Q==, md5=YupSLm89wcyTbULCJ0A7GA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrCjvS6dvnsm9LkXXU4E94cRq3tXBaUheqj%2FrEH94wz%2FmVfr0w8RXZVXQPFm57YsPgXCRFszDpKZqCrsYpe9%2FF9S6F0Jixz0v2sn%2Bc3mKJohJJgUQ3NTfnF3x3vNtpy4gApdFctwfbx%2FoWIIrY29MB8Umg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 161985
accept-ranges: bytes
cf-ray: 76878c2b4fb69c06-FRA
expires: Fri, 11 Nov 2022 14:30:37 GMT

GET
H3 200 Visitor_slider.png
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 176 KB
177 KB 170ms
141ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_slider.png?v=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4bc35db2630f2ff5578686d0661c036b4bf373362194ce12d16b658874373f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvcPnGwG0r0NzR3DREgJVs7lILXgKH4qEAtuhQpvzC7piys5Ktw_W_GPXr6yd93bn8ksNfq6whcKqRmZ55PrDMTIg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 180140
last-modified: Thu, 23 Jun 2022 14:21:55 GMT
server: cloudflare
etag: "39e8e32b70dfe5da446603a9447c4141"
vary: Accept-Encoding
x-goog-generation: 1655994115260083
content-type: image/png
x-goog-hash: crc32c=P6IK2g==, md5=OejjK3Df5dpEZgOpRHxBQQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsbDc4ZplI3BJspKRhv1gs3DSv3pVhyXvGidRaSqoSmIU6lkjvhTQUlrqafMwjVUnFo18Tyf%2FZyUjdza6iQhOPTLTfmgeRh5hzwYKaXV39lSJzghca6LgenFyPdoYu7lM3Ja7JoXahUcmpJFPwvn4Guw1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 180140
accept-ranges: bytes
cf-ray: 76878c2b4fba9c06-FRA
expires: Fri, 11 Nov 2022 14:30:37 GMT

POST
H2 200 mon Show response
pok.monicaatron.com/ 0
39 B 34ms
34ms XHR
application/json 2a05:d018:56f:b802:834:8d0e:be2f:5ebe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pok.monicaatron.com/mon
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://secure.gratowin.com
date: Fri, 11 Nov 2022 13:59:17 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=987200809&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F&dp=%2Fvp%2Fopen-popup%2FRegistration_Form%2F%3Fusertype%3DVisitor&ul=en-us&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEABAAAAACAAI~&jid=&gjid=&cid=982017774.1668175155&tid=UA-27702367-6&_gid=337736107.1668175155&gtm=2wgb90KSBWD3B&cd1=NA&cd2=Visitor&cd3=%2Flobby&cd13=8&cd14=production&z=1123929275

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40606
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 76878c25cccc91d8 Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame B44B 2 B
359 B 59ms
58ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/cv/result/76878c25cccc91d8
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 13:59:17 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 76878c2e29325c26-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 23 KB
4 KB 108ms
24ms Stylesheet
text/css 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:55:55 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 203
x-amz-server-side-encryption: AES256
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 4IqbzChtYGeWV9MsoelbXE2I9mYeb0hpC6IiWlsDDBRjBj6qfzO6RA==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 0
419 B 109ms
25ms Stylesheet
text/css 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:56:58 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: cDv6BN4Mv2gRla3T6H9ZgquZ7KDTFhMJwq7eXg8XGAesU0F73xTGtQ==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 vendor.3474f8e0dcdb6126f26894076afa40d6.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 684 KB
181 KB 112ms
28ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:58:15 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 63
x-amz-server-side-encryption: AES256
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: Lt_mLqHiumqq79uQinMyEGN1BflmIpEib0LDB50S2NBQ-qJQOCCBIg==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 pica.js
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 86ED 23 KB
11 KB 31ms
31ms Other
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96af8a70ce78096fddf75aba6adab45115ddb72d2bb0207dd4be51f32d2b359f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:59:17 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76878c2f2b9e5c26-FRA

GET
H2 200 3799.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 772 KB
178 KB 27ms
27ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/3799.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:57:30 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 108
x-amz-server-side-encryption: AES256
etag: W/"8180076189d919f05b9c73b7c659821f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: QB7Oa4VI9w4UD3ojzq8C19PmZeLBYM5HTycws73-OQiZObF2KPEMbw==
expires: Fri, 27 Oct 2023 11:43:31 GMT

POST
H2 200 mon Show response
pok.monicaatron.com/ 0
16 B 37ms
35ms XHR
application/json 2a05:d018:56f:b802:834:8d0e:be2f:5ebe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pok.monicaatron.com/mon
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://secure.gratowin.com
date: Fri, 11 Nov 2022 13:59:17 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 76878c23ef6a91d8 Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 86ED 2 B
339 B 68ms
67ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/cv/result/76878c23ef6a91d8
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668168000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 11 Nov 2022 13:59:18 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 76878c33ad7d5c26-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 chunk.03f3df90722c1394db69.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 229 KB
25 KB 25ms
24ms Stylesheet
text/css 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.03f3df90722c1394db69.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:55:19 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 240
x-amz-server-side-encryption: AES256
etag: W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 5j0JIesSz-5AC1asMpMI1XsT3h34KPDI_yelaTBxPEnhnV3vMMzIoQ==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 fd-messaging.76925d88901c00a60140.css
assetscdn-wchat.freshchat.com/static/ Frame 7581 229 KB
25 KB 26ms
26ms Stylesheet
text/css 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.76925d88901c00a60140.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:55:19 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 240
x-amz-server-side-encryption: AES256
etag: W/"d7b50c07b9248a5b3580e8673cc25c3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: IpYXwl_TEk6ojC2TGNbSnGSY2IpgkPrCOF7Pq1aEUPqleaK5h9MpvQ==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 fd-messaging.209997153977a3450524.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 701 KB
125 KB 25ms
24ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ee0d6b99fcd6f566986027fe8c17b1cfb0f7be39902aba77462706f146e489d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:55:50 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 210
x-amz-server-side-encryption: AES256
etag: W/"d8bb49791cc92b503bd002c7e52e51c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: HzZhrDm4Wiz60_deu7-jVXN-5W-Uw1L2_RzWR9AzzslsdR3CLMiTiw==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame 7581 81 KB
25 KB 128ms
37ms Script
text/javascript 18.64.103.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-20.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 87a1aa02b647d523b00af6888415dc564041142a4bd209c8c0bce33232fea9c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: RDFAcOWcHIDM5TRInT6y6Oc4hGITxrCg
content-encoding: gzip
via: 1.1 da38961a461b7c877fd77dd3469eb304.cloudfront.net (CloudFront)
date: Fri, 11 Nov 2022 13:59:14 GMT
last-modified: Thu, 06 Oct 2022 14:49:36 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P3
age: 5
x-amz-server-side-encryption: AES256
etag: W/"57c5de3cefd353890905fd8554262dd0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: jn_q8O74eKw7wDVLe_yahC94EPvUSsQKY2FivfeWVB8paNUighlrmw==

GET
H2 200 chunk.b119e44805094a7aec07.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 5 KB
2 KB 25ms
24ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.b119e44805094a7aec07.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76757ef678e74510673670f253fea1f89b87712c316ef719a697c7f6ddae04ee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:58:41 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:34 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 38
x-amz-server-side-encryption: AES256
etag: W/"c3f55e7ce3b1831b8a76f54950653df2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 3yCQE4KKCaswG8A29GBpvzD2IjG-3giuLa-1mChJ6Rqm9aV0i0Feow==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 chunk.f0e50d864072128887fc.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 11 KB
4 KB 24ms
24ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:56:14 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 193
x-amz-server-side-encryption: AES256
etag: W/"1ae4407b7afcc2dc550f4d597659d448"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 89xYsnkJu3xsrYSjjuhQ8SvY3zRUyLeOX-IFLXoGPYvBqscP1DKZ4g==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H/1.1 200
OK config Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/ Frame 7581 1 KB
3 KB 120ms
119ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/config?domain=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

d43fa30e6853cb9350e0f3c53e533cd0cb12ecb94047505c2cab0bb8aab6e15b

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:18 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 14
Connection: keep-alive
Content-Length: 1384
x-xss-protection: 1; mode=block
x-request-id: d87ad0c0-142a-4345-afdf-09b6be436606
x-trace-id: 00-fb8e1ef33bbfd8f15b1413431d51395d-fe72460619db2b97-00
server: fwe
x-ratelimit-remaining: 2999
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 9886
x-ratelimit-limit: 3000

GET
H/1.1 200
OK co-browsing.js Show response
wchat.freshchat.com/widget/js/ 26 KB
9 KB 106ms
105ms Script
application/javascript 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 34ca44cd-d920-46de-a12b-856c45b7d5b4
x-trace-id: 00-ea24459689fb5c75ae45921cda226847-9bb3c5c0e773ad16-00
served-by: 5323
last-modified: Thu, 27 Oct 2022 11:43:31 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 5323
expires: Sat, 11 Nov 2023 13:59:19 GMT

POST
H2 200 mon Show response
pok.monicaatron.com/ 0
39 B 33ms
33ms XHR
application/json 2a05:d018:56f:b802:834:8d0e:be2f:5ebe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pok.monicaatron.com/mon
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://secure.gratowin.com
date: Fri, 11 Nov 2022 13:59:18 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 4 KB
5 KB 25ms
24ms Media
audio/mpeg 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 11 Nov 2022 13:55:21 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 237
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Thu, 27 Oct 2022 11:43:36 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: munF5zz5vxd-YAtZLITJZtPKTuwr7_FKX9TfjQW_Bq0YlKhFrjTtmw==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H/1.1 200
OK user Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/ Frame 7581 63 B
1 KB 107ms
106ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/user?siteId=GratoWin

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:19 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 63
x-xss-protection: 1; mode=block
x-request-id: 25fcc0df-8cb4-45be-9ca7-18d2de84561c
x-trace-id: 00-a743134aa56c129c90dbc683b539f86c-86f399b9ce70ea9a-00
server: fwe
x-ratelimit-remaining: 2998
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 2601
x-ratelimit-limit: 3000

GET
H/1.1 200
OK cb.css
wchat.freshchat.com/widget/css/ 1 KB
2 KB 105ms
104ms Stylesheet
text/css 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/cb.css?t=1668175159072

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/js/co-browsing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: f35fed61-d8b5-97f1-86eb-f4472c07c09e
x-trace-id: 00-c03d194573fde3c513f7b31f7b8625d6-8de394ca5b1c2499-01
served-by: 9886
last-modified: Thu, 27 Oct 2022 11:43:31 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 9886
expires: Sat, 11 Nov 2023 13:59:19 GMT

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/ Frame 7581 25 KB
4 KB 147ms
147ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

7f6ec470a3f525c1d4de936f19a0052c4471e0785a8a9bfdde49305adcaf9a8e

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:19 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 41
x-status: EXPIRED
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: c9925a85-ee84-43e8-bf28-2a93a849c4c4
x-trace-id: 00-034a230d44b6a0d1c37f750a2bdcc661-e453ec7d2e5d4b38-00
server: fwe
vary: accept-encoding
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 6714
x-ratelimit-remaining: 2997
x-ratelimit-limit: 3000

GET
H2 200 chunk.9daef4e830649c91f208.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 59 KB
14 KB 25ms
24ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.9daef4e830649c91f208.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf37af79a0e439fa1afbac743f72d0cfba2a0480757df4bb1f54866cd4a2b6bc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:58:25 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:34 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 57
x-amz-server-side-encryption: AES256
etag: W/"075d1dd3ba053bae8a27786d44e84c2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: lOr26fKD3-W12_jRfnXX84UfvqWxtuhSZmD42nHv5R-PNYm4mPLpRA==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 chunk.06dbc6116583eb762379.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 267 KB
46 KB 26ms
25ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.06dbc6116583eb762379.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f523bf3997717186673e604d4e19a2abd7402105845f4d0d73fed5210064f5ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:56:44 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 159
x-amz-server-side-encryption: AES256
etag: W/"f19eb03b66e354125c83d121670d685d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: t-myg9wY99TdfGLsVmM4xIMnAo9ndTJeHsfmO5H21YzJGdo_aVrinQ==
expires: Fri, 27 Oct 2023 11:43:31 GMT

PUT
H/1.1 200
OK activity Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/user/b28970a9-a03f-4b1b-8b40-9b1cbc94c0bc/ Frame 7581 17 B
1 KB 109ms
109ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/user/b28970a9-a03f-4b1b-8b40-9b1cbc94c0bc/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/3799.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:19 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 3
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: 8dc42a00-629f-4b75-b324-689d070acbc2
x-trace-id: 00-a24d7911988a64aa441c215d3b48d911-89791df3bd5de293-00
server: fwe
x-ratelimit-remaining: 2996
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 5323
x-ratelimit-limit: 3000

GET
H2 200 index.html Show response
438961925528018.webpush.freshchat.com/ Frame DB9F 30 KB
7 KB 493ms
414ms Document
text/html 18.66.248.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-96.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 11 Nov 2022 13:59:20 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
x-amz-cf-id: uwx3zXYkjXRcJADEaU1V3mFFw98FEeQRH2Y66BvtqTm7U_yxzjWOJQ==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront

GET
H/1.1 200
OK category Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/faq/ Frame 7581 209 B
1 KB 112ms
111ms XHR
application/json 54.88.197.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.197.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-197-161.compute-1.amazonaws.com

Software

fwe /

Resource Hash

c8aa896498905e895432c01524ab46c24905057d2074aa7139ba3aa4bbf221e4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 13:59:19 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 9
Connection: keep-alive
Content-Length: 209
x-xss-protection: 1; mode=block
x-request-id: b533f7b8-5fa2-4edf-b67e-7356ddd8d7e3
x-trace-id: 00-db3f1229618347ee1cf062e989114873-d1ee62ccceca80c5-00
server: fwe
x-ratelimit-remaining: 2995
report-to: { "group": "nel-endpoint-freshchat", "max_age": 60, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
Content-Type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 6714
x-ratelimit-limit: 3000

GET
H2 200 8627.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 16 KB
3 KB 26ms
25ms Stylesheet
text/css 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/8627.css
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:56:14 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 186
x-amz-server-side-encryption: AES256
etag: W/"20f054b8b45ccd177447feada77d0895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: wFZWBf5AqfsHKqliL9lp_EBVghcfDUER4PG_pHZxw5yr5lbmxWqVsA==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 chunk.628a675083b43474a40b.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 137 B
578 B 26ms
25ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.628a675083b43474a40b.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49c3013edf1418bbf91a918d399e49717da0543a72c2c7a9e6964063dd94dea8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:58:27 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 53
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 137
last-modified: Thu, 27 Oct 2022 11:43:34 GMT
server: AmazonS3
etag: "09f1bb696676dad184d04bb7b3602926"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: SuQiWem0RY5xFxUEg2qhdP-Hxp5EezJOnkkQIGiyJ_D0T6AjKny6Mw==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 chunk.11d90f755164bc5505e0.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 48 KB
14 KB 27ms
26ms Script
application/javascript 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.11d90f755164bc5505e0.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.209997153977a3450524.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88d243f25253d432a1c21a5a8baa8c9252c0f2a5586543b7935d2ee9fbe39d50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:56:33 GMT
content-encoding: br
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 11:43:33 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
age: 169
x-amz-server-side-encryption: AES256
etag: W/"123f4c9f2c2093fb886435e7016642c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: RYkkZsPKFGfJXe5C6arMAK_pCgK4f5eTD66w_4WRadscbBH0WgVqOg==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
BLOB 200
OK 9efa5e08-dd38-482c-8704-786cc38f94b1
https://wchat.freshchat.com/ Frame 7581 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/9efa5e08-dd38-482c-8704-786cc38f94b1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 152

GET
H2 200 freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame 7581 663 B
1 KB 25ms
24ms Image
image/svg+xml 13.226.153.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-153-62.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 13:57:19 GMT
via: 1.1 91528fdf97ef415d04fa66a0fbb562d6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 663
last-modified: Thu, 27 Oct 2022 11:43:35 GMT
server: AmazonS3
etag: "cd452acf4efb05843ef7575e5a9de756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: vyV7J0j0uKAiFvZ_YihS65TQqw2KPn85ZoAEO-fWnc1_WT4tJgIroA==
expires: Fri, 27 Oct 2023 11:43:31 GMT

GET
H2 200 fc_logo.png
438961925528018.webpush.freshchat.com/ Frame DB9F 4 KB
4 KB 25ms
24ms Image
image/png 18.66.248.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://438961925528018.webpush.freshchat.com/fc_logo.png
Requested by: Host: 438961925528018.webpush.freshchat.com
URL: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-96.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:36:23 GMT
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 66179
etag: "e87df9f10dcf497ae292dc234200465c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: -Qk2BEpLrzGomHZwGtLPw04MnNte3xmZxpJWPGqNai6vQL29wHQMSA==

POST
H2 200 mon Show response
pok.monicaatron.com/ 0
39 B 33ms
33ms XHR
application/json 2a05:d018:56f:b802:834:8d0e:be2f:5ebe
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pok.monicaatron.com/mon
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a05:d018:56f:b802:834:8d0e:be2f:5ebe Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.gratowin.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://secure.gratowin.com
date: Fri, 11 Nov 2022 13:59:20 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=null&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
l1l.pw/	1970-01-20 16:08:31	Name: vid Value: 35344704
l1l.pw/	1970-01-20 07:22:58	Name: 10f0998ce436cb7bdb9431ae15842848 Value: 1
record.gwnetopartners.com/	1970-01-20 16:08:31	Name: VID1 Value: KC0jMFYuMzxXLTM0YApgCg%3D%3D
.gwnetopartners.com/	1970-01-20 16:08:31	Name: ZBan Value: 06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk
click.power-ppp.com/	1970-01-20 08:06:07	Name: Click_5bc7025150425 Value: a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%2211133%22%3B%7D
click.power-ppp.com/	1970-01-20 08:06:07	Name: Count Value: 1
mpsnare.iesnare.com/	1970-01-20 16:08:31	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 0A/pNsJ8T5XnVfJTKLrPogcP4cBOxl+atxPO4ZSAYXE=
secure.gratowin.com/	1970-01-20 16:58:55	Name: redux-cookie Value: %5B%5D
.gratowin.com/	1969-12-31 23:59:59	Name: playerType Value: 0
secure.gratowin.com/	1969-12-31 23:59:59	Name: registerState Value: returning
.gratowin.com/	1970-01-20 08:06:07	Name: url_affiliateId Value: 9017
.gratowin.com/	1970-01-20 07:32:59	Name: url_ABClicks Value: 1
.gratowin.com/	1970-01-20 07:32:59	Name: url_CID Value: 115922140
.gratowin.com/	1970-01-20 07:32:59	Name: url_Inc Value: 120193525
.gratowin.com/	1970-01-20 07:32:59	Name: url_LP Value: 746
.gratowin.com/	1970-01-20 07:32:59	Name: url_affiliateID Value: 9017
.gratowin.com/	1970-01-20 07:32:59	Name: url_flow Value: register
.gratowin.com/	1970-01-20 07:32:59	Name: url_media Value:
.gratowin.com/	1970-01-20 07:32:59	Name: url_netoClickId Value: 636e55325e0f95c441c2645c
.gratowin.com/	1970-01-20 07:32:59	Name: url_payload Value: 26488
.gratowin.com/	1970-01-20 07:32:59	Name: url_pg Value: 1
.gratowin.com/	1970-01-20 07:32:59	Name: url_referrer Value:
.gratowin.com/	1970-01-20 07:32:59	Name: url_shorten_link Value: 5bc7025150425
.gratowin.com/	1970-01-20 07:32:59	Name: url_shorten_target Value: 11133
.gratowin.com/	1970-01-20 07:32:59	Name: url_affiliateToken Value: 1
.gratowin.com/	1970-01-20 07:32:59	Name: url_affToken Value: 06GlpFR_QTUcyW9K1p-cHGNd7ZgqdRLk
.gratowin.com/	1970-01-20 16:58:55	Name: _ga Value: GA1.2.982017774.1668175155
.gratowin.com/	1970-01-20 07:24:21	Name: _gid Value: GA1.2.337736107.1668175155
.gratowin.com/	1970-01-20 07:22:55	Name: _gat_UA-27702367-6 Value: 1
.gratowin.com/	1970-01-20 09:34:19	Name: _cq_duid Value: 1.1668175155.hw2mMLcO2tBF0gMV
.gratowin.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1668175155.SjEqc7YLGOg1HhbS
pok.monicaatron.com/	1970-01-20 15:26:45	Name: cg_uuid Value: c5a919d7edca77ada993ea9ecb1f1470
secure.gratowin.com/	1970-01-20 16:58:55	Name: locale Value: %7B%22lastSavedLocale%22%3A%22en%22%7D
.secure.gratowin.com/	1970-01-20 16:08:31	Name: _fw_crm_v Value: 56cc2eb8-587c-47a8-c499-a0ce980b482a
.secure.gratowin.com/	1970-01-20 07:22:56	Name: __cf_bm Value: w1x.ZD3B5ii.R4FmiynBcE2aXYde49UFdVkcZ01Cayc-1668175158-0-ATyxYxiFLtzPKbTwViOwl0AC4hFQQ3nPNOM6t7hQypGi6r07wDCaff9r0t3BUE/gwCT0a8QEJh4fXehw64PWjcXKaVlaB6sHJJCvLKZ8NWRfT8Zkd74i7OXG/rdg9OmCNA==

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.gratowin.com/undefined/brands/null/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.gratowin.com/undefined/brands/null/right-background.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.gratowin.com/undefined/brands/null/left-background.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://script.crazyegg.com/pages/scripts/0078/6704.js Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

438961925528018.webpush.freshchat.com
anakatech.uat1.evo-test.com
analytics.streamygame.com
assetscdn-wchat.freshchat.com
click.power-ppp.com
cms2.gratowin.com
cms2.netoplaycdn.com
d2afn796dyftlg.cloudfront.net
eue.monicaatron.com
fonts.googleapis.com
fonts.gstatic.com
ga.streamygame.com
l1l.pw
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
pok.monicaatron.com
record.gwnetopartners.com
rts-static-prod.freshworksapi.com
script.crazyegg.com
secure.gratowin.com
storage.googleapis.com
wchat.freshchat.com
web-sdk.smartlook.com
www.google-analytics.com
www.googletagmanager.com
storage.googleapis.com
13.226.153.62
147.78.140.52
147.78.140.54
147.78.140.9
18.64.103.20
18.66.248.96
2600:9000:2057:2c00:19:2a6:6500:93a1
2600:9000:2315:8200:c:2c6b:3900:93a1
2606:4700:3031::6815:18a7
2606:4700:3035::6815:3476
2606:4700::6812:acf
2606:4700::6813:9308
2a00:1450:4001:808::2010
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2008
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a02:6ea0:c700::19
2a05:d018:56f:b802:834:8d0e:be2f:5ebe
2a06:98c1:3121::3
54.228.71.178
54.88.197.161
87.246.163.84
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
068b6bee16a46a62f0204552bb3fd2f914dc8bd4cfb439fdad84c470b3ea5b36
07bdc83a52df59d810bef733e5c3b869f596f55b748539c2043bcd42cf40bec0
07c35e512149ad1a8be5a7fb9672da7ec67fa0c329432a6e5a5fd7788f90b6e3
087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b
0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362
0b1182c43d8e2d9ad2bf4d160d19a5f385047c4a0f88b05332140308d458390d
0b6ee5642e247392075c40330df8d51d04005266b70e50e29a988998dde3a459
0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3
0ebb87df614d24d505185917fb3b26027f914fe0aed27df37fa5147316ad6787
12fbe4645768d7523178517ffcaf9773204dac1956b74723b93353b8ebf27338
1431162c77266235f21cf9bc3865ef40dd41c1c2c0f8f205c0c5c7dc8fec778b
17001aa0a8eb7c800393a5368355d4cfc3d67d7ce9cd5d60aa6f8a689eb90183
17ce54eee19edef849cbc70f4ab340a4fad359219925b51cc0c5a19933a0cd57
188a39edf5a34ba8b4ff33a5fe4028315ced390917c7002ebfeb3c363d4df014
1ce8e325301163f3b2fc443b0e52fd57130e486da7149622abd20c6101e20c4e
1ee0d6b99fcd6f566986027fe8c17b1cfb0f7be39902aba77462706f146e489d
1ff8f0c174db748442f0760616142b2f6e4f1d9bbb03078a45b6f143c65c2fee
200d2aa85fb27867b01a2dfccfde12e46deede7e54473f20dbcb447f71bbf703
22e7337c994a1cd7b0f534cd7a21ec765ed53a6fe3636fb8c6838bcd0994b0e0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27675ea031f0d8c57d6be647474797e75fea9270f941d47c6411aada4f18045d
27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048
297e3949449cf71811071187877b2d0232599df04f6431bd0df479d6c8cfa180
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c
2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6
330ebd7c8983ac1ddd4d31dc45ad365c55c85efc17addb97a4937095c01ce8f5
36c10a25f5ffe29da709e31f970db2b79358a26ad7cccb04794980d66b32a2af
384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031
3b796222d4d2609f2f03be081727632c910be3fc50f2836968850de194b18745
3ddb16f8af70ac8dbd3dd8df6ffc7c6a19a2ddb80c9926f3dd46a91781b2bc24
3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866
4022fcd71fc9cd5ea700911970e7a592b086c5bd47f906a3ff85227c0d531c9c
43f649b0f230fcfe18e5ddf9f5d74e6141ce5fbdfb52fa6db7a9e2341068fb53
462c2fdf29d6d8a845147098b8018eb0c6721811ea5f3fb3b064d38444fe87cd
46e6c85007cc8380c6fd8fc1c5e990341d544429a273539ccd5161ffee04fcd5
47e0491532608bf09394cc3cd209c4920173cfaa6e02d7d8994478f44dc5f0cd
486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b
48a134462a1251b71b1d5b1f5637362c79bcf549cbf055ece97ffa9379bebdcc
49c3013edf1418bbf91a918d399e49717da0543a72c2c7a9e6964063dd94dea8
4ae0496f387bedf969317129bf163f1b8d7863fc41da549097d81c3f718a34fb
4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0
4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7
5f81c733603f1510eb54a44877a5a0ac91af987b5d301916773090a287412647
63b3ee24f6efe1c85cffab7f293a66ba15378223cbbd6afe95fbcefb766e24c4
63d5dc678d9ffff5d8bb6288ebed31c973f904f78498acdec4d7a8dc1b2fca3a
6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5
6a251f5e969098aff7ea57994fc4f33085b6541037eb9ff5d930653f35860189
6aae23685ad6563cbbb3e33632fb29c31078254370c57be634b7a80f173ce708
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be95d333e3058c6d1a25cff241c561a4ec61e4370500b2b872b6da74a4ab29d
6e88b451a65908ecf2d5c5c2a87c2e4b7f54d0d0b5c364f9eb17dd2000a9c867
71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a
7304d86d7c6c039699667162fe39abeb7d531f7f6acba2619a885d39a59ff6c5
74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9
754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6
7592f557ccef92c4ed1960c97ec10e098d49008a6f8cb0717453b87d42f5bf56
76757ef678e74510673670f253fea1f89b87712c316ef719a697c7f6ddae04ee
7802d1473dc2f606f3ef5c413bd94332d4b54c0db46d81dac822c3901b322df5
7b73da20b1f30c7ab6d927eb975f42a172d016f7690bce5abd5082feb73cad23
7bc364554159c5ace8fbae0965ff955753855fbf7c0238ba5acbbe46af0d6ba3
7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924
7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
7f0d44d47275fb3b3e130875e1d235173d55126ff9b62c4982d03a3eb173931e
7f6ec470a3f525c1d4de936f19a0052c4471e0785a8a9bfdde49305adcaf9a8e
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85bbd76dda4b08d644306cfe57ea6870ee5f208aa5550b644ac2cb834b5b92fb
86239e53fea737f2be4b5ad4249ba9e4574f3a5f29cf708630d8163ed56b5c54
87a1aa02b647d523b00af6888415dc564041142a4bd209c8c0bce33232fea9c8
88d243f25253d432a1c21a5a8baa8c9252c0f2a5586543b7935d2ee9fbe39d50
8967bb1e45a846acb8c1d1d953a65a65a7ac2ee4a67cf6ca608186e3f59a4388
8a0e3d7ad35501062f2b9632e7880f2ff9b3a38647d303f87a31bc86552d861d
8b6659e42a82f6cc4c326142b361755aa8b6119e78b7fb83c017361da7b407f7
8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2
8fe198199fc88325c116d73a6de560919c6dbd00eea5a7e5bd8cf5a3f01d4818
931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215
93344d8fddeaba2080e60d2484f8299dcbfcde24db3dfae88df2906b883d24f1
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb
94439ce51d3eb2aaea835d40996d194f4c7b8aa3af7310161a90526d10843137
9448ebe31f31f5d30a90e19e035fb88fae6a9b1c774bb4a62b43f37867713306
9522f06273f78d21fff2f56b7a3ff41d77a705ededacbfba7e8044436c17743d
96af8a70ce78096fddf75aba6adab45115ddb72d2bb0207dd4be51f32d2b359f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d
9d575ba8514843c0e6044d5d988cca4febe773b31afb19f3a7a5f1d979255d8c
9db60c18679626551b869bd24471654d7012af2a8e430162197111c93301307a
9e4bc35db2630f2ff5578686d0661c036b4bf373362194ce12d16b658874373f
a0205a3f4fbb415e135f905d147d0bab53101c5f3bee04c24c81958a7cc6045f
a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6
a114bca175a4dcf455ee2b5dcc9df6e39077cd0ed52e48c297efac2c837c35bb
a1f94145801e9c75b596991161163237251c7e3e8e9321d95425897164f4d5bc
a23594bf288597e328514af60f0c11c542167e50fbdeb2be055d0392e8e9d29c
a2aa104d95fd000bb2d6d4f3f9fdb2e88ee6092a22bf892eb38a02c05ae2c141
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a48bb649b47cc5f6158ee225276553a64d7227daffae8c9218ea4871265731af
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
a9975ab224e45cd21e6c446234577ba824e9214673a4b9376297a0b0e87e4de8
a9ec88f31255fb6b754bd738328cc171db125c21e21d65dcb3a6b9c8f1109dc0
aa9a1dad97051fd4567d4822108bd49994d47c5c07043cf09a4c4c959b5efa4f
ac220b6b5ba495c19af6fe74c278c9d4638dc14841a58bce273ea5cdc1b43528
ae6ccbecb882f3edc3f742a60a60d75d93c9ffa2d3039cfdb5e1b900bd307e85
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666
baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca
bbd039d1d5621472a25b228ca3f48c08aef9cabf180e982530cd84a3abc04555
bbe4e66132ca8ee028c844abfc0ab6c6e8490cd3171f5e7181dbe17ae6adce25
bd77d85cc719bb6675abad344ae7bf39820775b384bdaaef26ae31e0cf283a74
c056e1acd999d799c48f5b6c19ae662043900459e8adf37d7b96264164a9fbfc
c1654ffc9517eac6a8465347cc574e70fd552b9f621330d46f21bd1d17bffd71
c21ac0bbb27a457552858b53c117acc699665377f80e292970c9c56f7306dadc
c31180d2c49fe6cf169ab806293b099975605ec8771a1015ef893a551b0c68d4
c4c5f23e836cb6037f657e883c28f76ea4a587c1df83706e2468a3d6f20505ef
c8aa896498905e895432c01524ab46c24905057d2074aa7139ba3aa4bbf221e4
cf37af79a0e439fa1afbac743f72d0cfba2a0480757df4bb1f54866cd4a2b6bc
d43fa30e6853cb9350e0f3c53e533cd0cb12ecb94047505c2cab0bb8aab6e15b
d53ae31112aa2b41ea425f2702a7c5563a122d75b725d9f8dd18856d378210d1
d849225963e317e2b2a745c14cd800acec3fbd93a5f8b26ca3094deef15da296
d8cfd4ad458c4f9c9b78fbbf64b552d4a9a24a226039786f2a0409d768754960
da44324d9421e4ac73b1e56fe166bd8a51fa59fc512f2265b68020fb41c63a33
db97fa54c59105635eb62cec45d76ff7e6142674917545f54cd4fc9215df65d0
e37dd4fd3a0f781d702329d74b13ef3b16459394babe3367b96dddaf3b2e658f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178
e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590
ec387818cc9e2f2a6d96e4ce99c013aa94de5553980d93e5fa12b4515daada85
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f2d89df419e485367e2399d0d2474b49a8f607fe1bf7e338eabf67a2be2e92ed
f31a2bf1b8f72bad7377bad16c9d2ea2ed4ed35434926a5ab659559d8fd4b143
f3a3bad77018a615558340201b8d3a3ef4161786e11be214f99591cedf354066
f523bf3997717186673e604d4e19a2abd7402105845f4d0d73fed5210064f5ea
f52a85a0aebe0bf124d93f5bc99f5c59ea9a04170c8073373cae0e70a14a70e6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7e8c0838d21cf95ca8c25ac55696f1c10d99491e9c7fc606126ade7a3890918
fb30356afb32fb181406ee8e553ef3331c06ab3c5725cd8ac2dd557d5686684d
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fcdc5a2c897577bd56fd4acb50088f03dcf672b6781e1d8210c308d284d6e083
fe287b77f258f8ab1392024155e66bd07dbd3d16caa66c917e33d004ef8d0db0
fecf2d49f1501ed257517820737dd30ac677a727f7a926cd1781006e37b66071
ff4f33c28cd3477035b503fb39b248b8cf84eab7685ab73859bb27d35055e51e

secure.gratowin.com Open in urlscan Pro 147.78.140.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

99 %HTTPS

61 %IPv6

19 Domains

25 Subdomains

22 IPs

5 Countries

3579 kBTransfer

9325 kBSize

35 Cookies

1 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

99 %
HTTPS

61 %
IPv6

19
Domains

25
Subdomains

22
IPs

5
Countries

3579 kB
Transfer

9325 kB
Size

35
Cookies

175 HTTP transactions
1 data transactions